urlscan.io logo urlscan.io
SecurityTrails logo

kooora4lives.net Open in urlscan Pro
2606:4700:20::681a:1cc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.kooora4live.tv/
Effective URL: https://kooora4lives.net/home5/
Submission: On August 15 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 58 IPs in 10 countries across 53 domains to perform 492 HTTP transactions. The main IP is 2606:4700:20::681a:1cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is kooora4lives.net.
TLS certificate: Issued by E1 on July 28th 2022. Valid for: 3 months.
This is the only time kooora4lives.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
8 30 2606:4700:20:... 13335 (CLOUDFLAR...)
11 23.47.212.127 16625 (AKAMAI-AS)
1 23.47.209.169 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
15 142.250.186.66 15169 (GOOGLE)
2 205.185.216.42 20446 (STACKPATH...)
1 46.105.201.240 16276 (OVH)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 45.133.44.4 7018 (ATT-INTER...)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 192.99.8.28 16276 (OVH)
1 45.133.44.3 7018 (ATT-INTER...)
3 2a0c:5c81:514... 55081 (24SHELLS)
43 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 44 2a00:1450:400... 15169 (GOOGLE)
2 147.75.85.234 54825 (PACKET)
4 178.250.0.165 44788 (ASN-CRITE...)
1 8 185.89.211.12 29990 (ASN-APPNEX)
4 185.64.189.112 62713 (AS-PUBMATIC)
2 51.89.9.254 16276 (OVH)
2 72.251.249.9 32475 (SINGLEHOP...)
26 2602:803:c003... 26667 (RUBICONPR...)
2 3.125.201.50 16509 (AMAZON-02)
2 185.184.8.90 204995 (RTB-HOUSE...)
4 34.98.64.218 15169 (GOOGLE)
1 10 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 25 142.250.186.130 15169 (GOOGLE)
2 4 104.18.19.126 13335 (CLOUDFLAR...)
2 23.47.209.72 16625 (AKAMAI-AS)
112 2a00:1450:400... 15169 (GOOGLE)
10 142.250.185.98 15169 (GOOGLE)
6 8 185.94.180.125 35220 (SPOTX-AMS)
5 5 18.156.0.31 16509 (AMAZON-02)
3 6 52.17.82.33 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
2 66.155.71.150 13768 (COGECO-PEER1)
1 1 35.186.193.173 15169 (GOOGLE)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 104.18.18.126 13335 (CLOUDFLAR...)
1 34.96.105.8 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 35.227.252.103 15169 (GOOGLE)
2 2 52.208.181.213 16509 (AMAZON-02)
3 3 213.19.147.45 26120 (RHYTHMONE)
7 2600:9000:223... 16509 (AMAZON-02)
16 2600:1f18:1ac... 14618 (AMAZON-AES)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 185.86.139.115 201081 (SMARTADSE...)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 103.229.205.243 30419 (MEDIAMATH...)
1 1 2600:9000:206... 16509 (AMAZON-02)
1 141.95.98.66 16276 (OVH)
492 58
1    2606:4700:3030::6815:4c13 (United States)

ASN13335 (CLOUDFLARENET, US)
www.kooora4live.tv
1    2606:4700:3032::ac43:a1bf (United States)

ASN13335 (CLOUDFLARENET, US)
kooora4lives.com
30    2606:4700:20::681a:1cc (United States)

ASN13335 (CLOUDFLARENET, US)
kooora4lives.net
www.kooora4lives.net
11    23.47.212.127 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-212-127.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
api-public.addthis.com
1    23.47.209.169 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-169.deploy.static.akamaitechnologies.com
z.moatads.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
2    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
10    2606:4700:20::681b:4171 (United States)

ASN13335 (CLOUDFLARENET, US)
www.kooora4live.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    45.133.44.4 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.aplhb.adipolo.com
10    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
1    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
1    192.99.8.28 (Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net
s4.histats.com
1    45.133.44.3 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
player.adtelligent.com
3    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.aplhb.adipolo.com
43    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pagead2.googlesyndication.com
7    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
44    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
8    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    72.251.249.9 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
26    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    3.125.201.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-201-50.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adipololtd-d.openx.net
us-u.openx.net
10    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
15    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
14    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
25    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
2    23.47.209.72 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-72.deploy.static.akamaitechnologies.com
sync.teads.tv
112    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
8    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    52.17.82.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-82-33.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    2606:4700:4400::6812:230b (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    2a05:d018:d29:3601:3405:9d23:f6a9:4d9c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    52.208.181.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-181-213.eu-west-1.compute.amazonaws.com
match.360yield.com
3    213.19.147.45 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
7    2600:9000:223f:1000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
16    2600:1f18:1aca:4281:1513:7870:1516:401d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    103.229.205.243 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2600:9000:206e:9e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu
id5-sync.com
Apex Domain
Subdomains		 Transfer
112 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 289
2 MB
93 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
609 KB
63 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222
static.doubleclick.net — Cisco Umbrella Rank: 458
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
616 KB
30 kooora4lives.net
kooora4lives.net
www.kooora4lives.net
272 KB
29 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 801
static.adsafeprotected.com — Cisco Umbrella Rank: 594
dt.adsafeprotected.com — Cisco Umbrella Rank: 538
283 KB
26 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 528
29 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
325 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 732
gum.criteo.com — Cisco Umbrella Rank: 401
mug.criteo.com — Cisco Umbrella Rank: 2755
10 KB
10 kooora4live.com
www.kooora4live.com
10 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1505
m.addthis.com — Cisco Umbrella Rank: 1429
api-public.addthis.com — Cisco Umbrella Rank: 4330
221 KB
8 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 516
5 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
43 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
101 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
287 KB
7 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 194811
adipolo.com — Cisco Umbrella Rank: 122484
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 212837
142 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
2 KB
6 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
6 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
5 KB
6 openx.net
adipololtd-d.openx.net — Cisco Umbrella Rank: 62612
us-u.openx.net — Cisco Umbrella Rank: 396
rtb.openx.net — Cisco Umbrella Rank: 1516
1 KB
6 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518
image6.pubmatic.com — Cisco Umbrella Rank: 636
503 B
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
region1.google-analytics.com — Cisco Umbrella Rank: 2742
20 KB
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 605
326 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 627
56 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 550
2 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 4170
789 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 597
382 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 804
s.tribalfusion.com — Cisco Umbrella Rank: 2199
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 921
344 B
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5951
356 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 652
1 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 679
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 792
726 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1237
214 B
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 17634
s4.histats.com — Cisco Umbrella Rank: 14587
5 KB
2 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 201180
17 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
112 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 541
623 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 704
443 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 484
864 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1083
463 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1056
574 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2979
173 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 39481
611 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3213
104 B
1 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5312
5 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1674
823 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 442
1 KB
1 kooora4lives.com
kooora4lives.com
557 B
1 kooora4live.tv
www.kooora4live.tv
706 B
0 netmng.com Failed
google2waycm.netmng.com Failed
0 smilewanted.com Failed
prebid.smilewanted.com Failed
492 53
Domain Requested by
112 s0.2mdn.net kooora4lives.net
s0.2mdn.net
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
44 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
kooora4lives.net
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
cdn.ampproject.org
s0.2mdn.net
42 pagead2.googlesyndication.com securepubads.g.doubleclick.net
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
kooora4lives.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
29 kooora4lives.net 7 redirects kooora4lives.net
26 fastlane.rubiconproject.com player.aplhb.adipolo.com
25 cm.g.doubleclick.net 8 redirects googleads.g.doubleclick.net
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
16 dt.adsafeprotected.com 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
15 securepubads.g.doubleclick.net kooora4lives.net
securepubads.g.doubleclick.net
jscdn.greeter.me
12 googleads.g.doubleclick.net 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
kooora4lives.net
10 googleads4.g.doubleclick.net kooora4lives.net
10 www.google.com 1 redirects tpc.googlesyndication.com
kooora4lives.net
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
10 www.kooora4live.com
8 sync.search.spotxchange.com 6 redirects googleads.g.doubleclick.net
8 ib.adnxs.com 1 redirects player.aplhb.adipolo.com
googleads.g.doubleclick.net
7 static.adsafeprotected.com 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
fw.adsafeprotected.com
7 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 www.googletagservices.com jscdn.greeter.me
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
kooora4lives.net
6 fw.adsafeprotected.com 3 redirects kooora4lives.net
6 fonts.googleapis.com securepubads.g.doubleclick.net
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
s0.2mdn.net
6 s7.addthis.com kooora4lives.net
s7.addthis.com
5 ups.analytics.yahoo.com 5 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 hbopenbid.pubmatic.com player.aplhb.adipolo.com
4 bidder.criteo.com player.aplhb.adipolo.com
3 mug.criteo.com
3 www.gstatic.com 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
3 player.aplhb.adipolo.com jscdn.greeter.me
player.aplhb.adipolo.com
3 api-public.addthis.com s7.addthis.com
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 static.criteo.net player.aplhb.adipolo.com
static.criteo.net
2 sync.1rx.io 2 redirects
2 match.360yield.com 2 redirects
2 rtb.openx.net 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
2 pixel-sync.sitescout.com 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 adipololtd-d.openx.net player.aplhb.adipolo.com
2 prebid-eu.creativecdn.com player.aplhb.adipolo.com
2 tlx.3lift.com player.aplhb.adipolo.com
2 ap.lijit.com player.aplhb.adipolo.com
2 onetag-sys.com player.aplhb.adipolo.com
2 prebid.a-mo.net player.aplhb.adipolo.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 jscdn.greeter.me kooora4lives.net
2 www.googletagmanager.com kooora4lives.net
1 id5-sync.com player.aplhb.adipolo.com
1 s.ad.smaato.net 1 redirects
1 sync.mathtag.com 1 redirects
1 cms.quantserve.com 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
1 sync.targeting.unrulymedia.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 tr.blismedia.com 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
1 gcm.ctnsnet.com 1 redirects
1 s.tribalfusion.com 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
1 static.doubleclick.net kooora4lives.net
1 player.adtelligent.com player.aplhb.adipolo.com
1 s4.histats.com s10.histats.com
1 adipolo.com
1 region1.google-analytics.com www.googletagmanager.com
1 s10.histats.com kooora4lives.net
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 www.kooora4lives.net 1 redirects
1 kooora4lives.com 1 redirects
1 www.kooora4live.tv 1 redirects
0 google2waycm.netmng.com Failed 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
0 prebid.smilewanted.com Failed player.aplhb.adipolo.com
492 78

This site contains links to these domains. Also see Links.

Domain
www.reyada-365.com
www.facebook.com
www.youtube.com
www.yalla-shoot-matches.com
Subject Issuer Validity Valid
*.kooora4lives.net
E1		 2022-07-28 -
2022-10-26		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
greeter.me
E1		 2022-07-19 -
2022-10-17		 3 months crt.sh
histats.com
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-10		 a year crt.sh
player.aplhb.adipolo.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
player.adtelligent.com
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA		 2022-08-09 -
2022-11-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.a-mo.net
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-06-19 -
2022-09-17		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh

This page contains 44 frames:

Primary Page: https://kooora4lives.net/home5/
Frame ID: 42BBE5B32683387F785C1D710DC34E9D
Requests: 158 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7C0618578432A0AA61C662B74738C2BB
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7F4586F77E37EC1052B2F024040E19AA
Requests: 1 HTTP requests in this frame

Frame: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 12DC25C5622C9E84A6206E91F48CCC76
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F71B3C650C5F7A17DEED3BEEA98DE806
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9AC3514A60A45EFAC2194C31F6A492E4
Requests: 2 HTTP requests in this frame

Frame: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB9869957FD270706EB21C5FA35B9F4E
Requests: 14 HTTP requests in this frame

Frame: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B78981EE61451610A201C2724ECDF4EA
Requests: 1 HTTP requests in this frame

Frame: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E6E31CA4719331A506FE334A378442C3
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: 1203425BC212AB8FB763C18E041E3FF8
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: 4E78410CFB4DC6F98F5A8BDB52967ECC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhjCuPfOATAB&v=APEucNVj2DoSo_ouUie3Cdd-sQ8oef-mGCDCi-HTcOBR7VApeWhgqdpo7976f_j_cyY9MfNZcTeIlVnr7af0-ZObJBoUv5MQaH24_GDGU7zRyQ1RnbpsTb0iFP6Lim53bb4hPyluRPEABzIoJkM1Hm5OKYLCRh8ssat4Hkxet0zLTWBd4-p-hg0
Frame ID: 161A2884CF6FA47923219CE0F2196B9E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWOf6WiPgN9Jbk5GDSYti5m82Q6o8h696i-BT3tH8x238AjU0uzx7huXKHbWj96qpcVeMiSzqpSA06Do34XkeEnVTkStUgp6qTUd_HxswGc1lgudqk6OSlDaPFVgCl8t2gxhwEOMqk7fmqr3bt1rGOIvWLOJQntFLMVZOq2pLh5Gxc6e3E
Frame ID: 8D705B9172CA09A19A8F58EF0534BCD8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0GPFblk-Kfw8cBWdX7me65I-NthrjlC7kyouekJu0QL6L6GeC-SF_z1cjnAJHkB_xxhHB6wSOAEgsq_rTrVgcxCVQwlMRcnjnkhR-hR3B00H04NKVb1aO-26LmFNgLc7K0Vls-g_RjmRuJ41K3pAGwnVIKw&dbm_d=AKAmf-Df2EToCC3JlOMwftIpNI9_2VsuokzfEsE4QGLHHBjzwKtgCD715Rd5E8Ggn91IkRqp-msqgBqm0CGFlx8aTDYT8-Jue-afb2-sxzya-GMkFnJ0CFA973QQe8rJwZRbyyD7-Xp0Jh8aEYqKYeKOZ2sDiVpq2LJ0kbfoI0EMIXq5uqKBb1-MCVZeDS0cg3S4WJQKhabBCDd9ScEe4jnww_sdD8UJpC7HKBBlUxPKxmPS5RkqeX8of-uPF0cd3vt5WlRSb7x59V_E0h14YHWO2s_itF-9Zo5cF6IcHNuJ9lbWSnN43PYoJ3voOQojOIlXl0Gy1OzbeOqoNQCQLjj1svbbNPVXnLqAG_JUD293CmGoQlCvaYkMqPOCdCQm9xK0rBZT6MRADTOmxhd-pNjIZI0O41bSA5abLBDq0ewSmV8Sf4mOsJqLbySruy_BnQAoVYu4HbCKxgvcpjS6wQM60l3RU1iv-0RdrW0mkbe8yJetKvagoOTvOSC0Qgg5qFOVE1xYcab-lhW0h0y-nvjfqZOqe2JXexq-XFlNN4J9TwTL3p3ArVTimOT14fsywLaawEG8Z58DUfOQDCf1Gb0Xc6gOUiKVKS9E0AcZ2lQDcqnOCueAQONZeADB2S_47VOKPA4aR0fEWFq8WTqrybnT8Z2dpuuMO93N8UF_sFN0xK2YUjNTLN5mR00XEf4Gn0RLk8hk4rZMeZI7mEhMHno0822hx3h4yuy_xWMeSOFifq2P3R657eZGnmPNaYS0MGBPaHaxhZHVwfiKbELpVGqNMumnl0--ZkOJg1A959uDsJItXO-3fBE-EmhQHTmgdJUNU5ZmDCvzmLRU9iD2nI-4KtavS8tE0kat5f8aYu8L1IXosBEYRUzBwpwKBYbXuRbA1BA2LibHmserrkjWN1_b9FiJtCXGdFqn-T-6tcFWmo7OgaKWoXOMJhiWmFk6Fr4w7GWJswwjYTvBkyeWe_VhjWxXTY7hApB-H_mFRAQwquw21k8onR0d70QFsrHB6HUZ6NQJTAY82sXLTL7S1fZkPu7E_5315MKQreF3eQaW7EK6XwoqPL-Zznaulr-uOsA-o5kq8boUDTZ1O7R-SNMVibus8K6vfgnzbmSrjY3V8v_qnGEk0XfZsztllLulom3K3SN5Ts1_wg1E6WGZRkzsoQDH3odpICOfhy0wa6rmBofFQZF_35slcwKPpAlnCCA3YOo1Aqhlp6T2AJT0zIo8-4pFKkYnAtocFISCHKNZWjWOF_sNiyfJNSNI13l3MjBn9KHu_gvfz70ln7ob8fV_NUT_-bcQD7GF06DcgnClv1LJcNH2GczBUKioha51TnmKv5iEZXPTBKDfgpT5dfind14MC6_kMTa37Vx6O7Fr1sirvF0IFoTkMx4_a78s5Zb-VwCmwuUZM6A9Q4Mle--H1xkQKTb-GrgSNPaMdpzjHKfoVQUswNOMg-s_9RHY4vvJXwLHPMNQusvJjk0fMmciQ0auMGuApSR_PIywRkw7iEA2ueWRqaRnlIJIye1AxNdPBDQH5a_uk9CMR-XQrub7ngIqGZTCYoGnQYVB-rV60yeblkBBnimaznUz56bOHQmqhV0PEtVD7B840pRgkdGhDCshuAgfUnUmt2kw_df4n5UNcQ5cre3NVLjWiJLFrUgTN5NZjl-JJ3vbnq1_4g1AlB1pdXfFQMMrV2SjjZgDU9X8IeRWXFrqZ8pMIeuaUcT4AI6NC5-nGD3OLf3zL6KFvlnZ9kMWh2JcWdzR6YYXt7FyNHdWNezmVcgXVcJAN2_-Vq3yLh3f59NB6hyZEZeJsGnm1IK_F6HqDO_LaP0zZZuRqbip_4LmvNeZTgUwQEQooyyhQeBctvUe2jtkk8z_1OAZopCH7mVwpnXmUIFRzOu6HQGWvWctwm8SUPNtELoHWsuHPf2XpcpLRoFAya8UQHrzOFDukPuAIf7D7hQAo0_1mk_INjzR4iULFUCEwD3Px0sAcL40V_OrIyBfBE7M6VQgx282s9YRJW1IuNjpfeV8vX9cwdKND0gqp7Ja1sb9wIN9Tg1nSapPZtk6D6L9U6819E--hvGkYNS5FcrAV9CtfDnF3GYBsXyH-w5b1dxw6XB5MVex8tC8kHCceaBQqgIvqn2Nq5JDU1NbX3xoKxyjJ7TAqV_cfko25n01xnxdqcJ2oGD7VmyO3IjtH4gUu8F-LuBbnNCSKZB6ewWGtPG1lxbkbzu9op8xzwMfkYg7Va1-b4rMc0Ohj_J7-3-C5jLgQWcgY96mUpHzEBL1f11JjN3ofRB6TUG1zfSZTyf2bBpWkorHHi9uiuwq7k4nSrfRjKEKiWvQEVgim8UE80yBDhbEcRZ2T5-Rcn13SbozwX-PTlJLnNdjs27B-_Sd7AG2NxnNNYoRsTAoKl1R4vQqtssqOu_uNgm9fUcHbOwrPq6-IU66pt8eT5Yy9U55URWgu1gH8LgAJe2UW6M8TE_aQfWp59knWN4glQcqdyc_vWmUkx1b5p_t21pR5yiFLB31Wv7YzBpiUdOO1ultLxsMCjuj5mY3cLtuJw2sWH9JP3JCgeC63rQnsvDbnHZgLokujttJBnqZqujun0WLtPy12URk21RE7AdAAiFYV89YUfXUFLtsfiANRqQUrIci7qvGNWr07SiMYJCY4Kyi7NQ0Wd3FTxqDBizelEbba214gbpJaslg6Biy7OzvfSNoGYNY2KqOwracKKzw7X5WoHwYp2NjBiVD2y9P7bLMe7HoXwn_12kP4uLrpVb3r8fNlE9hPV6RYTMASP0FfYbNCAqiSUDhK9T-UL92W-V5ijkkNSYc2ocHSB2PMm1wPbR8tiAD6C1EOND9ak8cNXMzTRWSR3K4yb7mw_EjKaGTEw8DO3ExmIy6aFb0DDGBnrPbcYOIr3yG488eZcyxxyfL9v6gfrNOjLSrFjSxKKfVSsOrkEmedFN0191e0KXa_WwwM2Tpw9gbbXAg-cINgfR8zvAOEJZz8Z71Om3Tr50M-ScxgJMMnfTBSwgqSYrcq12BfDt37E2gg_FEQupy3lHIubEOaw1-vwN8pAk6ti_kXiaVsEGlqQ-foQa4Rn-sqpTbuSbNTEWQoTtRD1KdBEz48k56Z8qdzUCgNhTKF0liBTqWdclVAgNPpPvTiNu1U7sxecSRGnx5vA&cid=CAASJ-Ro76yaVtVkqfkHWmmTRpffV1LBwkrR3bBFGCTMv9bgQW_yfOe-ZA&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Frame ID: EA4BA6D90B1DEDD250A25A3065405178
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 03C3CB0EC3C61E09D665383948A6DE46
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Frame ID: 073159F4665BDD8B85CA55D64822CE9B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7784674C6FC7CE564EE49F8A3BD58965
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
Frame ID: A5222CFA066215554D4D7417D4F64F2B
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Frame ID: D2E21A333419890104D6E6C17999BBFF
Requests: 39 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Frame ID: CE8DDF53022053BCAFDBD564DBDDA479
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7E1ED71E78ADE57393BA9C38B3A96EDF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4647D7F0A8631492AF1B522D2CED1BBC
Requests: 3 HTTP requests in this frame

Frame: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 418B82BE86E3658413D3E3EAD46609F2
Requests: 21 HTTP requests in this frame

Frame: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A3D7CA61B7CAD2AEC9FAE49CF94CE8E4
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW2Q0QcOAKydPO5LNx1G6G01aefuhAzTNzM1zbrZ2_ViCTKAQsP42fUzXeSJH0HuO0N81dq8vceR9dQK8YxaP31ul5GURtRrdalJGERTsGSXhckzv7oz1w9tRQVHALW7ueSHqrq70XW51WPHviE1yHk9IOt2QdnEV0vawkiuyEt8V6xXT0
Frame ID: 4B6C1DA40192C4B52882EBDE4E29EB49
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYmeGZyAEwAQ&v=APEucNXpd5ubKja-rQjo7d_Q24R5JnJSzNafbNJ9KZJDCMQlktbDjm0zUEdXluOGFF3jYMa6vAseQeynKl_rOqF4MChKFXEiGhpekg6PR54UqxFERLmG-D_wdV0P-WVysVg6VWdW-Mhs05703psVm9ZGImyN1aX6EpecqQ71fCxuknpGupfJeuk
Frame ID: 400D53FBC5E913634A8565A48CCCE69E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0E476A48056B6009D7AED30C08E449B3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9957940DDF6ADE094240497260F7A543
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
Frame ID: 419A25DDDA92B0B1FC867A597BCDB152
Requests: 23 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
Frame ID: 610E95BB9C5DE1A792637437AADE0774
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 34BD578F2BE55DC745B542A226A9B87E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 19563F6827853F053C86BC402168D69F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Frame ID: 36F1ABE0431E4E7057667AAB4820CC77
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 582827E81CC4F36FF84A3E666D7B3D5B
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 80D3815C2736B853495EDBCC57AE8E06
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kooora4lives.net
Frame ID: 94ED4FABB672CFB66F2FFE225F84DCB0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Frame ID: 8E41EFF5E821D8F27B1A28D07A71BCD9
Requests: 1 HTTP requests in this frame

Frame: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 88AE54C8C90D078A223CDD5B48047E75
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Frame ID: C9416F4E96F9A8E67B9A2562C0D68C6A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhD5qGIY65O9xwEwAQ&v=APEucNWPeP8S5jUnLloe0TcYCjuh3nMr498ArztgFBSUg8PgLfN-QDWVVtok8sRWt81PSVQ0d1DjcycTsWnIG-D8fXrYAQGYVQPFcaV9i57C9-mbXGEaNlBDBeTNJIb488A-Atsn5FmYzMXccEmrDGHbEZgbNZoowcUQ8aSfII9Hawt81iVKzys
Frame ID: 1F00618435FD178C0F52714821593697
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EFFA031E8FAE395E3D0C2B85242A27A1
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Frame ID: 32033EF0FF4242C97599DE9022C59380
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D1F023DB67AB40D18F8B4853C0525E06
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 0DD12A6B3608DC36A576479BD4C4262C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

كورة 4 لايف | koora4live اهم مباريات اليوم ، اخبار و نتائج المبارياتTwitterWhatsAppFacebookMessengerTelegramAddThisTwitterWhatsAppFacebookMessengerTelegramAddThis

Page URL History Show full URLs

  1. http://www.kooora4live.tv/ HTTP 301
    https://kooora4lives.com:2096/ HTTP 301
    https://kooora4lives.net/ HTTP 301
    https://kooora4lives.net/m2/ HTTP 301
    https://kooora4lives.net/home/ HTTP 301
    https://kooora4lives.net/home1/ HTTP 301
    https://kooora4lives.net/home2/ HTTP 301
    https://kooora4lives.net/home3/ HTTP 301
    https://kooora4lives.net/home4/ HTTP 301
    https://kooora4lives.net/home5/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

492
Requests

91 %
HTTPS

46 %
IPv6

53
Domains

78
Subdomains

58
IPs

10
Countries

4870 kB
Transfer

11425 kB
Size

49
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.kooora4live.tv/ HTTP 301
    https://kooora4lives.com:2096/ HTTP 301
    https://kooora4lives.net/ HTTP 301
    https://kooora4lives.net/m2/ HTTP 301
    https://kooora4lives.net/home/ HTTP 301
    https://kooora4lives.net/home1/ HTTP 301
    https://kooora4lives.net/home2/ HTTP 301
    https://kooora4lives.net/home3/ HTTP 301
    https://kooora4lives.net/home4/ HTTP 301
    https://kooora4lives.net/home5/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://www.kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png HTTP 301
  • https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
Request Chain 148
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
  • https://tpc.googlesyndication.com/simgad/624907996767536446
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAN3XTO3JSwoGXwxD536sk&google_cver=1
Request Chain 203
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvpxbTNHY8ri1u91sak5PgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAN3XTO3JSwoGXwxD536sk&google_cver=1
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ9OXAKczzBRM827UxKbtYs&google_cver=1
Request Chain 205
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0ODgxNjM5ODM0MzQzMDYzNw%3D%3D
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKf-X8I4JFNJ2Dh_4_xDlvk&google_cver=1
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOY-rnaQQniQCy2Mxnf-lfc&google_cver=1
Request Chain 232
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1&__user_check__=1&sync_id=a9025e70-1cb5-11ed-8af9-18b2794d0206
Request Chain 314
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=a8feb7c1-1cb5-11ed-bcb8-19da87bf0106 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTkwMDZkMTYtMWNiNS0xMWVkLWI3ZjgtMWQ3YWJiYWQwNTA2
Request Chain 315
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lVWVRZXQ5RTJ1RjREMnZpNG16NWZMQUF5UXRFaFhZQ35B
Request Chain 316
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1&__user_check__=1&sync_id=a902cee3-1cb5-11ed-8a8c-1024185a0406
Request Chain 317
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=a9006d61-1cb5-11ed-b7f8-1d7abbad0506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTkwMDZkMTYtMWNiNS0xMWVkLWI3ZjgtMWQ3YWJiYWQwNTA2
Request Chain 318
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lVWVRZXQ5RTJ1RjREMnZpNG16NWZMQUF5UXRFaFhZQ35B
Request Chain 356
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELsodV_BrXV_iKqG83ydBeY&google_cver=1&google_push=AehlK4BZN1Z4WIKhMQ2B0fomMb0ljKIHmsIg7Sd1TPqebwTAORMTYjKe_uu4eUKN5tf-7cJAcDGM-qWCovFzltWaFx4qzf4ztWnQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BZN1Z4WIKhMQ2B0fomMb0ljKIHmsIg7Sd1TPqebwTAORMTYjKe_uu4eUKN5tf-7cJAcDGM-qWCovFzltWaFx4qzf4ztWnQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELsodV_BrXV_iKqG83ydBeY&google_cver=1&google_push=AehlK4BZN1Z4WIKhMQ2B0fomMb0ljKIHmsIg7Sd1TPqebwTAORMTYjKe_uu4eUKN5tf-7cJAcDGM-qWCovFzltWaFx4qzf4ztWnQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BZN1Z4WIKhMQ2B0fomMb0ljKIHmsIg7Sd1TPqebwTAORMTYjKe_uu4eUKN5tf-7cJAcDGM-qWCovFzltWaFx4qzf4ztWnQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 358
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOCAhI_Cz52lsQPbVMZXr6o&google_cver=1&google_push=AehlK4DPQvDDD5wyfxaxhefwLyyOt-z0-bVUhu6TildffpLEyFVqE-ym43DrdPouHQPyfjjwk6RYbTQBXmGBWIbroNh-SjQQV1hg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DPQvDDD5wyfxaxhefwLyyOt-z0-bVUhu6TildffpLEyFVqE-ym43DrdPouHQPyfjjwk6RYbTQBXmGBWIbroNh-SjQQV1hg&google_hm=KCX3RPqgSseO0GQMUVeHXAU
Request Chain 361
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_cver=1&google_push=AehlK4An3UEzZ4RsJxM87b4_ckUqhCj4AHtocb0QRdnk-0SE23rfDYRyENTTF1m1bGbjojxly8DSpYShlWag-qj9OnPtQbFSOfo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_hm=YvpxbTNHY8ri1u91sak5PgAABG8AAAAB&google_nid=index&google_push=AehlK4An3UEzZ4RsJxM87b4_ckUqhCj4AHtocb0QRdnk-0SE23rfDYRyENTTF1m1bGbjojxly8DSpYShlWag-qj9OnPtQbFSOfo
Request Chain 366
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIyHM40en7xwt-tDJejQnnM&google_cver=1&google_push=AehlK4AtIBCNaxsO7PqlBesU99C4k8eujqfu3_8ZNJycW_cA71r3CEZQIz1SzEQ7nSsqGTnDneNumogxIUkhQxL3MXqPBwt6pk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AtIBCNaxsO7PqlBesU99C4k8eujqfu3_8ZNJycW_cA71r3CEZQIz1SzEQ7nSsqGTnDneNumogxIUkhQxL3MXqPBwt6pk0&google_hm=NTY5MjA3MjYzMTM1MDM1Nzc4OA%3D%3D
Request Chain 368
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_cver=1&google_push=AehlK4CP6l3dZRPhJU4Y_6dH7AXvQ9MHYUKlTnj7OTsRmrR-dgFo3HJ3gjDV6kcaXQnob5VxoFcScGWtTpZCHBOHhMyQODAup-Z6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_hm=YvpxbTNHY8ri1u91sak5PgAABG8AAAAB&google_nid=index&google_push=AehlK4CP6l3dZRPhJU4Y_6dH7AXvQ9MHYUKlTnj7OTsRmrR-dgFo3HJ3gjDV6kcaXQnob5VxoFcScGWtTpZCHBOHhMyQODAup-Z6
Request Chain 369
  • https://match.360yield.com/match/ebda?google_gid=CAESEEKiL0FpIciPWOTszdqCgrs&google_cver=1&google_push=AehlK4DMRuuBtu_wAJ9mIIxFk4SQ8zBn4HCGoQrJP7JGgO0gXsSWN9KmVwxj7t7wbQZ4WmRlXeohljuzyr6IkZtt4bDuxgXb9G_0 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEKiL0FpIciPWOTszdqCgrs&google_cver=1&google_push=AehlK4DMRuuBtu_wAJ9mIIxFk4SQ8zBn4HCGoQrJP7JGgO0gXsSWN9KmVwxj7t7wbQZ4WmRlXeohljuzyr6IkZtt4bDuxgXb9G_0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ujFyt7uqSOqHtGPw7f5GBA&google_push=AehlK4DMRuuBtu_wAJ9mIIxFk4SQ8zBn4HCGoQrJP7JGgO0gXsSWN9KmVwxj7t7wbQZ4WmRlXeohljuzyr6IkZtt4bDuxgXb9G_0
Request Chain 370
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJQw9MLZvDMy19lKMW2oL3U&google_cver=1&google_push=AehlK4CztWPSGXA_OQ-93eLSOfw3ky9htz38uhdsG8GJdQPcqZYcSk3X0RQieM-fGJCehiBB0FoFzuWpRCbiVATBU4OPZYqqu85z HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4CztWPSGXA_OQ-93eLSOfw3ky9htz38uhdsG8GJdQPcqZYcSk3X0RQieM-fGJCehiBB0FoFzuWpRCbiVATBU4OPZYqqu85z&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1660580207028 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-73eabc84-880f-44e0-af9d-957e111354f3-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CztWPSGXA_OQ-93eLSOfw3ky9htz38uhdsG8GJdQPcqZYcSk3X0RQieM-fGJCehiBB0FoFzuWpRCbiVATBU4OPZYqqu85z%26google_hm%3DA3PqvISID0Tgr52VfhETVPM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CztWPSGXA_OQ-93eLSOfw3ky9htz38uhdsG8GJdQPcqZYcSk3X0RQieM-fGJCehiBB0FoFzuWpRCbiVATBU4OPZYqqu85z&google_hm=A3PqvISID0Tgr52VfhETVPM
Request Chain 392
  • https://fw.adsafeprotected.com/rfw/st/886862/62195781/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_bnH6YvT9KJSB9u8PwL-zkAY&cbFunctionName=goog_wrapCb_bnH6YvT9KJSB9u8PwL-zkAY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:54370028-ab57-8d4f-dd18-1bb8ce7c6593,c:lnqH15,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-94958994c-6w29f,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C151211%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a*.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:19,oid:a90f3df8-1cb5-11ed-bff2-7ed2c10e24d7,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 394
  • https://fw.adsafeprotected.com/rfw/st/886862/62195778/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_bnH6YufRKdmF9u8PuviiuAs&cbFunctionName=goog_wrapCb_bnH6YufRKdmF9u8PuviiuAs&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:fee7acae-2665-8bcd-ff33-36ebf2d4fb52,c:lnqH1O,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-94958994c-lxwzf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:teB3jNF+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C151211%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b*.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:18,oid:a90f656a-1cb5-11ed-a3fb-12f8badb0d1e,v:19.8.343,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 436
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kooora4lives.net&sn=ChromeSyncframe&so=0&topUrl=kooora4lives.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=hmcmZHwxTzlLNHZiY2MzaEswOTdpdk1IK2p6czFqakw3ejZLMzJXcExmSWpKQUE4WEhSeVVjY2NLeW5YbENKQkQvK0RtSmxzS1dOcjdJUzRrV3ZId1hVOGpPaVJCcFRGS2JTeVlpR2FUU0swOGxMWjNORjVCSUF2amk5dHhNeVlDUkR5dXZJY1ZvcG5oSlhxMldFdE0weXVGYUVyaUpIZlVXanp4VkhYZGRubGwrMDlEVXd0Q3RrUi8xWXpEZmhuaFY3Rld0dlJVamRIQnlhaE0wdFZ2anUyR3BwOTQ3WEtqUzNEcis2MzVzdDNIQkpndXRlc0xGMWZjaDFtWDFveVlhaTNrTFA5T1lQclYzMUJoOUp2WGdyS3VTZz09fA&cppv=2
Request Chain 449
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFQRguupOg_DZxy01JrszJc&google_cver=1
Request Chain 472
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEgLBVJJy3L5ltFw5UdNdtA&google_cver=1&google_push=AehlK4AzDHNK1pcqOskQk01vF4LB0A6lFiMSPXyr0lRD4Q8HtY8Ve8UhFR3Ys9SbAQnzKeblSWkoOTVjCWPymmpVx04Oyx2eQHJD_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AzDHNK1pcqOskQk01vF4LB0A6lFiMSPXyr0lRD4Q8HtY8Ve8UhFR3Ys9SbAQnzKeblSWkoOTVjCWPymmpVx04Oyx2eQHJD_A
Request Chain 475
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGqa42Xk0JUYS66wOANmhpE&google_cver=1&google_push=AehlK4Bl66tNDjtySyxfch3cbQt6OJrOdYPteJLJyqaqRJ_hlXlKnrV4mH5gU5WxHcL1WNp_8MaAgNLpaVJG5XLRE4cvSqfusBLNvg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4Bl66tNDjtySyxfch3cbQt6OJrOdYPteJLJyqaqRJ_hlXlKnrV4mH5gU5WxHcL1WNp_8MaAgNLpaVJG5XLRE4cvSqfusBLNvg
Request Chain 476
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIEb3E51b3VDO9otVbGrW0M&google_cver=1&google_push=AehlK4DjzexI2cD0E_ZLY-3kboEbVnl7yTFHY9ZhRiPJSa4P_JIn20snAxa_K-sd0GVue52B_zQmQjRv7Nvl3_3EVScY78_dnXyIvD4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uVGxoQ0xWRTJ1RXc4aWVvYjg0Y2Zta0pXYmhDb1BjT35B&google_push=AehlK4DjzexI2cD0E_ZLY-3kboEbVnl7yTFHY9ZhRiPJSa4P_JIn20snAxa_K-sd0GVue52B_zQmQjRv7Nvl3_3EVScY78_dnXyIvD4
Request Chain 481
  • https://fw.adsafeprotected.com/rfw/st/1007518/62065264/skeleton.js?ias_dspID=3&ias_campId=28353527&ias_pubId=pub-4903453974745530&ias_chanId=1&ias_placementId=17197673205&bidurl=https://kooora4lives.net/home5/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0iWuU9bxIEfM0mlnF-96BrT&adsafe_url=https%3A%2F%2Fkooora4lives.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:cedb9eef-94d9-cf5d-2488-92d0611d9038,c:lnqHf2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-94958994c-mtr2h,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:publ1,mtim:61,mot:0,app:0,maw:0,fm:teB3jZS+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C15121%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b1%7C1b2%7C1b31%7C1b4%7C1b5%7C1c%7C1d*.1007518-62065264%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:80,oid:a99891e4-1cb5-11ed-97ef-e63312eeaf05,v:19.8.343,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 492
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.net%2F&domain=kooora4lives.net&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=PF-p_XxRRTYyVkEzbEZseEZDVnRHanF6eXlDbFFOdE96enFNN2RmYlpPTzVhbXplUVh4V3p5RlNOdHBxZ0ZXeGUrS0M4a0VmTHRDcldDVXhJeFpMK1F5QWhmclExWHd1Z25ETXQxRXh1VmRhRUNQcXREa0sxNHNueGQySG93TnRyT2JFeFJCVjlINzF1UW93emJJWW1wOG1wcCtRR05kUUtkVEI0N2lLTkdCK2Q5L256TXo5bnVsQXZkb1JzbnR2emFSNldMUm1DRDZxOUlhRWM5NTg0TXpvWEk1dTl3R0pyeVhtSWtSdHlQNHlHSklmOUVPNkxhYlJFUUlJcHJzdzh4UmVkSHdXRTAxMnJnSUdJWW11YUpkK1REZz09fA&cppv=2

492 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kooora4lives.net/home5/
Redirect Chain
  • http://www.kooora4live.tv/
  • https://kooora4lives.com:2096/
  • https://kooora4lives.net/
  • https://kooora4lives.net/m2/
  • https://kooora4lives.net/home/
  • https://kooora4lives.net/home1/
  • https://kooora4lives.net/home2/
  • https://kooora4lives.net/home3/
  • https://kooora4lives.net/home4/
  • https://kooora4lives.net/home5/
74 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb607c4a02dabd7e4e7432b10b3291994b83f9c1bb00701aec6b0f64fa286d37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
73b33c80e9059164-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 15 Aug 2022 16:16:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkpYUCDPYkNNoKI5nZ3UmtcDhMkj9bqJ8oQYILdJl1yYge7u%2FtUY6zWcp2BBikq44StxTqYAiJr2gTuwleRW98vwGLpEOS%2BIu4UriqAKkr3AI6V3vnM4GC%2BWRDAu8AuSMnK3EGcmr%2FsjYHyX3tM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Cookie

Redirect headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
73b33c7fdfbb9164-FRA
content-type
text/html; charset=UTF-8
date
Mon, 15 Aug 2022 16:16:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 15 Aug 2022 17:16:43 GMT
location
/home5/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qAI6SpqothkPPHgAao6Vu4UnPweiB25cgXDw63JlSU%2F%2FrDvYOfmj6qvlHZu4XOYbZctPuQ5V8JOs%2B%2FPYIpbTYnO1v6nOG7S8sPx%2Fve%2BAm4O8TVbADRiwMb0s8Mok2lpEXG07w%2B9Ox44FEkHEvU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Cookie
x-redirect-by
redirection
addthis_wordpress_public.min.css
kooora4lives.net/wp-content/plugins/addthis/frontend/build/ 		587 B
844 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kooora4lives.net/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=6.0.1
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301903
pragma
public
last-modified
Tue, 03 May 2022 04:46:56 GMT
server
cloudflare
etag
W/"6270b3c0-24b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JJWDXexGbjxJrP4QFxeBQTvdbFhBlIi5%2B2Da6%2FLM9QBKH88wBA7xZjjPMO7%2BIBEVHmgVKktNC1RYUNSrpxXPhEvDAkDwjU%2Bc3ux9jP1Lc0M8og9j4T1uThO7xzTc9JFh0aRT3yaAqKBnIJXHuc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
73b33c8189db9164-FRA
expires
Sun, 11 Sep 2022 04:25:00 GMT
logo.png
kooora4lives.net/wp-content/themes/AlbaKora4Live/img/
Redirect Chain
  • https://www.kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
  • https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab9eb1b5e0926e9778eadcbb34fa2718370ac32ee5be934f4557ee77e2e8390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
421404
cf-polished
origFmt=png, origSize=12374
content-disposition
inline; filename="logo.webp"
content-length
6460
pragma
public
last-modified
Mon, 21 Dec 2020 21:53:15 GMT
server
cloudflare
etag
"5fe1194b-3056"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCvXVZr7blFrTQ4Ch8ipDh4A4%2FUDZf9sW7Vnj5TJnVwG8uFrWsqV0xcoPgtSVNKoOTWcjPZ88fxi0XRZVAEYyVbJjN%2FTMvJhNeVxxofHmQSRhgxxB5fy%2B5uk%2FsN5WYVzgQ0hDu5%2BzXF6TFRYDk8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Fri, 09 Sep 2022 19:13:19 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c81da3f9164-FRA
cf-bgj
imgq:100,h2pri

Redirect headers

date
Mon, 15 Aug 2022 16:16:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrHGK2SlVPKwIecfd%2FfG9ffm6L2bG6VEzvMDeePTTjDr9oTgXm6ihEXihRE62f%2FWeWRncbOeUVCfaT09okoa%2BQ8C0fbhyHvPzd6X3FgsG2hTxN9%2FZrQQYgowHM0BKhPj6r3u7x%2Bl2WSGfjuUaXdb%2FoYC"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.net/wp-content/themes/AlbaKora4Live/img/logo.png
cache-control
max-age=3600
cf-ray
73b33c81aa0f9164-FRA
expires
Mon, 15 Aug 2022 17:16:43 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Mon, 15 Aug 2022 16:16:43 GMT
x-host
s7.addthis.com
content-length
116325
rocket-loader.min.js
kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Aug 2022 17:04:07 GMT
server
cloudflare
etag
W/"62f29387-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1oQggZNwi0El7%2BZwP70P7gL%2BuD%2BDEWh3wPCEke51QmJj82JWWMNlMAGDilDZLlvJJoeQGQOSFyrV2ESEKa1%2BX57H3pdHr3XkxFcWptknMC8DgsP99%2BbKhjuOwD7aXMe7tlPhoQ4mkk6QxPgh0c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73b33c81a9ff9164-FRA
vary
Accept-Encoding
expires
Wed, 17 Aug 2022 16:16:43 GMT
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		944 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
kooora4lives.net/wp-content/themes/AlbaKora4Live/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kooora4lives.net/wp-content/themes/AlbaKora4Live/fonts/NeoSansArabic.woff
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer
https://kooora4lives.net/home5/
Origin
https://kooora4lives.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:43 GMT
cf-cache-status
HIT
last-modified
Mon, 21 Dec 2020 21:53:15 GMT
server
cloudflare
age
8292662
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BskkNOkb5NRfOCKOFVQhHE9ojEm1S5k6i9gftj5mwXeEftyHYz1TwNd7Wn1HUwsNSZE2Hq%2Fazz9I%2BMgRLp%2FVKgPNZvVJkmCXIVVTxbDPux0VxwUYmLr29Cp%2Byd9VEJJERmlQiflNAI2g0ZQ6VEU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-font-woff
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
73b33c81aa099164-FRA
expires
Thu, 11 May 2023 16:45:41 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
3DA20F33DFB043F4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=37077
accept-ranges
bytes
content-length
948
x-amz-id-2
g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=
lazyload.js
kooora4lives.net/wp-content/themes/AlbaKora4Live/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kooora4lives.net/wp-content/themes/AlbaKora4Live/js/lazyload.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13442
cf-polished
origSize=7249
cf-bgj
minify
pragma
public
last-modified
Mon, 21 Dec 2020 21:53:15 GMT
server
cloudflare
etag
W/"5fe1194b-1c51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8KeILQOnJiJI0Sl%2FVaofFVifregdheqoh2e5ucQlHx7LL1zT4wH22oRoU5CkqT%2BFVp2GFGzhotrk%2Fkg%2FxrzJbqsleT%2B5skFLr6e9mG%2B3KSIh44%2FcEIvWmnAYnpCPnjniGO36neNdeW43d%2BN%2Buc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
73b33c839c8e9164-FRA
expires
Wed, 14 Sep 2022 12:32:42 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6XQ0HCVXZH
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bdae4ac450183f6d7ca50674936106de454842678c01186e9df089fe93f0caba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72291
x-xss-protection
0
expires
Mon, 15 Aug 2022 16:16:44 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
49da9ea975537d77c8a0694d2633e11645beeeaacdc75f2947c54dba87ef3075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28788
x-xss-protection
0
server
sffe
etag
"1304 / 961 of 1000 / last-modified: 1660561528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Aug 2022 16:16:44 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-150096121-1
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0caba294bb8740381a099642aa855cc91f4083c8422f450b3fb08e1f559bcfe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41921
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 15:46:15 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 Aug 2022 16:16:44 GMT
kooora4livesdynamic.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/kooora4livesdynamic.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
a7376fb82a98db2648618531d9102664c07f741d3d25501ffb9d5b7103525777
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 15 Aug 2022 16:16:44 GMT
Connection
Keep-Alive
Last-Modified
Wed, 01 Jun 2022 14:52:10 GMT
x-amz-request-id
tx00000000000001478503b-0062fa6414-5c96400f-fra1b
etag
"3cada13afcbf112eafe5b390979c2b4b"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1660580204.dop129.fr8.t,1660580204.cds276.fr8.shn,1660580204.dop129.fr8.t,1660580204.cds157.fr8.c
Content-Type
text/javascript
Cache-Control
max-age=184
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
7966
kooora4liveshead.js
jscdn.greeter.me/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/kooora4liveshead.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
fd531f9dde4d22dfe6cdebb61d03aaaaca6ccd5ba6b8e09b8f50e9fcfa6b6314
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 15 Aug 2022 16:16:44 GMT
Connection
Keep-Alive
Last-Modified
Mon, 04 Jul 2022 08:59:54 GMT
x-amz-request-id
tx000000000000014962a6e-0062fa716c-5c85f102-fra1b
etag
"29691e1a700494c3810de424aae1d857"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1660580204.dop210.fr8.t,1660580204.cds002.fr8.shn,1660580204.cds002.fr8.pr
Content-Type
text/javascript
Cache-Control
max-age=3600
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
8351
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5c646be341234125/ 		2 KB
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5c646be341234125/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7897757471988b6dda805254de287e19033514ae748b13569acd29dd275c8d26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
etag
-377002541--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=47, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
647
300lo.json
m.addthis.com/live/red_lojson/ 		90 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=62fa716c8067c3bd&bkl=0&bl=1&pdt=1386&sid=62fa716c8067c3bd&pub=ra-5c646be341234125&rev=v8.28.8-wp&ln=ar&pc=wpp&cb=0&ab=-&dp=kooora4lives.net&fp=home5%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1660580204090&wpv=wpp-6.2.7&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22WordPress%22%2C%22plugin_name%22%3A%22Share%20Buttons%20by%20AddThis%22%2C%22plugin_version%22%3A%226.2.7%22%2C%22plugin_mode%22%3A%22AddThis%22%2C%22anonymous_profile_id%22%3A%22wp-f17c23e72e07ea7b036b43e61b0390e0%22%2C%22page_info%22%3A%7B%22template%22%3A%22pages%22%2C%22post_type%22%3A%22%22%7D%2C%22sharing_enabled_on_post_via_metabox%22%3Afalse%7D&jsl=0&uvs=62fa716c2aac12bb000&skipb=1&callback=addthis.cbs.jsonp__140447369028831480
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1ebaeceaaabacbb7ab7fbbeab382520ce9a52f76fdb36e5f98b415d169146273

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:44 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
90
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7C06 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7F45 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Mon, 15 Aug 2022 16:16:44 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
client.ar.min.json
s7.addthis.com/l10n/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/l10n/client.ar.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
72d2367dc35967c758f93deefb69e76a1cfed9be0dcab06fc8ae2bf8d37bc879
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
etag
W/"5d77be05-11fd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=604800
date
Mon, 15 Aug 2022 16:16:44 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
1925
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 15 Aug 2022 16:16:44 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
195.461912c47007775093ae.js
s7.addthis.com/static/ 		384 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/195.461912c47007775093ae.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-180"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 15 Aug 2022 16:16:44 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
298
159.1c3fceccbc80f2a3615f.js
s7.addthis.com/static/ 		564 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-234"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 15 Aug 2022 16:16:44 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
394
shares-post.json
api-public.addthis.com/url/serviceapi/ 		2 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
text/plain

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
surrogate-key
sFbt=https://kooora4lives.net/home5/
last-modified
Mon, 15 Aug 2022 15:00:00 GMT
server
nginx/1.15.8
date
Mon, 15 Aug 2022 16:16:44 GMT
content-type
application/json
access-control-allow-origin
https://kooora4lives.net
cache-control
no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials
true
content-length
2
shares.json
api-public.addthis.com/url/ 		35 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&callback=_ate.cbs.rcb_bku50
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
36b9f1d1dbd37e4d6b2dd7b9e9d7e679d655f5e6981e3f7088d6038b9e63c251
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
kooora4lives.net/home5/
last-modified
Mon, 15 Aug 2022 16:16:44 GMT
server
nginx/1.15.8
date
Mon, 15 Aug 2022 16:16:44 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
55
shares.json
api-public.addthis.com/url/ 		35 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fkooora4lives.net%2Fhome5%2F&callback=_ate.cbs.rcb_9kh30
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.212.127 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-127.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7e4125d7ee9cc3e7fbabb6c7822a29c5221b86dc81c6e3202a7c8135c27e9c41
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
surrogate-key
kooora4lives.net/home5/
last-modified
Mon, 15 Aug 2022 16:16:44 GMT
server
nginx/1.15.8
date
Mon, 15 Aug 2022 16:16:44 GMT
vary
Accept-Encoding
content-type
application/json
cache-control
no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length
55
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:07:36 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
51.254.41.128/25
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
111181950
pubads_impl_2022080901.js
securepubads.g.doubleclick.net/gpt/ 		385 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 11:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17747
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134589
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 08:35:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 15 Aug 2023 11:20:57 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		370 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kooora4lives.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6914756a2773260c86412e094f95cec7ca06be35b44217badc1d1d8bce201257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161
x-xss-protection
0
expires
Mon, 15 Aug 2022 16:16:44 GMT
HellasVerona2018_7_29_15_11.png
www.kooora4live.com/wp-content/uploads/2019/09/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kooora4live.com/wp-content/uploads/2019/09/HellasVerona2018_7_29_15_11.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
download-4-3.png
www.kooora4live.com/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kooora4live.com/wp-content/uploads/2019/01/download-4-3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
download-2.jpg
www.kooora4live.com/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kooora4live.com/wp-content/uploads/2019/01/download-2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
download.png
www.kooora4live.com/wp-content/uploads/2019/08/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kooora4live.com/wp-content/uploads/2019/08/download.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
1378025755.png
www.kooora4live.com/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kooora4live.com/wp-content/uploads/2019/01/1378025755.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
egy_ismaily.png
www.kooora4live.com/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kooora4live.com/wp-content/uploads/2019/01/egy_ismaily.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
download-3-5.png
www.kooora4live.com/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kooora4live.com/wp-content/uploads/2019/01/download-3-5.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
download-2-6.png
www.kooora4live.com/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kooora4live.com/wp-content/uploads/2019/01/download-2-6.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
download-4.jpg
www.kooora4live.com/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
download-4-2.png
www.kooora4live.com/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kooora4live.com/wp-content/uploads/2019/01/download-4-2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681b:4171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
HAZARD-300x180.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/HAZARD-300x180.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5cdd831bbd25444ecfae13ef4db01e352c956de5463b21db8d2f2039ec4c9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
835
cf-polished
origSize=11519, status=webp_bigger
content-length
10781
pragma
public
last-modified
Mon, 15 Aug 2022 16:00:57 GMT
server
cloudflare
etag
"62fa6db9-2cff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCcVs8GmctbAOTxZicRXM0wlrXLH37LTMHyzWCWp1RwmpLJU4fs6zFW%2BCaXAPAR1LzojL3xcQQLJ1ESCVU8YI1Ct8Z4P0CN3MO9X82DbjomrBF%2FMO2jc5DK8GnZg75RfJcFQdsQXon89zBb5TG0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 16:02:49 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c878ac89164-FRA
cf-bgj
imgq:100,h2pri
omar_a_kooora_2021_9_2021-09-01_075126-1-300x233.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/omar_a_kooora_2021_9_2021-09-01_075126-1-300x233.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6f9937e14b476088dcf572745a8072db1eb2c1878c7c58ba8ffd715dcb22de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1614
cf-polished
origSize=13487, status=webp_bigger
content-length
12682
pragma
public
last-modified
Mon, 15 Aug 2022 15:49:11 GMT
server
cloudflare
etag
"62fa6af7-34af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cj3VEW4ciEkdhvBcUaTneatipKgqTaano%2BD63lj4l%2B8Oqf17b1vk6tll2XZp8JLmN%2FxkHmzb6ElXusJEnylzLWSlO80dDs71nqbSPtqKeKG3Re52Xa6IDrBBxMkYVPeCAHxlz%2FgpNT%2FFYtHQnAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 15:49:50 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c878acb9164-FRA
cf-bgj
imgq:100,h2pri
GettyImages-1368962653-Copy.jpg-300x170.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/GettyImages-1368962653-Copy.jpg-300x170.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f73f8a886438e89bbe9513cc07fe9fbc038b63117ac55c58c6a039fbd02ebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10831
cf-polished
origSize=9250, status=webp_bigger
content-length
8683
pragma
public
last-modified
Mon, 15 Aug 2022 13:14:01 GMT
server
cloudflare
etag
"62fa4699-2422"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRRg%2FSGVY8sM1lwdg1KyQ1%2BxIVDgk%2FCpCo7SJhFw2TPqbuVEtxxGDx80XOHeG4T1dwJQgt73SIQKxrqJu%2BUy9%2FAlwk61zn6RGksb90HC1IVq6vbiPGtJLiDqH0%2BvsFWuo09k8TNXbIDS7JRfhxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 13:16:13 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c878ace9164-FRA
cf-bgj
imgq:100,h2pri
124-121752-manchester-united-cristiano-ronaldo-loan_700x400-300x171.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/124-121752-manchester-united-cristiano-ronaldo-loan_700x400-300x171.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae6d0a19bf5829c1066cfa6fd7b49f731bf2ef2e2782c7e5a4310f4613d950ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10831
cf-polished
origSize=9150, status=webp_bigger
content-length
8684
pragma
public
last-modified
Mon, 15 Aug 2022 13:08:38 GMT
server
cloudflare
etag
"62fa4556-23be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwqoH4vc2tFyEv4JwfS1mjiQ5psvuAEoynbnvQC8TRK3JdnNQUxXPyYy7pIDkdMjDZxrRByYSPiqTp%2FVFXulQu4E7eqId%2Fy4W8zg14lLl0HLdnEDP3jGUxej52pStDoLOpE9giaYMMXxJCnZa54%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 13:16:13 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c878acf9164-FRA
cf-bgj
imgq:100,h2pri
word-image-24-300x200.jpeg
kooora4lives.net/wp-content/uploads/2022/08/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/word-image-24-300x200.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b15891f6bdc27b2e7c54f1a6fecba562ea0bfc86f8ea85b63f1f54a420c30264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11367
cf-polished
origSize=13966, status=webp_bigger
content-length
13062
pragma
public
last-modified
Mon, 15 Aug 2022 13:04:20 GMT
server
cloudflare
etag
"62fa4454-368e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axrVhuU%2BhqXt4bvxdd28lwMiWMF%2BHLAC1PbmxoQURMuFKMT5uIWblICY6kqRxM57J3EUgsADrbh%2BEM3BTw06OgEju8kzc9bhok1jhdPZw24Qup0CfDCtk8NFwI6oZjAgUZolSeelRrIvE2wbmac%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 13:07:17 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c878ad19164-FRA
cf-bgj
imgq:100,h2pri
138-221301-pierre-emerick-aubameyang-2_700x400-300x171.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/138-221301-pierre-emerick-aubameyang-2_700x400-300x171.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3f8b7466479b2c40a3dfdc1a28d38195bdc4c78fff4ae5e69e7546041409e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11941
cf-polished
origSize=10631, status=webp_bigger
content-length
9986
pragma
public
last-modified
Mon, 15 Aug 2022 12:56:51 GMT
server
cloudflare
etag
"62fa4293-2987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91iUdHIMMECNfl9v89Jz7N3REU0ZY9JmZmYX9m3zreUlf7cputE4c485imraNLnLzkR1qcWAnryN%2BJFriKD0bNU0VL82xD2QB7HYOmHgsrN6oqtXvOZpl2TPucV3ImLes%2FsrjqwixlD1p%2F2Un3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 12:57:43 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c878ad39164-FRA
cf-bgj
imgq:100,h2pri
download-300x200.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/download-300x200.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d89a2433e7f8f1ad47940635423c18359783fd7d659822733b556e00d2bc558

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12193
cf-polished
origSize=10782, status=webp_bigger
content-length
10200
pragma
public
last-modified
Mon, 15 Aug 2022 12:47:41 GMT
server
cloudflare
etag
"62fa406d-2a1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AEG4KOqDCw6z7pfsnk%2F5A85h2LqXh0Gr8CIvc3ZIqAL2uauZwEsI1s5HpkfWoFrZWUCGL4fKCTCCLfOfBoGOgRzcpNJRZR1tbJGAu7F9R%2FZ8RSW6vozvc9ZZVHKW5oc1C7jUZE6qC6KCNpmohw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 12:53:31 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c878ad49164-FRA
cf-bgj
imgq:100,h2pri
19_2022-637919432090865349-86-300x203.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/19_2022-637919432090865349-86-300x203.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ba14a7f07211d538234cbed845fa7ab540607704f5b54218748554c036898e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85642
cf-polished
origSize=16256, status=webp_bigger
content-length
14977
pragma
public
last-modified
Sun, 14 Aug 2022 16:28:08 GMT
server
cloudflare
etag
"62f92298-3f80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGVwFsyPNkoYC70N%2BKCxKgbjkd3aqhrKl42uONl%2FLhTtn1TSUHYPpEXbQAsMhegLe3cZuZVldbj1hDNPhXvAsOLAQ%2F9KAArTkJD2TKsajpZZdwXhEdDYibAgm%2FO%2BwAkAn27zi%2BRG22vIpZZKaLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Tue, 13 Sep 2022 16:29:22 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c878ad79164-FRA
cf-bgj
imgq:100,h2pri
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150096121-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4247
date
Mon, 15 Aug 2022 15:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 15 Aug 2022 17:05:57 GMT
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6XQ0HCVXZH&gtm=2oe880&_p=1257922158&cid=1976694.1660580205&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660580204&sct=1&seg=0&dl=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&dt=%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%8C%20%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6XQ0HCVXZH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hb_561849_14381.js
player.aplhb.adipolo.com/prebidlink/461272/ 		343 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
4bf927bfe5c37fee626b3bcc1595b82a10859d654d2e6f3b0315c75bdea5575e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 15:34:42 GMT
server
nginx
etag
W/"62fa6792-55baa"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 15 Aug 2022 17:16:44 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
49da9ea975537d77c8a0694d2633e11645beeeaacdc75f2947c54dba87ef3075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28788
x-xss-protection
0
server
sffe
etag
"1304 / 210 of 1000 / last-modified: 1660561528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Aug 2022 16:16:44 GMT
wrapper_hb_561849_14381.js
player.aplhb.adipolo.com/prebidlink/461272/ 		790 B
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/461272/wrapper_hb_561849_14381.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
fb44b647fb1b4d0669c228bd44b21eba0120a5c6d360fe2a6d81875875918814

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 15:34:42 GMT
server
nginx
etag
W/"62fa6792-316"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 15 Aug 2022 17:16:44 GMT
gpt.js
www.googletagservices.com/tag/js/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4liveshead.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49da9ea975537d77c8a0694d2633e11645beeeaacdc75f2947c54dba87ef3075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28788
x-xss-protection
0
server
sffe
etag
"1304 / 267 of 1000 / last-modified: 1660561528"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 15 Aug 2022 16:16:44 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10821038
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7068
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
server
cloudflare
etag
"5ed61610-1b9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7Yis8qELeykeNbyGtsy%2F9DwdnhSDedXdMT0UHlRozMRelqcraulWQcQuG1E27oGGHqOc%2FPLQ9zWfc0S8XLNfwrNWkUhMyHqnCcnY9UBqE2flt%2BO8dlhJF8R6wYzO1KiqaWxUEWaTljqew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
73b33c884bd59164-FRA
HAZARD-300x180.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/HAZARD-300x180.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5cdd831bbd25444ecfae13ef4db01e352c956de5463b21db8d2f2039ec4c9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
835
cf-polished
origSize=11519, status=webp_bigger
content-length
10781
pragma
public
last-modified
Mon, 15 Aug 2022 16:00:57 GMT
server
cloudflare
etag
"62fa6db9-2cff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ooUhuHiqGsyX%2F64pEobLxa6vPTjhzGRmM2%2F4%2Fn2pjndmrJXUPLfjPBRWH6LVvT1diL1id5R2LqbXR5dcG8ouISzNo1kf0CIfLWi32vFSYiwCJ73N3kNSHW9o5ejv2obr5Ar%2FYIjeWpasSY9EAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 16:02:49 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c87cb109164-FRA
cf-bgj
imgq:100,h2pri
word-image-24-300x200.jpeg
kooora4lives.net/wp-content/uploads/2022/08/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/word-image-24-300x200.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b15891f6bdc27b2e7c54f1a6fecba562ea0bfc86f8ea85b63f1f54a420c30264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11367
cf-polished
origSize=13966, status=webp_bigger
content-length
13062
pragma
public
last-modified
Mon, 15 Aug 2022 13:04:20 GMT
server
cloudflare
etag
"62fa4454-368e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9FKUiwtDteWO6%2BOQobcpbYAq06RZB9SEf7rfuBz90yLH6DjBGiACJYjU4ygaH8Hgt1ucbveckVT%2BD93tLuZH5igYNS1XwazOlNmlXvUGa76C4woNsoBEKjRdxVzd9%2FXqM26DyUmQ6Qbh2nLN14%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 13:07:17 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c87cb129164-FRA
cf-bgj
imgq:100,h2pri
124-121752-manchester-united-cristiano-ronaldo-loan_700x400-300x171.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/124-121752-manchester-united-cristiano-ronaldo-loan_700x400-300x171.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae6d0a19bf5829c1066cfa6fd7b49f731bf2ef2e2782c7e5a4310f4613d950ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10831
cf-polished
origSize=9150, status=webp_bigger
content-length
8684
pragma
public
last-modified
Mon, 15 Aug 2022 13:08:38 GMT
server
cloudflare
etag
"62fa4556-23be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pad606flzaGWL3nfaM9qqks76J6N%2BdEXkxwCGjMYzcT7du89cgk1evwTRqWj3g2ygaTG6uKR5L2BySKKw2KVfCFMk%2FsccPFtiqtXISFlEwheD2H3qKA5arZXGfze1vhH5B4GsLTMYoEHh7PNf7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 13:16:13 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c87cb139164-FRA
cf-bgj
imgq:100,h2pri
19_2022-637919432090865349-86-300x203.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/19_2022-637919432090865349-86-300x203.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ba14a7f07211d538234cbed845fa7ab540607704f5b54218748554c036898e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
85642
cf-polished
origSize=16256, status=webp_bigger
content-length
14977
pragma
public
last-modified
Sun, 14 Aug 2022 16:28:08 GMT
server
cloudflare
etag
"62f92298-3f80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYOPkzWipazJWCCk%2BjQy1iOv5ANzm%2FZxTtCNnAiYHaC%2FA55bqjXN0znQ%2B7kNO5sIuo79HEyiRkqLBhc5oovBvTzIwV8cpuQSDbLYyBe0ZG3JdxRUJ%2BM53xg6UTGX5fUJvlmQCR91pwD0weuwiXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Tue, 13 Sep 2022 16:29:22 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c87cb149164-FRA
cf-bgj
imgq:100,h2pri
omar_a_kooora_2021_9_2021-09-01_075126-1-300x233.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/omar_a_kooora_2021_9_2021-09-01_075126-1-300x233.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6f9937e14b476088dcf572745a8072db1eb2c1878c7c58ba8ffd715dcb22de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1614
cf-polished
origSize=13487, status=webp_bigger
content-length
12682
pragma
public
last-modified
Mon, 15 Aug 2022 15:49:11 GMT
server
cloudflare
etag
"62fa6af7-34af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Btau6C20f0S3vOyUdRUE6PEeLtb%2FGff6j2Ao9N%2FvqoK8O50DuV%2BDQiquih6JOAAPpeUwI49e7jGQciuPqH2MUiTprCNKcl%2BrDAq4IKXGuyXUNJs85EFVlmcrv7%2FagU%2F%2Fu1OSkDXkeYGjmoVbe0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 15:49:50 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c87cb169164-FRA
cf-bgj
imgq:100,h2pri
download-300x200.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/download-300x200.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d89a2433e7f8f1ad47940635423c18359783fd7d659822733b556e00d2bc558

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12193
cf-polished
origSize=10782, status=webp_bigger
content-length
10200
pragma
public
last-modified
Mon, 15 Aug 2022 12:47:41 GMT
server
cloudflare
etag
"62fa406d-2a1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQxPbYHYq9cnujcd9arUPz%2BthcLrirREl4baxx0eqGPsEBgahPAVCwKmWkTvFcrrs7jFCGgUFq6z%2FDc7Pcgp%2B9R%2BTMIrThMswmazHN95yB9LYtIxa0rCZd9kMYjPzouWt7%2B2ojJyDi1siXYUBgw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 12:53:31 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c87cb179164-FRA
cf-bgj
imgq:100,h2pri
138-221301-pierre-emerick-aubameyang-2_700x400-300x171.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/138-221301-pierre-emerick-aubameyang-2_700x400-300x171.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d3f8b7466479b2c40a3dfdc1a28d38195bdc4c78fff4ae5e69e7546041409e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11941
cf-polished
origSize=10631, status=webp_bigger
content-length
9986
pragma
public
last-modified
Mon, 15 Aug 2022 12:56:51 GMT
server
cloudflare
etag
"62fa4293-2987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbX72NlQHD7DLm1G72nlFTP8OF2CvBZxwIBWie8avrwPaI7K66y2aDW3BHzBCg0kX776NnATCAdEJFdit7JtkfyPyM2VhqU2njXFkAUgWLF%2BrxdPas4%2BedeUqUVwDcwdv3F5lcJOfJG9c3eT2UI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 12:57:43 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c87eb529164-FRA
cf-bgj
imgq:100,h2pri
GettyImages-1368962653-Copy.jpg-300x170.jpg
kooora4lives.net/wp-content/uploads/2022/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.net/wp-content/uploads/2022/08/GettyImages-1368962653-Copy.jpg-300x170.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22f73f8a886438e89bbe9513cc07fe9fbc038b63117ac55c58c6a039fbd02ebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/home5/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10831
cf-polished
origSize=9250, status=webp_bigger
content-length
8683
pragma
public
last-modified
Mon, 15 Aug 2022 13:14:01 GMT
server
cloudflare
etag
"62fa4699-2422"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2Bsfx8H4GiMHs6GlF4GVZuJXUT5gRG%2B1XE%2BEQgQTkQrLg7Y2kSylBPEtdghOz6UGySYRzcM9cwQdNUF73LaMSSpbuZ%2FJpy51q9e6%2BwEnLgh9iRb3qFMqbiZCRsIvm8ZAJfNO3bcQdt6o%2FWMPlfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Wed, 14 Sep 2022 13:16:13 GMT
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
73b33c87fb589164-FRA
cf-bgj
imgq:100,h2pri
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1257922158&t=pageview&_s=1&dl=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&ul=en-us&de=UTF-8&dt=%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%8C%20%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=103662057&gjid=1341661495&cid=1976694.1660580205&tid=UA-150096121-1&_gid=1491330722.1660580205&_r=1&gtm=2ou880&z=1318411499
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4625840&@f16&@g1&@h1&@i1&@j1660580204907&@k0&@l1&@m%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%8C%20%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:86382524&@b3:1660580205&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fkooora4lives.net%2Fhome5%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
4d10740b06b07cd1827829b128d21765c7929951fc8c603f2dfa4e51bb51c696

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 15 Aug 2022 16:16:45 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
hbw_master_561849_14381.js
player.aplhb.adipolo.com/prebidlink/x461272/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aplhb.adipolo.com/prebidlink/x461272/hbw_master_561849_14381.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/wrapper_hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
51ec9422eecc62d3a9be404ca2035d02c21a378e7790c24e5be14f22b5660ad6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 15:34:42 GMT
server
nginx
etag
W/"62fa6792-15b67"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Mon, 15 Aug 2022 17:16:44 GMT
config.json
player.adtelligent.com/exchange_rates/313490/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx /
Resource Hash
29b763c86cde423f25cb897c794bc469c2c475bdf5bb4211896e6e0f47c097fe

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
last-modified
Mon, 15 Aug 2022 00:02:13 GMT
server
nginx
etag
W/"62f98d05-2ac7"
content-type
application/json
access-control-allow-origin
https://kooora4lives.net
expires
Wed, 17 Aug 2022 16:16:45 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
/
ghb.aplhb.adipolo.com/geo/ 		143 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x461272/hbw_master_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8e4dbb1fb608ae3d59dac5806cc90aa10e1113cfbf61e07c46b2dc1564245c1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://kooora4lives.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
143
tracking
ghb.aplhb.adipolo.com/adunit/ 		43 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=561849&site_id=14381&pbjsv=v6.25.1-c&full_page_url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&adid=uykuk2.5l&features=81952&vpbv=N077&tte=257&lifecycle_tte=2627
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x461272/hbw_master_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://kooora4lives.net
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3542724981462181&correlator=970539442987450&eid=31068924&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_970x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=2911869608&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580205029&lmt=1660580205&dlt=1660580203756&idt=1013&adxs=315&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=0&ohw=0&ga_vid=1976694.1660580205&ga_sid=1660580205&ga_hid=1257922158&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f473e2e27bdd5445f09bd1bf319e1c05f741746dc47a2a7292602eacf02d5ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12439
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3542724981462181&correlator=4335487346329382&eid=31068924&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_970x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=2&adks=3293583545&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580205033&lmt=1660580205&dlt=1660580203756&idt=1013&adxs=315&adys=158&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=4&ohw=1100&ga_vid=1976694.1660580205&ga_sid=1660580205&ga_hid=1257922158&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b709afb372809319f70bc935339698a4e4ca0c460ee9dc1c909dc3011481242e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13328
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3542724981462181&correlator=1497355296240204&eid=31068924&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_responsive_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C728x90&fluid=height&ifi=3&adks=2225463183&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580205035&lmt=1660580205&dlt=1660580203756&idt=1013&adxs=650&adys=860&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=1100x0&msz=1100x0&fws=4&ohw=1100&ga_vid=1976694.1660580205&ga_sid=1660580205&ga_hid=1257922158&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4c60df5e98d693ef7d48c926bf05344d394820eae128ea5d4c6dff72f00ff790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9380
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3542724981462181&correlator=534332446237472&eid=31068924&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=21715635079%3A22630893834%2Ckooora4lives.net_336x280_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=4&adks=3416689057&sfv=1-0-38&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580205038&lmt=1660580205&dlt=1660580203756&idt=1013&adxs=632&adys=1748&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=1100x66&msz=1100x0&fws=0&ohw=0&ga_vid=1976694.1660580205&ga_sid=1660580205&ga_hid=1257922158&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
22ff64cbb8c7f9fbe375621fbae4c9aae6755c6142d876199b5cd166f9381862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8400
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		135 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3542724981462181&correlator=2049768443926769&eid=31068924&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=7047%3A202189885%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&adks=2406971207&sfv=1-0-38&ists=1&fas=8&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580205040&lmt=1660580205&dlt=1660580203756&idt=1013&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1976694.1660580205&ga_sid=1660580205&ga_hid=1257922158&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9336ed3d7868015a47fb34ba7c7c90c80f50d8b12225dfc4abce2cadb97bb906
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40763
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3542724981462181&correlator=1427507131705408&eid=31068924&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=7047%3A202189885%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=6&adks=4012738480&sfv=1-0-38&ists=1&fas=2&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1660580205043&lmt=1660580205&dlt=1660580203756&idt=1013&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1976694.1660580205&ga_sid=1660580205&ga_hid=1257922158&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
bc65cf6fd1de3844f8917ea965dd4b2cdd2155b339a0069237abd91bba18a607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12321
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c73a5b20581f204d18eeed84fb2bb4f4e955b1d9b410135ef37b29a8340a2c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11122
x-xss-protection
0
container.html
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 12DC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:45 GMT
expires
Tue, 15 Aug 2023 16:16:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022080901.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022080901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
43e08bfd6875e8d464d705bd0801528ce3b2138ddcebf2f2b969c7c7b0326f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 10:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13586
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 08:35:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 09 Aug 2023 10:42:53 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 16:16:45 GMT
c
prebid.a-mo.net/a/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Mon, 15 Aug 2022 16:16:45 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://kooora4lives.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=48004961637
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
03912f378f86c12ea02d7f3cf7a8e10fd6da5df7619ab63d0699c421484d8b0e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 Aug 2022 16:16:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
eb1341db-459a-4efc-9c98-8a1364c64f7e
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kooora4lives.net
date
Mon, 15 Aug 2022 16:16:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kooora4lives.net
date
Mon, 15 Aug 2022 16:16:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://kooora4lives.net
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		25 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
51aa81faccfbbf6a4fc2bec76bb4babfd40ddc1cf741b73cbf6ee5b06a0021b5

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 Aug 2022 16:16:45 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://kooora4lives.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ib.adnxs.com/ut/v3/ 		115 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ddf761184bc9a6142fc2a021134a7c37e1a54863fc0d3178ace17de73169d8bd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 Aug 2022 16:16:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1aaae179-84c4-4cff-956e-d9b8e0675d0a
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=99778173662
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ 		328 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=80e2029a-abdd-4637-9daa-b97343fe9c30&l_pb_bid_id=31956cbea40aefb1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.526085514563432
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1c16bcbbcc1702c52c4fa4c374c48f111fabf012e30ba556dccabdca3129d2e1

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
328
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		328 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=1a965489-9472-4600-a70b-4ef714f224e3&l_pb_bid_id=32044a5f2348beff&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.03473799729499549
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
762ced6ac749175aabfbf445490de73743d8e728b094a1132efde6bc3ff41312

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
328
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		328 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=9224bd0a-2325-4d8f-a848-43f24c866cf7&l_pb_bid_id=321e16b31e60a416&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.3106320806779055
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
abb0206f3e773a71b30b0f6990bb337cf82016a0caa37d942ab99f717d8cca56

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
328
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		331 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=dd4d17b3-fdc0-4304-afab-afd356be6072&l_pb_bid_id=3222908e3198ce42&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.7651073358705658
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3541a14008d02321f624900172778cd8ba2700ee9b3b10554564d373e346b903

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
331
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		331 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=e4f67ff1-f6db-4614-8d3e-faabd5b571a0&l_pb_bid_id=32348038900c07f8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.9083077185152486
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ac67015cb3ca96f5e11d6a661c1c29879a1784fda0bd19bb6a213896fbd6b0c3

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
331
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		308 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=43&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=c961a80e-ab0c-4428-a438-1fcb79466d2d&l_pb_bid_id=324823045c6763e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.7156788839172876
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8672285aac8c7b5d45db408aecd5667489593fccfce479dfed78e6ff546bec6e

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
308
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		329 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=9&alt_size_ids=8%2C10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=49ca0a55-0686-419d-aceb-26b969fd4ad9&l_pb_bid_id=325d2523e30c32f9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.9062484168965415
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c0fa2f21c8e1c0510b7777125ce974909bcfa976966b539844fb618c763fb1f8

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
329
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		327 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=d25ee607-1ab3-4ffe-b6c5-1d0254fdbdde&l_pb_bid_id=326683be070b367&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.6271402762599076
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
81a715a005dab92c5e151eb5760ee6a14377f38a39257e600320f8fa3d7a36cb

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
327
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		308 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=e88beb22-777a-4749-bbe8-f65848bc2a51&l_pb_bid_id=327fb968083fe07d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.5306980314932623
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4cc51fb3fb598540ef85748a190234e98b80cdd522f4fdfafb8b18e2302abc6e

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
308
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		308 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=114dc46f-3bc5-4e1c-8181-3e8da1a396ff&l_pb_bid_id=32846f84faaaacd6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.17810249832044156
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bb9b14d41c6b4f0f348a5401c40bd00361561e6712c997e561293c2d75ed115f

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
308
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		308 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=57&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=18b9ef36-02d4-4586-a773-6737fdbeefd6&l_pb_bid_id=329da3d1ecea71e8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.5160517908377562
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8282e50a4d12b5455a3883369514eccbf5e3b3d816379d50234e72d432271589

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
308
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		327 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=9e1bcfd4-2606-4fd9-bd72-b586eed29405&l_pb_bid_id=33011c1991a090c5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.7931120854535181
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6650f4c535db13b6643e25c473e0ba1858fde8e5b37129ec23068fe5fb2604d2

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
327
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		329 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=80e2029a-abdd-4637-9daa-b97343fe9c30&l_pb_bid_id=3324680a2f44c6cf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.5705934599988225
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e9d89b28ee52b9c2c406ad9b964191c6b2c67272a356743076a0a4750c91f1f1

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
329
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		329 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=1a965489-9472-4600-a70b-4ef714f224e3&l_pb_bid_id=333866a21db1b4a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.5775663604731722
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d972ba62fd9b9e40319720b47746fe52a23d877bb06a017b5e0f98c8e36d7e6b

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
329
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		329 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=15&alt_size_ids=16&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=9224bd0a-2325-4d8f-a848-43f24c866cf7&l_pb_bid_id=334aab6ead4b8135&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.8628586368527587
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
25326005a57ce31c6843057f3f91d2da94a8e61e46c734557cbd7f48b49bc8db

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
329
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		332 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=dd4d17b3-fdc0-4304-afab-afd356be6072&l_pb_bid_id=3351facfe66e0465&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.1905272602915422
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a5058b99711c8d31df84c692eb21b0a93fb30a143ab3617bd9ef02bd6c3631d9

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
332
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		332 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=43%2C117&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=e4f67ff1-f6db-4614-8d3e-faabd5b571a0&l_pb_bid_id=3361cf2b553d1f6d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.07973520096331987
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
80bb69741db448f3b58f43aff2b7e77c86d9a5816accebb8a7d9349f5869e007

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
332
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		309 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=43&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=c961a80e-ab0c-4428-a438-1fcb79466d2d&l_pb_bid_id=3379e9fe33b83534&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.08761516819951876
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4df8c7b50d6971f55f7871997915028ac4c5c66d72212bd8d5ff8b8db1ed8483

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
309
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		330 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=9&alt_size_ids=8%2C10&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=49ca0a55-0686-419d-aceb-26b969fd4ad9&l_pb_bid_id=3384441278c5861e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.5388208087321986
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
58d20b395498a512b296d794230b903cf34a2c6bb1f825f4acb0d25f0ab051d2

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
330
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		328 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=d25ee607-1ab3-4ffe-b6c5-1d0254fdbdde&l_pb_bid_id=339dce1e60c7e9f8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.9691181664924546
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
40e626a14b6e8a49477187edea06e113acb39707c4cadb38270c1aeead71632c

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
328
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		309 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=57&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=e88beb22-777a-4749-bbe8-f65848bc2a51&l_pb_bid_id=34078a637c00d744&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.8828025535174802
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1cebfb002bdd137fe890f3ac723fa39d2b3f6856b423aca145fb2da70f0063e4

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
309
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		309 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=57&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=114dc46f-3bc5-4e1c-8181-3e8da1a396ff&l_pb_bid_id=341e2a34c8dc99ef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.796128013244914
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a62e9d9ac894cf125dbc3ec1a55f9e6ead5e47d27d64dc5ca96dcb936d50c009

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
309
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		309 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=57&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=18b9ef36-02d4-4586-a773-6737fdbeefd6&l_pb_bid_id=3423a41f74089826&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.7962128975866307
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2cdfcf80dbe653df2e03e8c4b5e0acc233a229248a950a0468ecb48e96250937

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
309
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		328 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=9e1bcfd4-2606-4fd9-bd72-b586eed29405&l_pb_bid_id=3430756cbbf68381&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fsticky%23stick&slots=1&rand=0.9456667835123065
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
40b3a46475b825182ac5d1b4f2af94645a23a5b6f7a71add8740c105135aa074

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
328
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.25.1-c&referrer=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tmax=2000&gdpr=false
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.201.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-201-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt
x-auction-status
7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kooora4lives.net
date
Mon, 15 Aug 2022 16:16:45 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
arj
adipololtd-d.openx.net/w/1.0/ 		173 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=80e2029a-abdd-4637-9daa-b97343fe9c30%2C1a965489-9472-4600-a70b-4ef714f224e3%2C9224bd0a-2325-4d8f-a848-43f24c866cf7%2Cdd4d17b3-fdc0-4304-afab-afd356be6072%2Ce4f67ff1-f6db-4614-8d3e-faabd5b571a0%2Cc961a80e-ab0c-4428-a438-1fcb79466d2d%2C49ca0a55-0686-419d-aceb-26b969fd4ad9%2Cd25ee607-1ab3-4ffe-b6c5-1d0254fdbdde%2Ce88beb22-777a-4749-bbe8-f65848bc2a51%2C114dc46f-3bc5-4e1c-8181-3e8da1a396ff%2C18b9ef36-02d4-4586-a773-6737fdbeefd6%2C9e1bcfd4-2606-4fd9-bd72-b586eed29405&nocache=1660580205334&gdpr=0&pubcid=4a21c4cf-3aac-417e-98a5-3437ccc70679&schain=1.0%2C1!adipolo.com%2C620a5acab6e80f22ac327b74%2C1%2C%2C%2C&aus=300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C336x280%7C728x90%2C320x50%2C320x100%7C728x90%2C320x50%2C320x100%7C320x50%7C120x600%2C160x600%2C300x600%7C970x90%2C728x90%7C970x250%7C970x250%7C970x250%7C970x90%2C728x90&divids=div-gpt-ad-8176806-1%2Cdiv-gpt-ad-8176806-2%2Cdiv-gpt-ad-8176806-3%2Cdiv-gpt-ad-8176806-4%2Cdiv-gpt-ad-8176806-5%2Cnativefluid%2Cdiv-gpt-ad-8176806-6%2Cdiv-gpt-ad-8176806-7%2Cdiv-gpt-ad-8176806-8%2Cdiv-gpt-ad-8176806-9%2Cdiv-gpt-ad-8176806-10%2Cstick&aucs=%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick%2C%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fsticky%2523stick&auid=556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515%2C556544515
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f7e5a376db6bd81f33e6d347fa0834ef6a64ed844233f593f9b2930e071ee526

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kooora4lives.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d8c034489d224966983975ac2fad51a4e90bba2e0b0519276b73455abc205f83
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 Aug 2022 16:16:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
42e4a689-ef43-4ed5-8929-931bf01b49d3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F71B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2216
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 15:39:49 GMT
expires
Tue, 15 Aug 2023 15:39:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9AC3 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
86f00d426a97fe13ce9b0eb570e10126e62b7b4181ee7de1f12a1d3c1b7fa8b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aQfhs886mk1C8iRdyA61sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-aQfhs886mk1C8iRdyA61sw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:45 GMT
expires
Mon, 15 Aug 2022 16:16:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB98 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:45 GMT
expires
Tue, 15 Aug 2023 16:16:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B789 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:45 GMT
expires
Tue, 15 Aug 2023 16:16:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E6E3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:45 GMT
expires
Tue, 15 Aug 2023 16:16:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012207221643000/ Frame 1203 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61462
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"006401e583f0e23c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 1203 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5196
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc8caad49b08d8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 1203 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28864
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14e9be8f3cf5efda"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 1203 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fcd376918b45715d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 1203 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12959
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fd6c62727a90c1dd"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
css
fonts.googleapis.com/ Frame 1203 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 15:18:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 15 Aug 2022 16:16:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Aug 2022 16:16:45 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1203 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 19:56:11 GMT
x-content-type-options
nosniff
server
cafe
age
73234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Mon, 15 Aug 2022 19:56:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1203 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 02:56:51 GMT
x-content-type-options
nosniff
server
cafe
age
47994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 16 Aug 2022 02:56:51 GMT
l
www.google.com/ads/measurement/ Frame 1203 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0JXOj1dCZhUjjvzcGjoXUXPp64dX5p9tbe09doPmhpgQ-kN2ARf6wDHSCwX0a9eS0KpJGU1QbMVcN-JgeL32U9ChEVg
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1203 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-ErubXH6Yp3tBZHAgAfMlbAo2vbJl2i_yK-svw7Mx5qm_QgQASC9z4ZoYJWSoIKwB6ABsLqh1wPIAQapAhKWyeLXHrE-4AIAqAMByAMKqgTzAU_QIHkBUZA1zXIAP75E5_Iq7XVxWbwCkT7Yquu0DZw42yOmi0EGiQ3qsTUtJwI6-g50daDmBdgpkIQh7vAvi1hD59N6G0LULu2PKztxKyucy6fjIsTfbcNIF-0JbtQPNk97indqXhnRsO1fkcHjvXfLb8vPJiy1Oiq919XjRsCvsNU-XOEIGXrMmtsFFCNPwAUptdQoo0QjKsPYpewe-2Dl6fHsWJGeUCY1oGYmM9KSOrN9KerQfr7y-AmxhncO3y0KQG_5tN_uqSA5Qb73I-Iatuky8igRzgd2DOOr0Rpx49gnyQUIk_d9HOKBILY8DO4tpMAEyZipquAD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQ7uFC0ggSCIjhgBAQARgdMgOqggE6AoBAgAoDyAsB2BMMiBQC0BUBgBcBshceChwIABIUcHViLTkwMzUwODc3OTI2OTI3NzUY4JBt&sigh=2M6Le3Q3WsA&uach_m=[UACH]&template_id=493
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
17120532058471561238_167768198777420005.jpeg
static.doubleclick.net/dynamic/5/74695522/ Frame 1203 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/74695522/17120532058471561238_167768198777420005.jpeg
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e5cea11d89879256ceb7fa6b67d30d98e0357d89a171e21304ffb627aa2c6a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 10:19:20 GMT
x-content-type-options
nosniff
age
280645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84603
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 07:46:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 12 Aug 2023 10:19:20 GMT
624907996767536446
tpc.googlesyndication.com/simgad/ Frame 1203
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
  • https://tpc.googlesyndication.com/simgad/624907996767536446
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/624907996767536446
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 08:12:04 GMT
x-content-type-options
nosniff
age
288281
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 09:00:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Aug 2023 08:12:04 GMT

Redirect headers

date
Sun, 14 Aug 2022 18:59:23 GMT
x-content-type-options
nosniff
server
cafe
age
76642
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/624907996767536446
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 13 Sep 2022 18:59:23 GMT
truncated
/ Frame 1203 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0431cffe9247b5ff61fb5147852361e0188f6ffe913c1d9fe9331f8ea15193f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012207221643000/ Frame 4E78 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61462
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"006401e583f0e23c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4E78 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5196
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc8caad49b08d8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4E78 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28864
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14e9be8f3cf5efda"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4E78 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fcd376918b45715d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 4E78 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12959
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fd6c62727a90c1dd"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
css
fonts.googleapis.com/ Frame 4E78 		6 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 15:12:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 15 Aug 2022 16:16:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Aug 2022 16:16:45 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4E78 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 19:56:11 GMT
x-content-type-options
nosniff
server
cafe
age
73234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Mon, 15 Aug 2022 19:56:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4E78 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 02:56:51 GMT
x-content-type-options
nosniff
server
cafe
age
47994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 16 Aug 2022 02:56:51 GMT
l
www.google.com/ads/measurement/ Frame 4E78 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3Sv994ri0kmu59qEqnbcrKKknlrNME6rSdH5hTnuQw2PZSrfca60W3NFbWphoqI0kYN91EDavYwAYZVc9Qn-d2mJDOQ
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 161A 		640 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhjCuPfOATAB&v=APEucNVj2DoSo_ouUie3Cdd-sQ8oef-mGCDCi-HTcOBR7VApeWhgqdpo7976f_j_cyY9MfNZcTeIlVnr7af0-ZObJBoUv5MQaH24_GDGU7zRyQ1RnbpsTb0iFP6Lim53bb4hPyluRPEABzIoJkM1Hm5OKYLCRh8ssat4Hkxet0zLTWBd4-p-hg0
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:45 GMT
expires
Mon, 15 Aug 2022 16:16:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EB98 		83 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-JXryAAJRG6dm2Eq7cUC9zBe_jY56JFaqNIjG-s2rW005n7eHAXcOOUrh7FRrMN6RqdYSzqCml7R7jJ7Z8sDmQEXkkDrQ2HSyt15oyBKB6PMwzNQeewYy0V0CeIHjydRvHOsNawkXT69YnH5m3TVSj4QjFg&dbm_d=AKAmf-BhySgCr3CdmtyOHSsso5Cd_Ky8tsrAaqberDWIbL25wRnSDQS1J4GxNZBe_0R5pXriq3PWj-StlGcNY3W1t3iZudCMTTUN_bQ0ZMlumHhppltYs_uPwQf2pMzpzMjY6nD4naikjnpoZbhtg6O5s-1UmJH56qst9NM6pL1DLOzYAw_xT-lWRKNJElSTqII0gX70__AB1j9j6ayiT5yFsC04FzwKERmETuY3UK1RJUjkSMSeM3YNXqfNVO-nigKLPIRpvYfnq0c77TctJiX1xpr6SXtq_UVjm6ZltRz81NV0ght5s2NtWuQRQvdifB9GN9Vvuc4CSFv7f7USmc5ic8GRngijJNEGgfyp6EWLoqqF0T0xCgsPd0iSV7-MeA66SkD6DCKIIgQ9dNFlsnyHyfSp8R8Qkpas31aWGbcQGzdeCfiiy-OZuLzSa64Kry5aOHrY6l0NC2w6W6IhzNYOh9nqc1gKKOT3DWOSve5KPYGyjyYEHBD5cunP06uqq2HXcXXXLSjbzYiAzGeYAxT8cj-tB4MB0yl7eTgFEctpyo_y0Mqs_5CE1i5pR6W-2OVdVAV3pFJenZvdophn7XEMhG4jJsLNZ_Qdw8GtMvN_hdOSr_5DLZI0O70go76aDjEGZF9RmZwjvD8SjvBjlZsBuPeQSkTPzK1qFs_gIXROJ-pWIwyX1xIFR8n8GIClvR2tub4MHM33p0lx2SWPQC_q96HiDEH690BWT2ZCdnWSFmHKDm1j06whHSzYkcJA75aYV9bfNaPG7Mfs3KKozuuM3T-3vRKJz9G5qFRndIqCetUWzgoSjsdpLRB2M7mqMF4QaZtd5EL5omoUqPGkjDM_UW1z0ktqvlObG-5zuJCsMfk1YClBuL0tnNYTZLJ6WzsApHEYBO2IYPhbW2wZvTbVArjXS-vvnSSEfN4iBOdccCP5K8jkHbkK1WtT13tygz18Ti2vetmR7WGTAyuUiBUTtdEJjfNw-ZUlYmeDNbTA5dXe33Ux62w0y9agdNMcRY9W-FmRuwVnReVSlOIVJtN_nqi4LufxJko0jnqf33rM9KkU3M8jsBpvYGHB_C9a5cXd5lxnhGUjPoYiwbFGeAbGYRkUEOFriE4nE09xOwIWDl16spdQsMS0bzsZxZy8YIxj0kxYXio84jotlrukFp3LTgUhAzeHowf1zbBsigkneg6XBg46xxim8VryF3PfQrz5whz7VJnPwJrnI00WFr87065ej7pKGNF-a-3k1Y8lhZtQdMZXrE2LA7oZ_EbOPF88_2VBBb_i8q2PO1UmlPOXrA0IhkCVLwoITu6lnom7a7mHX6UJwy1RR3IiSJPALot4bBHkA88X0omV6F2Um_yiymZS_CEbnEOvAhn6rekYpYtJ1H6rjAUc6fvcKCaURQb7nYgCL1S76VocGHrFZCkEjtuXDrzf6xJMBggkjFHBdtPytP6VgxgyAV_JsYkpcRB0wZH8OUlnq9w8g3PJo1YkJpMKscZuRr0wh0msxSD7GMO1j9gzYs2RIXThlaVVutl8mnOprvdzFjpZ9w1swiZ76XMHHaiOuTJdwWhBOJ1DoxQ4cuUMykZNEk88kSudXn08Nias29PI0baGyPwFnINe6rOvLPZejNseoZ8e_ctYe1Lor2HTuS45l3NL7JLg-V9bDn8SCwrjhSRK-cdMufknP9UVMx-fix6yLtP3mss4j75yrPffFp-YyXvpNCTlVpuJwbbDDv3rxu43z8s5RIbd1t_3R0Ul7b53CkHG8SWYo2LtadNXdrn6eed5eEqjr8_82uxE1KiG2SN2Hh3niyi5ZqTx2HH3ZDpdohxo4SDN2J2phpa4FEGKCkGHM6zB6_cH0JzoHjYH4d6krM0xECYslVYs1cRCEyHCiGkcYit6iguLRaFAJgDU-V1riesDBohGhb-rIBXI8oI37fgmY8MqJOWXv0QvyQHiBrViUi5HB8kciUnZ7yADYqJfdQREj3AIMHwcYhxHQtvUu5ZeY54xleNVu4CvhFvJUAOuA8HmWc76UWS5ijsqsa6epW7T7MDCq6_8R-sGuMtB4GvaRfS7wweReeaM6QKwwl02qvbwJTQ-L4qUiiZXc6TkZzZal03a7BZ_yVSdVrG1DHrL6662Z3RebcTZBccPxIc7dOIn-Iag0ty_pIB5Pk5kQQXbeKzyUfRkUi7ua_fdys2rOIokpx25iOCAkNHZ5SxtOqw5C_0uAn-pukC3EFFizuf07ZzlUEJVp1SyvJLVAIVWfROKsDoX0wCkyC5t9sLAqsuaED7cIBTOkS2AsPOcoGap0r1zXSnR7Hp1PglEuHq-YvTK46FtKQ-BntgCZefNM_AMgNnuetnlCBHrmz9hRXZNKSZh9RV9JUuYCg4B_ivU2CEa2fkkvDKwlRTQYFoTrpzd5lm5be25gQINVBPT2mmIoPmfxw2NxiChJyaHISYOkY1L7CbFjmZ5E0YQyU5UgYw9LyP0hlfTu7M7inQBltwgG8CPoAmiTNCPmDxp6LA1fhxfC__PSdktWQR_zskV2_9T52vtf5Al_UyF1PXEwGN0xEAj6wezG31Hx41hEeTxF3-MbBuj-E9rzZn_YeBlcuL-wVkg0xM4O-txjWrNLpK88uzdZYc7-VYb-thBAuu57C6ELqD_MCzsLDwVBKiMtwBydspVSikWdtvoQNyfsEWnin1JBFX7Y3ilc1dp15bpuXvHixlIYrKSdUsCTs6RXAninV7fMn6UEgKqL0VBJkHjrLbNbvWNZJEw1GQsaQV16nEexGS2iKZNYk2ANVKwLdt1DWm9PomwZhZib1VeP6yBgptQlBT3hr21vGgkRuQyRn9e4ywpfaafbave1-pLDFjtRmvo11Nq5OrKwgRk0bR5kAfbvSwrJFevZHza_Uq-J0NX2PnjpczTfoo3Bo-DdnG2-58-gSloMxIV9jk8jusTgpix7HIxOtwgH9p82ps6FLNDNOhewmb28KfwaQ6O22sPWfMwAHddtyAWZZhppcbXMN-d3uScdZgZv9lmQ9jCmqAgywIkeE9R6ONnWjwBsqlR0r3YnTyj05HZRCTuDfgYlBF5ZCoFnTUXytrE1NVVl0FV92y9QVZSqNlzAt7n4v201S5S9iblmRGocIAk2ByL_BitAy8P_ljAJ-T1ZorDQJGjShC7oJ7SJeYrp0NUPuzvp8eWYt_SFxk1YdLXKN8ITjI1kZE1FYcRjVDN4_8GjYG7xLYZAhrstCvAF8b_eb1nC1zM20dVPhl645TV_O1rtuxWCHM_DNJPKi9a8aYauhT7ELH5drqeml2JCicl3Mmv8bOrJiJtAiyh-_MLM6jwBnIvVTDVM8DDkOdalayZTQ-ptXvjfEXN1P_5f41Izftn27LChhE_VOItCg-7SL8HQ_vXwnd2VqnBMr58qHSBCXXNxwEE11JTACNHm7u7aVHpFxXvBscBIoBM-YBomkR3sjK_C2_XXHwAqYFJD4B0dAlLBieHcBL7_s9Lvdb8LYoiicU1yjVHVTGuw7kPV5WvE83s7WnTa9rrsil9tXgChhIapeQX29hCBjawB3EokW9md7G5uoNaXaXxNvA3h_liByPRExIOFYcf6g4TMal3WgUcF2SVk25ByWY0LGO_hJgaYdkzgXUMJrfeyJHmnKe0RFg-iBNMOhckvB9sMTXwK3NPIz_y7d9hmqwv8Q0Pa4aiGsix65ZC64simDPiKp7oJ5lPTiCDo95H-21d4fZ6OIg05mvFGq2GgFMdO26opjcg3wk9TOivhgSEg_n9O4e3itW4GYeBrq2r&cid=CAASJ-RowZyLGAhYLsjmY0odEe6sb13eoTyDPyLiL1HgYWnIUtdhs3S_JA&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c09540d1e35176156b7ddad95ac7951d53aa7323bb98a2c3752a2b06de41edce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34758
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB98 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMSODGqHW2KNm82edFGqTiu4TWalEaPu1ESwJl_IwSzxt8EbS1A9AFAdSFyEGa43BfggPPWUtKjqR8FY-SGgEnCJupK27BPKyRwZnVvjdqkaFWMkQ
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame EB98 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:13:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB98 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 16:16:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame EB98 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:48 GMT
l
www.google.com/ads/measurement/ Frame EB98 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpaYgg30YLxofxk4DooC_UVgt3hd8pYTespBcU1meAVMFrvcLIfbvR88_JoiowFX7gAIvzvHu4tTUa9BzHQnUe5S4h3g
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8D70 		624 B
838 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWOf6WiPgN9Jbk5GDSYti5m82Q6o8h696i-BT3tH8x238AjU0uzx7huXKHbWj96qpcVeMiSzqpSA06Do34XkeEnVTkStUgp6qTUd_HxswGc1lgudqk6OSlDaPFVgCl8t2gxhwEOMqk7fmqr3bt1rGOIvWLOJQntFLMVZOq2pLh5Gxc6e3E
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:45 GMT
expires
Mon, 15 Aug 2022 16:16:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EA4B 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0GPFblk-Kfw8cBWdX7me65I-NthrjlC7kyouekJu0QL6L6GeC-SF_z1cjnAJHkB_xxhHB6wSOAEgsq_rTrVgcxCVQwlMRcnjnkhR-hR3B00H04NKVb1aO-26LmFNgLc7K0Vls-g_RjmRuJ41K3pAGwnVIKw&dbm_d=AKAmf-Df2EToCC3JlOMwftIpNI9_2VsuokzfEsE4QGLHHBjzwKtgCD715Rd5E8Ggn91IkRqp-msqgBqm0CGFlx8aTDYT8-Jue-afb2-sxzya-GMkFnJ0CFA973QQe8rJwZRbyyD7-Xp0Jh8aEYqKYeKOZ2sDiVpq2LJ0kbfoI0EMIXq5uqKBb1-MCVZeDS0cg3S4WJQKhabBCDd9ScEe4jnww_sdD8UJpC7HKBBlUxPKxmPS5RkqeX8of-uPF0cd3vt5WlRSb7x59V_E0h14YHWO2s_itF-9Zo5cF6IcHNuJ9lbWSnN43PYoJ3voOQojOIlXl0Gy1OzbeOqoNQCQLjj1svbbNPVXnLqAG_JUD293CmGoQlCvaYkMqPOCdCQm9xK0rBZT6MRADTOmxhd-pNjIZI0O41bSA5abLBDq0ewSmV8Sf4mOsJqLbySruy_BnQAoVYu4HbCKxgvcpjS6wQM60l3RU1iv-0RdrW0mkbe8yJetKvagoOTvOSC0Qgg5qFOVE1xYcab-lhW0h0y-nvjfqZOqe2JXexq-XFlNN4J9TwTL3p3ArVTimOT14fsywLaawEG8Z58DUfOQDCf1Gb0Xc6gOUiKVKS9E0AcZ2lQDcqnOCueAQONZeADB2S_47VOKPA4aR0fEWFq8WTqrybnT8Z2dpuuMO93N8UF_sFN0xK2YUjNTLN5mR00XEf4Gn0RLk8hk4rZMeZI7mEhMHno0822hx3h4yuy_xWMeSOFifq2P3R657eZGnmPNaYS0MGBPaHaxhZHVwfiKbELpVGqNMumnl0--ZkOJg1A959uDsJItXO-3fBE-EmhQHTmgdJUNU5ZmDCvzmLRU9iD2nI-4KtavS8tE0kat5f8aYu8L1IXosBEYRUzBwpwKBYbXuRbA1BA2LibHmserrkjWN1_b9FiJtCXGdFqn-T-6tcFWmo7OgaKWoXOMJhiWmFk6Fr4w7GWJswwjYTvBkyeWe_VhjWxXTY7hApB-H_mFRAQwquw21k8onR0d70QFsrHB6HUZ6NQJTAY82sXLTL7S1fZkPu7E_5315MKQreF3eQaW7EK6XwoqPL-Zznaulr-uOsA-o5kq8boUDTZ1O7R-SNMVibus8K6vfgnzbmSrjY3V8v_qnGEk0XfZsztllLulom3K3SN5Ts1_wg1E6WGZRkzsoQDH3odpICOfhy0wa6rmBofFQZF_35slcwKPpAlnCCA3YOo1Aqhlp6T2AJT0zIo8-4pFKkYnAtocFISCHKNZWjWOF_sNiyfJNSNI13l3MjBn9KHu_gvfz70ln7ob8fV_NUT_-bcQD7GF06DcgnClv1LJcNH2GczBUKioha51TnmKv5iEZXPTBKDfgpT5dfind14MC6_kMTa37Vx6O7Fr1sirvF0IFoTkMx4_a78s5Zb-VwCmwuUZM6A9Q4Mle--H1xkQKTb-GrgSNPaMdpzjHKfoVQUswNOMg-s_9RHY4vvJXwLHPMNQusvJjk0fMmciQ0auMGuApSR_PIywRkw7iEA2ueWRqaRnlIJIye1AxNdPBDQH5a_uk9CMR-XQrub7ngIqGZTCYoGnQYVB-rV60yeblkBBnimaznUz56bOHQmqhV0PEtVD7B840pRgkdGhDCshuAgfUnUmt2kw_df4n5UNcQ5cre3NVLjWiJLFrUgTN5NZjl-JJ3vbnq1_4g1AlB1pdXfFQMMrV2SjjZgDU9X8IeRWXFrqZ8pMIeuaUcT4AI6NC5-nGD3OLf3zL6KFvlnZ9kMWh2JcWdzR6YYXt7FyNHdWNezmVcgXVcJAN2_-Vq3yLh3f59NB6hyZEZeJsGnm1IK_F6HqDO_LaP0zZZuRqbip_4LmvNeZTgUwQEQooyyhQeBctvUe2jtkk8z_1OAZopCH7mVwpnXmUIFRzOu6HQGWvWctwm8SUPNtELoHWsuHPf2XpcpLRoFAya8UQHrzOFDukPuAIf7D7hQAo0_1mk_INjzR4iULFUCEwD3Px0sAcL40V_OrIyBfBE7M6VQgx282s9YRJW1IuNjpfeV8vX9cwdKND0gqp7Ja1sb9wIN9Tg1nSapPZtk6D6L9U6819E--hvGkYNS5FcrAV9CtfDnF3GYBsXyH-w5b1dxw6XB5MVex8tC8kHCceaBQqgIvqn2Nq5JDU1NbX3xoKxyjJ7TAqV_cfko25n01xnxdqcJ2oGD7VmyO3IjtH4gUu8F-LuBbnNCSKZB6ewWGtPG1lxbkbzu9op8xzwMfkYg7Va1-b4rMc0Ohj_J7-3-C5jLgQWcgY96mUpHzEBL1f11JjN3ofRB6TUG1zfSZTyf2bBpWkorHHi9uiuwq7k4nSrfRjKEKiWvQEVgim8UE80yBDhbEcRZ2T5-Rcn13SbozwX-PTlJLnNdjs27B-_Sd7AG2NxnNNYoRsTAoKl1R4vQqtssqOu_uNgm9fUcHbOwrPq6-IU66pt8eT5Yy9U55URWgu1gH8LgAJe2UW6M8TE_aQfWp59knWN4glQcqdyc_vWmUkx1b5p_t21pR5yiFLB31Wv7YzBpiUdOO1ultLxsMCjuj5mY3cLtuJw2sWH9JP3JCgeC63rQnsvDbnHZgLokujttJBnqZqujun0WLtPy12URk21RE7AdAAiFYV89YUfXUFLtsfiANRqQUrIci7qvGNWr07SiMYJCY4Kyi7NQ0Wd3FTxqDBizelEbba214gbpJaslg6Biy7OzvfSNoGYNY2KqOwracKKzw7X5WoHwYp2NjBiVD2y9P7bLMe7HoXwn_12kP4uLrpVb3r8fNlE9hPV6RYTMASP0FfYbNCAqiSUDhK9T-UL92W-V5ijkkNSYc2ocHSB2PMm1wPbR8tiAD6C1EOND9ak8cNXMzTRWSR3K4yb7mw_EjKaGTEw8DO3ExmIy6aFb0DDGBnrPbcYOIr3yG488eZcyxxyfL9v6gfrNOjLSrFjSxKKfVSsOrkEmedFN0191e0KXa_WwwM2Tpw9gbbXAg-cINgfR8zvAOEJZz8Z71Om3Tr50M-ScxgJMMnfTBSwgqSYrcq12BfDt37E2gg_FEQupy3lHIubEOaw1-vwN8pAk6ti_kXiaVsEGlqQ-foQa4Rn-sqpTbuSbNTEWQoTtRD1KdBEz48k56Z8qdzUCgNhTKF0liBTqWdclVAgNPpPvTiNu1U7sxecSRGnx5vA&cid=CAASJ-Ro76yaVtVkqfkHWmmTRpffV1LBwkrR3bBFGCTMv9bgQW_yfOe-ZA&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d536311d78572132009c2371c9645d2ae080d998994484171fd0527ddfc5765f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35888
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame EA4B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:13:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame EA4B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:48 GMT
l
www.google.com/ads/measurement/ Frame EA4B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwi1in0UNEID-d3qfNRP9nBSMwXVifKpLCiP8u4sNNF6m_n2wA0d9-yGEIcuay6pH6HE9tfXHWZ6c7reim5clJCyoj3A
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA4B 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 16:16:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA4B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C3p4mIzQXUm2FQnI8Lg1sFDTyWT9K6n4L7J_CLtazORqVr9-708bPHH0I6i_YIKACM7Ueve6EcQa62A7iYDgQ0D-4ovgmqo9JX8v1ve_s4nu8YRlQ
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1203 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kooora4lives.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:12:48 GMT
x-content-type-options
nosniff
age
497037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 22:12:48 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1203 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kooora4lives.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:19:55 GMT
x-content-type-options
nosniff
age
496610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 22:19:55 GMT
css2
fonts.googleapis.com/ Frame E6E3 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 14:36:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 15 Aug 2022 16:16:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Aug 2022 16:16:45 GMT
css
fonts.googleapis.com/ Frame 03C3 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 15:11:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 15 Aug 2022 16:16:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Aug 2022 16:16:45 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 03C3 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:15:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:15:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 03C3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:10:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 03C3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:13:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 03C3 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 16:16:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 03C3 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:48 GMT
l
www.google.com/ads/measurement/ Frame 03C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0HFzF8KUj3tEkGEUlONiYN-7awAaN34lOjtIYOi5hRyBvcWqhlAkykRr_qZKuYNNQpV3CFs7ey_bhM4j6TkuXYIzTcA
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 03C3 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 05:50:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 13 Nov 2022 14:00:52 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame E6E3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8368
x-xss-protection
0
server
cafe
etag
14969459707636190018
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:05:56 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E6E3 		205 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 14:34:10 GMT
x-content-type-options
nosniff
age
6155
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 15 Aug 2023 14:34:10 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E6E3 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 15:36:31 GMT
x-content-type-options
nosniff
age
2414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 15 Aug 2023 15:36:31 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012207221643000/ Frame 0731 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61462
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"006401e583f0e23c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 0731 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5196
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc8caad49b08d8fb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 0731 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28864
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14e9be8f3cf5efda"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 0731 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fcd376918b45715d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 0731 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
604720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12959
x-xss-protection
0
server
sffe
date
Mon, 08 Aug 2022 16:18:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fd6c62727a90c1dd"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 08 Aug 2023 16:18:05 GMT
css
fonts.googleapis.com/ Frame 0731 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 15:11:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 15 Aug 2022 16:16:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Aug 2022 16:16:45 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0731 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 19:56:11 GMT
x-content-type-options
nosniff
server
cafe
age
73234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Mon, 15 Aug 2022 19:56:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0731 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 02:56:51 GMT
x-content-type-options
nosniff
server
cafe
age
47994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 16 Aug 2022 02:56:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0731 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C9hQ3bXH6YqGlBdSQgAfY67-QDvKM4oZrmoKH8_oP-PqyxY8wEAEgvc-GaGCVkqCCsAegAa-ZuJ4DyAEJqQJ1aG6AgB2xPuACAKgDAcgDCqoE8wFP0F5rm_Ppf9ne0iWlBnI1JVZh8PCZWly_6uo4CXXSrCcwcttaNjsl9knm2BEe87rLSz6G-GvtkBOO8vT6Olz3X1BGHfHg0dhnUNK-BMXauHc9jVvyx5PVDPBtGJGxGoO8w_YJIvg519OgTXVTNxQBuVqDr_9V8f9c8Z0-aASJs6dWm869uqra_r8HsSuUmAK2T29gCfUhCEwo2-r4SdNekongPF9rMGnt5fgLa4SOK9iDFT6sXNB4ajeTAQdBBnHE_MaFskD2Ume6tlHZXjbEvwyYWThI40oJpxvIPAm_HMZXiska07cCes6aDlhFaOwRtxPABJuT4Oj9A-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfIkdh5qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_8wl0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwKIFAHQFQGAFwGyFx4KHAgAEhRwdWItOTAzNTA4Nzc5MjY5Mjc3NRjgkG0&sigh=hTWVtsWy84c&uach_m=[UACH]&template_id=5000
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/14574904898815719446/ Frame 0731 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14574904898815719446/downsize_200k_v1
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
324df5d117a1e138320b145ee863862c09b3c359086380979059daa4962f4c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:02 GMT
x-content-type-options
nosniff
age
301843
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105632
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 23:25:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Aug 2023 04:26:02 GMT
truncated
/ Frame 0731 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0731 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0731 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e30968adc87cf32a62d42eeb8fc525e25ff13213a0b398c8bd0de110c3d25d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 9AC3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022080901&jk=3542724981462181&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 0731 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kooora4lives.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:36:54 GMT
x-content-type-options
nosniff
age
416391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 20:36:54 GMT
rum
dsum-sec.casalemedia.com/ Frame 8D70
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAN3XTO3JSwoGXwxD536sk&google_cver=1
43 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAN3XTO3JSwoGXwxD536sk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWOf6WiPgN9Jbk5GDSYti5m82Q6o8h696i-BT3tH8x238AjU0uzx7huXKHbWj96qpcVeMiSzqpSA06Do34XkeEnVTkStUgp6qTUd_HxswGc1lgudqk6OSlDaPFVgCl8t2gxhwEOMqk7fmqr3bt1rGOIvWLOJQntFLMVZOq2pLh5Gxc6e3E
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73b33c8ec8689b33-FRA
pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iQsZzimY6JsnQs8rSZO7hcvG%2BOb0x0SPdi3tymR17w1viu%2FlWYNOOV2s3Y7B7jhET4iDh0Z%2Fz6%2FrB7Szhxb5jMKKP6rousykuOapVbRtH9pGXw3Q5kgiJI9WZDy3Ab%2BrLJ9zMT70ygXbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAN3XTO3JSwoGXwxD536sk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8D70
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YvpxbTNHY8ri1u91sak5PgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAN3XTO3JSwoGXwxD536sk&google_cver=1
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAN3XTO3JSwoGXwxD536sk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWOf6WiPgN9Jbk5GDSYti5m82Q6o8h696i-BT3tH8x238AjU0uzx7huXKHbWj96qpcVeMiSzqpSA06Do34XkeEnVTkStUgp6qTUd_HxswGc1lgudqk6OSlDaPFVgCl8t2gxhwEOMqk7fmqr3bt1rGOIvWLOJQntFLMVZOq2pLh5Gxc6e3E
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73b33c8fda829b33-FRA
pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgyx9v13RxdxaBnREMxsnuHqBLeO%2Bc2B61NY%2BH%2B1dzzL8iOtjXf78WB8cLOb4phenOC7cDzaHTX8mdvBZ%2BI5K0jPlr6u1PJ84mSJ5m82YDK7lyjFJgrj%2FKgKzUthjddji0LHzt5QQmBm3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKAN3XTO3JSwoGXwxD536sk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8D70
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJ9OXAKczzBRM827UxKbtYs&google_cver=1
43 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ9OXAKczzBRM827UxKbtYs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWOf6WiPgN9Jbk5GDSYti5m82Q6o8h696i-BT3tH8x238AjU0uzx7huXKHbWj96qpcVeMiSzqpSA06Do34XkeEnVTkStUgp6qTUd_HxswGc1lgudqk6OSlDaPFVgCl8t2gxhwEOMqk7fmqr3bt1rGOIvWLOJQntFLMVZOq2pLh5Gxc6e3E
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
00a94643-be3b-4c29-9e2a-44f198c29711
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJ9OXAKczzBRM827UxKbtYs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8D70
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0ODgxNjM5ODM0MzQzMDYzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0ODgxNjM5ODM0MzQzMDYzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYse_6yAEwAQ&v=APEucNWOf6WiPgN9Jbk5GDSYti5m82Q6o8h696i-BT3tH8x238AjU0uzx7huXKHbWj96qpcVeMiSzqpSA06Do34XkeEnVTkStUgp6qTUd_HxswGc1lgudqk6OSlDaPFVgCl8t2gxhwEOMqk7fmqr3bt1rGOIvWLOJQntFLMVZOq2pLh5Gxc6e3E
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:45 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ae4257dc-346d-48ab-8515-9030ef3a7262
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjU0ODgxNjM5ODM0MzQzMDYzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 161A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKf-X8I4JFNJ2Dh_4_xDlvk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKf-X8I4JFNJ2Dh_4_xDlvk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhjCuPfOATAB&v=APEucNVj2DoSo_ouUie3Cdd-sQ8oef-mGCDCi-HTcOBR7VApeWhgqdpo7976f_j_cyY9MfNZcTeIlVnr7af0-ZObJBoUv5MQaH24_GDGU7zRyQ1RnbpsTb0iFP6Lim53bb4hPyluRPEABzIoJkM1Hm5OKYLCRh8ssat4Hkxet0zLTWBd4-p-hg0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKf-X8I4JFNJ2Dh_4_xDlvk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 161A 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhjCuPfOATAB&v=APEucNVj2DoSo_ouUie3Cdd-sQ8oef-mGCDCi-HTcOBR7VApeWhgqdpo7976f_j_cyY9MfNZcTeIlVnr7af0-ZObJBoUv5MQaH24_GDGU7zRyQ1RnbpsTb0iFP6Lim53bb4hPyluRPEABzIoJkM1Hm5OKYLCRh8ssat4Hkxet0zLTWBd4-p-hg0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 161A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOY-rnaQQniQCy2Mxnf-lfc&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOY-rnaQQniQCy2Mxnf-lfc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhjCuPfOATAB&v=APEucNVj2DoSo_ouUie3Cdd-sQ8oef-mGCDCi-HTcOBR7VApeWhgqdpo7976f_j_cyY9MfNZcTeIlVnr7af0-ZObJBoUv5MQaH24_GDGU7zRyQ1RnbpsTb0iFP6Lim53bb4hPyluRPEABzIoJkM1Hm5OKYLCRh8ssat4Hkxet0zLTWBd4-p-hg0
Protocol
H2
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 15 Aug 2022 16:16:46 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEOY-rnaQQniQCy2Mxnf-lfc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 161A 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhjCuPfOATAB&v=APEucNVj2DoSo_ouUie3Cdd-sQ8oef-mGCDCi-HTcOBR7VApeWhgqdpo7976f_j_cyY9MfNZcTeIlVnr7af0-ZObJBoUv5MQaH24_GDGU7zRyQ1RnbpsTb0iFP6Lim53bb4hPyluRPEABzIoJkM1Hm5OKYLCRh8ssat4Hkxet0zLTWBd4-p-hg0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.209.72 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-209-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 15 Aug 2022 16:16:46 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7784 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2253
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 15 Aug 2022 15:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame EB98 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Origin
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 09:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25878
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 09:05:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame EB98 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-JXryAAJRG6dm2Eq7cUC9zBe_jY56JFaqNIjG-s2rW005n7eHAXcOOUrh7FRrMN6RqdYSzqCml7R7jJ7Z8sDmQEXkkDrQ2HSyt15oyBKB6PMwzNQeewYy0V0CeIHjydRvHOsNawkXT69YnH5m3TVSj4QjFg&dbm_d=AKAmf-BhySgCr3CdmtyOHSsso5Cd_Ky8tsrAaqberDWIbL25wRnSDQS1J4GxNZBe_0R5pXriq3PWj-StlGcNY3W1t3iZudCMTTUN_bQ0ZMlumHhppltYs_uPwQf2pMzpzMjY6nD4naikjnpoZbhtg6O5s-1UmJH56qst9NM6pL1DLOzYAw_xT-lWRKNJElSTqII0gX70__AB1j9j6ayiT5yFsC04FzwKERmETuY3UK1RJUjkSMSeM3YNXqfNVO-nigKLPIRpvYfnq0c77TctJiX1xpr6SXtq_UVjm6ZltRz81NV0ght5s2NtWuQRQvdifB9GN9Vvuc4CSFv7f7USmc5ic8GRngijJNEGgfyp6EWLoqqF0T0xCgsPd0iSV7-MeA66SkD6DCKIIgQ9dNFlsnyHyfSp8R8Qkpas31aWGbcQGzdeCfiiy-OZuLzSa64Kry5aOHrY6l0NC2w6W6IhzNYOh9nqc1gKKOT3DWOSve5KPYGyjyYEHBD5cunP06uqq2HXcXXXLSjbzYiAzGeYAxT8cj-tB4MB0yl7eTgFEctpyo_y0Mqs_5CE1i5pR6W-2OVdVAV3pFJenZvdophn7XEMhG4jJsLNZ_Qdw8GtMvN_hdOSr_5DLZI0O70go76aDjEGZF9RmZwjvD8SjvBjlZsBuPeQSkTPzK1qFs_gIXROJ-pWIwyX1xIFR8n8GIClvR2tub4MHM33p0lx2SWPQC_q96HiDEH690BWT2ZCdnWSFmHKDm1j06whHSzYkcJA75aYV9bfNaPG7Mfs3KKozuuM3T-3vRKJz9G5qFRndIqCetUWzgoSjsdpLRB2M7mqMF4QaZtd5EL5omoUqPGkjDM_UW1z0ktqvlObG-5zuJCsMfk1YClBuL0tnNYTZLJ6WzsApHEYBO2IYPhbW2wZvTbVArjXS-vvnSSEfN4iBOdccCP5K8jkHbkK1WtT13tygz18Ti2vetmR7WGTAyuUiBUTtdEJjfNw-ZUlYmeDNbTA5dXe33Ux62w0y9agdNMcRY9W-FmRuwVnReVSlOIVJtN_nqi4LufxJko0jnqf33rM9KkU3M8jsBpvYGHB_C9a5cXd5lxnhGUjPoYiwbFGeAbGYRkUEOFriE4nE09xOwIWDl16spdQsMS0bzsZxZy8YIxj0kxYXio84jotlrukFp3LTgUhAzeHowf1zbBsigkneg6XBg46xxim8VryF3PfQrz5whz7VJnPwJrnI00WFr87065ej7pKGNF-a-3k1Y8lhZtQdMZXrE2LA7oZ_EbOPF88_2VBBb_i8q2PO1UmlPOXrA0IhkCVLwoITu6lnom7a7mHX6UJwy1RR3IiSJPALot4bBHkA88X0omV6F2Um_yiymZS_CEbnEOvAhn6rekYpYtJ1H6rjAUc6fvcKCaURQb7nYgCL1S76VocGHrFZCkEjtuXDrzf6xJMBggkjFHBdtPytP6VgxgyAV_JsYkpcRB0wZH8OUlnq9w8g3PJo1YkJpMKscZuRr0wh0msxSD7GMO1j9gzYs2RIXThlaVVutl8mnOprvdzFjpZ9w1swiZ76XMHHaiOuTJdwWhBOJ1DoxQ4cuUMykZNEk88kSudXn08Nias29PI0baGyPwFnINe6rOvLPZejNseoZ8e_ctYe1Lor2HTuS45l3NL7JLg-V9bDn8SCwrjhSRK-cdMufknP9UVMx-fix6yLtP3mss4j75yrPffFp-YyXvpNCTlVpuJwbbDDv3rxu43z8s5RIbd1t_3R0Ul7b53CkHG8SWYo2LtadNXdrn6eed5eEqjr8_82uxE1KiG2SN2Hh3niyi5ZqTx2HH3ZDpdohxo4SDN2J2phpa4FEGKCkGHM6zB6_cH0JzoHjYH4d6krM0xECYslVYs1cRCEyHCiGkcYit6iguLRaFAJgDU-V1riesDBohGhb-rIBXI8oI37fgmY8MqJOWXv0QvyQHiBrViUi5HB8kciUnZ7yADYqJfdQREj3AIMHwcYhxHQtvUu5ZeY54xleNVu4CvhFvJUAOuA8HmWc76UWS5ijsqsa6epW7T7MDCq6_8R-sGuMtB4GvaRfS7wweReeaM6QKwwl02qvbwJTQ-L4qUiiZXc6TkZzZal03a7BZ_yVSdVrG1DHrL6662Z3RebcTZBccPxIc7dOIn-Iag0ty_pIB5Pk5kQQXbeKzyUfRkUi7ua_fdys2rOIokpx25iOCAkNHZ5SxtOqw5C_0uAn-pukC3EFFizuf07ZzlUEJVp1SyvJLVAIVWfROKsDoX0wCkyC5t9sLAqsuaED7cIBTOkS2AsPOcoGap0r1zXSnR7Hp1PglEuHq-YvTK46FtKQ-BntgCZefNM_AMgNnuetnlCBHrmz9hRXZNKSZh9RV9JUuYCg4B_ivU2CEa2fkkvDKwlRTQYFoTrpzd5lm5be25gQINVBPT2mmIoPmfxw2NxiChJyaHISYOkY1L7CbFjmZ5E0YQyU5UgYw9LyP0hlfTu7M7inQBltwgG8CPoAmiTNCPmDxp6LA1fhxfC__PSdktWQR_zskV2_9T52vtf5Al_UyF1PXEwGN0xEAj6wezG31Hx41hEeTxF3-MbBuj-E9rzZn_YeBlcuL-wVkg0xM4O-txjWrNLpK88uzdZYc7-VYb-thBAuu57C6ELqD_MCzsLDwVBKiMtwBydspVSikWdtvoQNyfsEWnin1JBFX7Y3ilc1dp15bpuXvHixlIYrKSdUsCTs6RXAninV7fMn6UEgKqL0VBJkHjrLbNbvWNZJEw1GQsaQV16nEexGS2iKZNYk2ANVKwLdt1DWm9PomwZhZib1VeP6yBgptQlBT3hr21vGgkRuQyRn9e4ywpfaafbave1-pLDFjtRmvo11Nq5OrKwgRk0bR5kAfbvSwrJFevZHza_Uq-J0NX2PnjpczTfoo3Bo-DdnG2-58-gSloMxIV9jk8jusTgpix7HIxOtwgH9p82ps6FLNDNOhewmb28KfwaQ6O22sPWfMwAHddtyAWZZhppcbXMN-d3uScdZgZv9lmQ9jCmqAgywIkeE9R6ONnWjwBsqlR0r3YnTyj05HZRCTuDfgYlBF5ZCoFnTUXytrE1NVVl0FV92y9QVZSqNlzAt7n4v201S5S9iblmRGocIAk2ByL_BitAy8P_ljAJ-T1ZorDQJGjShC7oJ7SJeYrp0NUPuzvp8eWYt_SFxk1YdLXKN8ITjI1kZE1FYcRjVDN4_8GjYG7xLYZAhrstCvAF8b_eb1nC1zM20dVPhl645TV_O1rtuxWCHM_DNJPKi9a8aYauhT7ELH5drqeml2JCicl3Mmv8bOrJiJtAiyh-_MLM6jwBnIvVTDVM8DDkOdalayZTQ-ptXvjfEXN1P_5f41Izftn27LChhE_VOItCg-7SL8HQ_vXwnd2VqnBMr58qHSBCXXNxwEE11JTACNHm7u7aVHpFxXvBscBIoBM-YBomkR3sjK_C2_XXHwAqYFJD4B0dAlLBieHcBL7_s9Lvdb8LYoiicU1yjVHVTGuw7kPV5WvE83s7WnTa9rrsil9tXgChhIapeQX29hCBjawB3EokW9md7G5uoNaXaXxNvA3h_liByPRExIOFYcf6g4TMal3WgUcF2SVk25ByWY0LGO_hJgaYdkzgXUMJrfeyJHmnKe0RFg-iBNMOhckvB9sMTXwK3NPIz_y7d9hmqwv8Q0Pa4aiGsix65ZC64simDPiKp7oJ5lPTiCDo95H-21d4fZ6OIg05mvFGq2GgFMdO26opjcg3wk9TOivhgSEg_n9O4e3itW4GYeBrq2r&cid=CAASJ-RowZyLGAhYLsjmY0odEe6sb13eoTyDPyLiL1HgYWnIUtdhs3S_JA&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame EB98 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-JXryAAJRG6dm2Eq7cUC9zBe_jY56JFaqNIjG-s2rW005n7eHAXcOOUrh7FRrMN6RqdYSzqCml7R7jJ7Z8sDmQEXkkDrQ2HSyt15oyBKB6PMwzNQeewYy0V0CeIHjydRvHOsNawkXT69YnH5m3TVSj4QjFg&dbm_d=AKAmf-BhySgCr3CdmtyOHSsso5Cd_Ky8tsrAaqberDWIbL25wRnSDQS1J4GxNZBe_0R5pXriq3PWj-StlGcNY3W1t3iZudCMTTUN_bQ0ZMlumHhppltYs_uPwQf2pMzpzMjY6nD4naikjnpoZbhtg6O5s-1UmJH56qst9NM6pL1DLOzYAw_xT-lWRKNJElSTqII0gX70__AB1j9j6ayiT5yFsC04FzwKERmETuY3UK1RJUjkSMSeM3YNXqfNVO-nigKLPIRpvYfnq0c77TctJiX1xpr6SXtq_UVjm6ZltRz81NV0ght5s2NtWuQRQvdifB9GN9Vvuc4CSFv7f7USmc5ic8GRngijJNEGgfyp6EWLoqqF0T0xCgsPd0iSV7-MeA66SkD6DCKIIgQ9dNFlsnyHyfSp8R8Qkpas31aWGbcQGzdeCfiiy-OZuLzSa64Kry5aOHrY6l0NC2w6W6IhzNYOh9nqc1gKKOT3DWOSve5KPYGyjyYEHBD5cunP06uqq2HXcXXXLSjbzYiAzGeYAxT8cj-tB4MB0yl7eTgFEctpyo_y0Mqs_5CE1i5pR6W-2OVdVAV3pFJenZvdophn7XEMhG4jJsLNZ_Qdw8GtMvN_hdOSr_5DLZI0O70go76aDjEGZF9RmZwjvD8SjvBjlZsBuPeQSkTPzK1qFs_gIXROJ-pWIwyX1xIFR8n8GIClvR2tub4MHM33p0lx2SWPQC_q96HiDEH690BWT2ZCdnWSFmHKDm1j06whHSzYkcJA75aYV9bfNaPG7Mfs3KKozuuM3T-3vRKJz9G5qFRndIqCetUWzgoSjsdpLRB2M7mqMF4QaZtd5EL5omoUqPGkjDM_UW1z0ktqvlObG-5zuJCsMfk1YClBuL0tnNYTZLJ6WzsApHEYBO2IYPhbW2wZvTbVArjXS-vvnSSEfN4iBOdccCP5K8jkHbkK1WtT13tygz18Ti2vetmR7WGTAyuUiBUTtdEJjfNw-ZUlYmeDNbTA5dXe33Ux62w0y9agdNMcRY9W-FmRuwVnReVSlOIVJtN_nqi4LufxJko0jnqf33rM9KkU3M8jsBpvYGHB_C9a5cXd5lxnhGUjPoYiwbFGeAbGYRkUEOFriE4nE09xOwIWDl16spdQsMS0bzsZxZy8YIxj0kxYXio84jotlrukFp3LTgUhAzeHowf1zbBsigkneg6XBg46xxim8VryF3PfQrz5whz7VJnPwJrnI00WFr87065ej7pKGNF-a-3k1Y8lhZtQdMZXrE2LA7oZ_EbOPF88_2VBBb_i8q2PO1UmlPOXrA0IhkCVLwoITu6lnom7a7mHX6UJwy1RR3IiSJPALot4bBHkA88X0omV6F2Um_yiymZS_CEbnEOvAhn6rekYpYtJ1H6rjAUc6fvcKCaURQb7nYgCL1S76VocGHrFZCkEjtuXDrzf6xJMBggkjFHBdtPytP6VgxgyAV_JsYkpcRB0wZH8OUlnq9w8g3PJo1YkJpMKscZuRr0wh0msxSD7GMO1j9gzYs2RIXThlaVVutl8mnOprvdzFjpZ9w1swiZ76XMHHaiOuTJdwWhBOJ1DoxQ4cuUMykZNEk88kSudXn08Nias29PI0baGyPwFnINe6rOvLPZejNseoZ8e_ctYe1Lor2HTuS45l3NL7JLg-V9bDn8SCwrjhSRK-cdMufknP9UVMx-fix6yLtP3mss4j75yrPffFp-YyXvpNCTlVpuJwbbDDv3rxu43z8s5RIbd1t_3R0Ul7b53CkHG8SWYo2LtadNXdrn6eed5eEqjr8_82uxE1KiG2SN2Hh3niyi5ZqTx2HH3ZDpdohxo4SDN2J2phpa4FEGKCkGHM6zB6_cH0JzoHjYH4d6krM0xECYslVYs1cRCEyHCiGkcYit6iguLRaFAJgDU-V1riesDBohGhb-rIBXI8oI37fgmY8MqJOWXv0QvyQHiBrViUi5HB8kciUnZ7yADYqJfdQREj3AIMHwcYhxHQtvUu5ZeY54xleNVu4CvhFvJUAOuA8HmWc76UWS5ijsqsa6epW7T7MDCq6_8R-sGuMtB4GvaRfS7wweReeaM6QKwwl02qvbwJTQ-L4qUiiZXc6TkZzZal03a7BZ_yVSdVrG1DHrL6662Z3RebcTZBccPxIc7dOIn-Iag0ty_pIB5Pk5kQQXbeKzyUfRkUi7ua_fdys2rOIokpx25iOCAkNHZ5SxtOqw5C_0uAn-pukC3EFFizuf07ZzlUEJVp1SyvJLVAIVWfROKsDoX0wCkyC5t9sLAqsuaED7cIBTOkS2AsPOcoGap0r1zXSnR7Hp1PglEuHq-YvTK46FtKQ-BntgCZefNM_AMgNnuetnlCBHrmz9hRXZNKSZh9RV9JUuYCg4B_ivU2CEa2fkkvDKwlRTQYFoTrpzd5lm5be25gQINVBPT2mmIoPmfxw2NxiChJyaHISYOkY1L7CbFjmZ5E0YQyU5UgYw9LyP0hlfTu7M7inQBltwgG8CPoAmiTNCPmDxp6LA1fhxfC__PSdktWQR_zskV2_9T52vtf5Al_UyF1PXEwGN0xEAj6wezG31Hx41hEeTxF3-MbBuj-E9rzZn_YeBlcuL-wVkg0xM4O-txjWrNLpK88uzdZYc7-VYb-thBAuu57C6ELqD_MCzsLDwVBKiMtwBydspVSikWdtvoQNyfsEWnin1JBFX7Y3ilc1dp15bpuXvHixlIYrKSdUsCTs6RXAninV7fMn6UEgKqL0VBJkHjrLbNbvWNZJEw1GQsaQV16nEexGS2iKZNYk2ANVKwLdt1DWm9PomwZhZib1VeP6yBgptQlBT3hr21vGgkRuQyRn9e4ywpfaafbave1-pLDFjtRmvo11Nq5OrKwgRk0bR5kAfbvSwrJFevZHza_Uq-J0NX2PnjpczTfoo3Bo-DdnG2-58-gSloMxIV9jk8jusTgpix7HIxOtwgH9p82ps6FLNDNOhewmb28KfwaQ6O22sPWfMwAHddtyAWZZhppcbXMN-d3uScdZgZv9lmQ9jCmqAgywIkeE9R6ONnWjwBsqlR0r3YnTyj05HZRCTuDfgYlBF5ZCoFnTUXytrE1NVVl0FV92y9QVZSqNlzAt7n4v201S5S9iblmRGocIAk2ByL_BitAy8P_ljAJ-T1ZorDQJGjShC7oJ7SJeYrp0NUPuzvp8eWYt_SFxk1YdLXKN8ITjI1kZE1FYcRjVDN4_8GjYG7xLYZAhrstCvAF8b_eb1nC1zM20dVPhl645TV_O1rtuxWCHM_DNJPKi9a8aYauhT7ELH5drqeml2JCicl3Mmv8bOrJiJtAiyh-_MLM6jwBnIvVTDVM8DDkOdalayZTQ-ptXvjfEXN1P_5f41Izftn27LChhE_VOItCg-7SL8HQ_vXwnd2VqnBMr58qHSBCXXNxwEE11JTACNHm7u7aVHpFxXvBscBIoBM-YBomkR3sjK_C2_XXHwAqYFJD4B0dAlLBieHcBL7_s9Lvdb8LYoiicU1yjVHVTGuw7kPV5WvE83s7WnTa9rrsil9tXgChhIapeQX29hCBjawB3EokW9md7G5uoNaXaXxNvA3h_liByPRExIOFYcf6g4TMal3WgUcF2SVk25ByWY0LGO_hJgaYdkzgXUMJrfeyJHmnKe0RFg-iBNMOhckvB9sMTXwK3NPIz_y7d9hmqwv8Q0Pa4aiGsix65ZC64simDPiKp7oJ5lPTiCDo95H-21d4fZ6OIg05mvFGq2GgFMdO26opjcg3wk9TOivhgSEg_n9O4e3itW4GYeBrq2r&cid=CAASJ-RowZyLGAhYLsjmY0odEe6sb13eoTyDPyLiL1HgYWnIUtdhs3S_JA&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:15:13 GMT
lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
pagead2.googlesyndication.com/bg/ Frame F71B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
13942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14125
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 12:24:23 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1203 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 19:56:11 GMT
x-content-type-options
nosniff
server
cafe
age
73234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Mon, 15 Aug 2022 19:56:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1203 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 02:56:51 GMT
x-content-type-options
nosniff
server
cafe
age
47994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 16 Aug 2022 02:56:51 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame EA4B 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Origin
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 17:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 17:52:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame EA4B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0GPFblk-Kfw8cBWdX7me65I-NthrjlC7kyouekJu0QL6L6GeC-SF_z1cjnAJHkB_xxhHB6wSOAEgsq_rTrVgcxCVQwlMRcnjnkhR-hR3B00H04NKVb1aO-26LmFNgLc7K0Vls-g_RjmRuJ41K3pAGwnVIKw&dbm_d=AKAmf-Df2EToCC3JlOMwftIpNI9_2VsuokzfEsE4QGLHHBjzwKtgCD715Rd5E8Ggn91IkRqp-msqgBqm0CGFlx8aTDYT8-Jue-afb2-sxzya-GMkFnJ0CFA973QQe8rJwZRbyyD7-Xp0Jh8aEYqKYeKOZ2sDiVpq2LJ0kbfoI0EMIXq5uqKBb1-MCVZeDS0cg3S4WJQKhabBCDd9ScEe4jnww_sdD8UJpC7HKBBlUxPKxmPS5RkqeX8of-uPF0cd3vt5WlRSb7x59V_E0h14YHWO2s_itF-9Zo5cF6IcHNuJ9lbWSnN43PYoJ3voOQojOIlXl0Gy1OzbeOqoNQCQLjj1svbbNPVXnLqAG_JUD293CmGoQlCvaYkMqPOCdCQm9xK0rBZT6MRADTOmxhd-pNjIZI0O41bSA5abLBDq0ewSmV8Sf4mOsJqLbySruy_BnQAoVYu4HbCKxgvcpjS6wQM60l3RU1iv-0RdrW0mkbe8yJetKvagoOTvOSC0Qgg5qFOVE1xYcab-lhW0h0y-nvjfqZOqe2JXexq-XFlNN4J9TwTL3p3ArVTimOT14fsywLaawEG8Z58DUfOQDCf1Gb0Xc6gOUiKVKS9E0AcZ2lQDcqnOCueAQONZeADB2S_47VOKPA4aR0fEWFq8WTqrybnT8Z2dpuuMO93N8UF_sFN0xK2YUjNTLN5mR00XEf4Gn0RLk8hk4rZMeZI7mEhMHno0822hx3h4yuy_xWMeSOFifq2P3R657eZGnmPNaYS0MGBPaHaxhZHVwfiKbELpVGqNMumnl0--ZkOJg1A959uDsJItXO-3fBE-EmhQHTmgdJUNU5ZmDCvzmLRU9iD2nI-4KtavS8tE0kat5f8aYu8L1IXosBEYRUzBwpwKBYbXuRbA1BA2LibHmserrkjWN1_b9FiJtCXGdFqn-T-6tcFWmo7OgaKWoXOMJhiWmFk6Fr4w7GWJswwjYTvBkyeWe_VhjWxXTY7hApB-H_mFRAQwquw21k8onR0d70QFsrHB6HUZ6NQJTAY82sXLTL7S1fZkPu7E_5315MKQreF3eQaW7EK6XwoqPL-Zznaulr-uOsA-o5kq8boUDTZ1O7R-SNMVibus8K6vfgnzbmSrjY3V8v_qnGEk0XfZsztllLulom3K3SN5Ts1_wg1E6WGZRkzsoQDH3odpICOfhy0wa6rmBofFQZF_35slcwKPpAlnCCA3YOo1Aqhlp6T2AJT0zIo8-4pFKkYnAtocFISCHKNZWjWOF_sNiyfJNSNI13l3MjBn9KHu_gvfz70ln7ob8fV_NUT_-bcQD7GF06DcgnClv1LJcNH2GczBUKioha51TnmKv5iEZXPTBKDfgpT5dfind14MC6_kMTa37Vx6O7Fr1sirvF0IFoTkMx4_a78s5Zb-VwCmwuUZM6A9Q4Mle--H1xkQKTb-GrgSNPaMdpzjHKfoVQUswNOMg-s_9RHY4vvJXwLHPMNQusvJjk0fMmciQ0auMGuApSR_PIywRkw7iEA2ueWRqaRnlIJIye1AxNdPBDQH5a_uk9CMR-XQrub7ngIqGZTCYoGnQYVB-rV60yeblkBBnimaznUz56bOHQmqhV0PEtVD7B840pRgkdGhDCshuAgfUnUmt2kw_df4n5UNcQ5cre3NVLjWiJLFrUgTN5NZjl-JJ3vbnq1_4g1AlB1pdXfFQMMrV2SjjZgDU9X8IeRWXFrqZ8pMIeuaUcT4AI6NC5-nGD3OLf3zL6KFvlnZ9kMWh2JcWdzR6YYXt7FyNHdWNezmVcgXVcJAN2_-Vq3yLh3f59NB6hyZEZeJsGnm1IK_F6HqDO_LaP0zZZuRqbip_4LmvNeZTgUwQEQooyyhQeBctvUe2jtkk8z_1OAZopCH7mVwpnXmUIFRzOu6HQGWvWctwm8SUPNtELoHWsuHPf2XpcpLRoFAya8UQHrzOFDukPuAIf7D7hQAo0_1mk_INjzR4iULFUCEwD3Px0sAcL40V_OrIyBfBE7M6VQgx282s9YRJW1IuNjpfeV8vX9cwdKND0gqp7Ja1sb9wIN9Tg1nSapPZtk6D6L9U6819E--hvGkYNS5FcrAV9CtfDnF3GYBsXyH-w5b1dxw6XB5MVex8tC8kHCceaBQqgIvqn2Nq5JDU1NbX3xoKxyjJ7TAqV_cfko25n01xnxdqcJ2oGD7VmyO3IjtH4gUu8F-LuBbnNCSKZB6ewWGtPG1lxbkbzu9op8xzwMfkYg7Va1-b4rMc0Ohj_J7-3-C5jLgQWcgY96mUpHzEBL1f11JjN3ofRB6TUG1zfSZTyf2bBpWkorHHi9uiuwq7k4nSrfRjKEKiWvQEVgim8UE80yBDhbEcRZ2T5-Rcn13SbozwX-PTlJLnNdjs27B-_Sd7AG2NxnNNYoRsTAoKl1R4vQqtssqOu_uNgm9fUcHbOwrPq6-IU66pt8eT5Yy9U55URWgu1gH8LgAJe2UW6M8TE_aQfWp59knWN4glQcqdyc_vWmUkx1b5p_t21pR5yiFLB31Wv7YzBpiUdOO1ultLxsMCjuj5mY3cLtuJw2sWH9JP3JCgeC63rQnsvDbnHZgLokujttJBnqZqujun0WLtPy12URk21RE7AdAAiFYV89YUfXUFLtsfiANRqQUrIci7qvGNWr07SiMYJCY4Kyi7NQ0Wd3FTxqDBizelEbba214gbpJaslg6Biy7OzvfSNoGYNY2KqOwracKKzw7X5WoHwYp2NjBiVD2y9P7bLMe7HoXwn_12kP4uLrpVb3r8fNlE9hPV6RYTMASP0FfYbNCAqiSUDhK9T-UL92W-V5ijkkNSYc2ocHSB2PMm1wPbR8tiAD6C1EOND9ak8cNXMzTRWSR3K4yb7mw_EjKaGTEw8DO3ExmIy6aFb0DDGBnrPbcYOIr3yG488eZcyxxyfL9v6gfrNOjLSrFjSxKKfVSsOrkEmedFN0191e0KXa_WwwM2Tpw9gbbXAg-cINgfR8zvAOEJZz8Z71Om3Tr50M-ScxgJMMnfTBSwgqSYrcq12BfDt37E2gg_FEQupy3lHIubEOaw1-vwN8pAk6ti_kXiaVsEGlqQ-foQa4Rn-sqpTbuSbNTEWQoTtRD1KdBEz48k56Z8qdzUCgNhTKF0liBTqWdclVAgNPpPvTiNu1U7sxecSRGnx5vA&cid=CAASJ-Ro76yaVtVkqfkHWmmTRpffV1LBwkrR3bBFGCTMv9bgQW_yfOe-ZA&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame EA4B 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0GPFblk-Kfw8cBWdX7me65I-NthrjlC7kyouekJu0QL6L6GeC-SF_z1cjnAJHkB_xxhHB6wSOAEgsq_rTrVgcxCVQwlMRcnjnkhR-hR3B00H04NKVb1aO-26LmFNgLc7K0Vls-g_RjmRuJ41K3pAGwnVIKw&dbm_d=AKAmf-Df2EToCC3JlOMwftIpNI9_2VsuokzfEsE4QGLHHBjzwKtgCD715Rd5E8Ggn91IkRqp-msqgBqm0CGFlx8aTDYT8-Jue-afb2-sxzya-GMkFnJ0CFA973QQe8rJwZRbyyD7-Xp0Jh8aEYqKYeKOZ2sDiVpq2LJ0kbfoI0EMIXq5uqKBb1-MCVZeDS0cg3S4WJQKhabBCDd9ScEe4jnww_sdD8UJpC7HKBBlUxPKxmPS5RkqeX8of-uPF0cd3vt5WlRSb7x59V_E0h14YHWO2s_itF-9Zo5cF6IcHNuJ9lbWSnN43PYoJ3voOQojOIlXl0Gy1OzbeOqoNQCQLjj1svbbNPVXnLqAG_JUD293CmGoQlCvaYkMqPOCdCQm9xK0rBZT6MRADTOmxhd-pNjIZI0O41bSA5abLBDq0ewSmV8Sf4mOsJqLbySruy_BnQAoVYu4HbCKxgvcpjS6wQM60l3RU1iv-0RdrW0mkbe8yJetKvagoOTvOSC0Qgg5qFOVE1xYcab-lhW0h0y-nvjfqZOqe2JXexq-XFlNN4J9TwTL3p3ArVTimOT14fsywLaawEG8Z58DUfOQDCf1Gb0Xc6gOUiKVKS9E0AcZ2lQDcqnOCueAQONZeADB2S_47VOKPA4aR0fEWFq8WTqrybnT8Z2dpuuMO93N8UF_sFN0xK2YUjNTLN5mR00XEf4Gn0RLk8hk4rZMeZI7mEhMHno0822hx3h4yuy_xWMeSOFifq2P3R657eZGnmPNaYS0MGBPaHaxhZHVwfiKbELpVGqNMumnl0--ZkOJg1A959uDsJItXO-3fBE-EmhQHTmgdJUNU5ZmDCvzmLRU9iD2nI-4KtavS8tE0kat5f8aYu8L1IXosBEYRUzBwpwKBYbXuRbA1BA2LibHmserrkjWN1_b9FiJtCXGdFqn-T-6tcFWmo7OgaKWoXOMJhiWmFk6Fr4w7GWJswwjYTvBkyeWe_VhjWxXTY7hApB-H_mFRAQwquw21k8onR0d70QFsrHB6HUZ6NQJTAY82sXLTL7S1fZkPu7E_5315MKQreF3eQaW7EK6XwoqPL-Zznaulr-uOsA-o5kq8boUDTZ1O7R-SNMVibus8K6vfgnzbmSrjY3V8v_qnGEk0XfZsztllLulom3K3SN5Ts1_wg1E6WGZRkzsoQDH3odpICOfhy0wa6rmBofFQZF_35slcwKPpAlnCCA3YOo1Aqhlp6T2AJT0zIo8-4pFKkYnAtocFISCHKNZWjWOF_sNiyfJNSNI13l3MjBn9KHu_gvfz70ln7ob8fV_NUT_-bcQD7GF06DcgnClv1LJcNH2GczBUKioha51TnmKv5iEZXPTBKDfgpT5dfind14MC6_kMTa37Vx6O7Fr1sirvF0IFoTkMx4_a78s5Zb-VwCmwuUZM6A9Q4Mle--H1xkQKTb-GrgSNPaMdpzjHKfoVQUswNOMg-s_9RHY4vvJXwLHPMNQusvJjk0fMmciQ0auMGuApSR_PIywRkw7iEA2ueWRqaRnlIJIye1AxNdPBDQH5a_uk9CMR-XQrub7ngIqGZTCYoGnQYVB-rV60yeblkBBnimaznUz56bOHQmqhV0PEtVD7B840pRgkdGhDCshuAgfUnUmt2kw_df4n5UNcQ5cre3NVLjWiJLFrUgTN5NZjl-JJ3vbnq1_4g1AlB1pdXfFQMMrV2SjjZgDU9X8IeRWXFrqZ8pMIeuaUcT4AI6NC5-nGD3OLf3zL6KFvlnZ9kMWh2JcWdzR6YYXt7FyNHdWNezmVcgXVcJAN2_-Vq3yLh3f59NB6hyZEZeJsGnm1IK_F6HqDO_LaP0zZZuRqbip_4LmvNeZTgUwQEQooyyhQeBctvUe2jtkk8z_1OAZopCH7mVwpnXmUIFRzOu6HQGWvWctwm8SUPNtELoHWsuHPf2XpcpLRoFAya8UQHrzOFDukPuAIf7D7hQAo0_1mk_INjzR4iULFUCEwD3Px0sAcL40V_OrIyBfBE7M6VQgx282s9YRJW1IuNjpfeV8vX9cwdKND0gqp7Ja1sb9wIN9Tg1nSapPZtk6D6L9U6819E--hvGkYNS5FcrAV9CtfDnF3GYBsXyH-w5b1dxw6XB5MVex8tC8kHCceaBQqgIvqn2Nq5JDU1NbX3xoKxyjJ7TAqV_cfko25n01xnxdqcJ2oGD7VmyO3IjtH4gUu8F-LuBbnNCSKZB6ewWGtPG1lxbkbzu9op8xzwMfkYg7Va1-b4rMc0Ohj_J7-3-C5jLgQWcgY96mUpHzEBL1f11JjN3ofRB6TUG1zfSZTyf2bBpWkorHHi9uiuwq7k4nSrfRjKEKiWvQEVgim8UE80yBDhbEcRZ2T5-Rcn13SbozwX-PTlJLnNdjs27B-_Sd7AG2NxnNNYoRsTAoKl1R4vQqtssqOu_uNgm9fUcHbOwrPq6-IU66pt8eT5Yy9U55URWgu1gH8LgAJe2UW6M8TE_aQfWp59knWN4glQcqdyc_vWmUkx1b5p_t21pR5yiFLB31Wv7YzBpiUdOO1ultLxsMCjuj5mY3cLtuJw2sWH9JP3JCgeC63rQnsvDbnHZgLokujttJBnqZqujun0WLtPy12URk21RE7AdAAiFYV89YUfXUFLtsfiANRqQUrIci7qvGNWr07SiMYJCY4Kyi7NQ0Wd3FTxqDBizelEbba214gbpJaslg6Biy7OzvfSNoGYNY2KqOwracKKzw7X5WoHwYp2NjBiVD2y9P7bLMe7HoXwn_12kP4uLrpVb3r8fNlE9hPV6RYTMASP0FfYbNCAqiSUDhK9T-UL92W-V5ijkkNSYc2ocHSB2PMm1wPbR8tiAD6C1EOND9ak8cNXMzTRWSR3K4yb7mw_EjKaGTEw8DO3ExmIy6aFb0DDGBnrPbcYOIr3yG488eZcyxxyfL9v6gfrNOjLSrFjSxKKfVSsOrkEmedFN0191e0KXa_WwwM2Tpw9gbbXAg-cINgfR8zvAOEJZz8Z71Om3Tr50M-ScxgJMMnfTBSwgqSYrcq12BfDt37E2gg_FEQupy3lHIubEOaw1-vwN8pAk6ti_kXiaVsEGlqQ-foQa4Rn-sqpTbuSbNTEWQoTtRD1KdBEz48k56Z8qdzUCgNhTKF0liBTqWdclVAgNPpPvTiNu1U7sxecSRGnx5vA&cid=CAASJ-Ro76yaVtVkqfkHWmmTRpffV1LBwkrR3bBFGCTMv9bgQW_yfOe-ZA&rfl=2%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:15:13 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		125 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3542724981462181&correlator=12899812313900&eid=31068924&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Ccube%2Ckoora4live%2Ccube2%2Ccube3%2Crich%2Crich2%2Csky%2Cresponsive%2Cresponsive3%2Cresponsive4%2Cresponsive5%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2F4%2C%2F0%2F1%2F2%2F6%2F4%2C%2F0%2F1%2F2%2F7%2F4%2C%2F0%2F1%2F2%2F8%2F4%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2F4%2C%2F0%2F1%2F2%2F11%2F4%2C%2F0%2F1%2F2%2F12%2F4%2C%2F0%2F1%2F2%2F13%2F4%2C%2F0%2F1%2F2%2F14&prev_iu_szs=300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C728x90%7C320x50%7C320x100%2C728x90%7C320x50%7C320x100%2C320x50%2C120x600%7C160x600%7C300x600%2C970x90%7C728x90%2C970x250%2C970x250%2C970x250%2C970x90%7C728x90&ifi=7&adks=2970954390%2C1370635809%2C3434856133%2C2810031837%2C1126810291%2C2355895160%2C289759596%2C1309765914%2C2639330056%2C1588386032%2C4139080419%2C3317283087&sfv=1-0-38&fsapi=false&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Ctest%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3Da2009fd45f95b087%3AT%3D1660580205%3AS%3DALNI_Mb8RnErqyf4n6vVb8TKQuYVMwm1xg&abxe=1&dt=1660580205856&lmt=1660580205&dlt=1660580203756&idt=1013&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C640%2C-9%2C315%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C1625%2C-9%2C1625%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C2%7C-1%7C3%7C-1%7C-1%7C-1%7C-1&ucis=7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1100x0%7C0x-1%7C1100x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1100x0%7C0x-1%7C1100x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C4%2C2%2C4%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C1100%2C0%2C1100%2C0%2C0%2C0%2C0&ga_vid=1976694.1660580205&ga_sid=1660580205&ga_hid=1257922158&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0623400c6e473fd194940db33d25d3aa470f8b4cf0ca78cdbb57a11473fbcb05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41144
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2,-2,-1,5850403633,-1,-2,-2,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-2,-2,-1,138374456572,-1,-2,-2,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0731 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 19:56:11 GMT
x-content-type-options
nosniff
server
cafe
age
73234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
9421415325968714010
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Mon, 15 Aug 2022 19:56:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0731 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 02:56:51 GMT
x-content-type-options
nosniff
server
cafe
age
47994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Tue, 16 Aug 2022 02:56:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EA4B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341860
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:19:05 GMT
truncated
/ Frame EA4B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3be04c8034b473853c28bd1dae1c3cba91c85aef00667072bb4e886469472874

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/ Frame A522 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79560bb312c5dbb1cbb91575394a5b7aa0d9cfa93f9c79bb7dfa99c31c0b5ff0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9968
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2318
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 13:30:38 GMT
expires
Tue, 15 Aug 2023 13:30:38 GMT
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EB98 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssoOWmkvabpE1DJnxb8TB1HdPdl5kZ5gUK0t3kTNM4uBUO8Ue9woyesmVE_x8HI3cFSZScyvYIPdO33LOzFUoP39QpABqGYjwIqdHCVvXc3CbblqjLyGIt1lna5qntuNYH3uGW9byrln0Or18SHhwAj-6vJP57Xw7ke59WwfkDwvmFNebaDgQXphNSmCpHNseaAd14feA2Nne5PDp4fho3aO5pT37cH-8LUHafSRrHZ6pkJ6Uw7c6ooazxWTSAYgYUL8Q8c-PzT55s_koxBfYkbSP8GDB5IoGYDxhFo4Ztv_nKjE1-3mjgSzcm5jCroA5lDH1PxX1PuggNi5Ala5_cQBlkKM_sr_vt91qahTbMumOIqLLsXN7RZ4QqW5lQRg7Yh7EtdkBgBuiM38p6RtwgFIP-6QhV4JDlpVbJ24iE7MRX8vOvHqO_7osgf-Pi5gPACJ4UK0OJw_Nf9ck1tLWh5yBlB3d8ANCfwtXF80kAnN30hoVwHTRu6EMiwESs8gRb1rN87OqwZaNO2OsPXaYXMz3L37HsHYkHZdPrf9M97H4Z_RnvNhM26_TOiiDCRizAceeiz2LweDYFOxGbxFRNG8VGdMauuOD0ZpHwfQvPS6uh-2oPU8_NiDZ-W7ZtKEd3AlOl3UimubJNxOH5lJH6BnjzZS5Hw0LRotty4A0Oc0Kd7YOd5CWIt5CyarGPBIm0sWiJyAUAtk55WtYuaJC6NYkyOK9N7NtId1JQOzIE-tpNfOMR-asAhLsddio7fq-vu7xeQ7e5p7Dwlq-dP0QeuThCc1-plHCFr04Od6F60WlNrUn-K2kv2hvaDJxqSzR1tu0_o-mylo4Dr9IbntZEsQXZVubkKRkmmcu2ZXS-QmuynxO_qzOj1rrIkleYGCNMeg97EKQCMBmcN9tBSV2FYxiWT0f4H43ncOb-SZ2UGBeL0_qIe7F-G4MMFQ7IL6BXxBafwHRReC9uUWvStzqa2QeCvBruSOE9Cz41J7TutosbX0h3u7et7UFaVXdxEFIDwpYs3GUoMBAygXx1WfZRBUJFvbhsxjYPcSWa9KAkCl057_8dlCQ56YVd5JbXdDvVfWZ9sby4V0hgUpY0q10B7LfeRvqiKIunuQIyRjOT8xm-Vcx26cop3MMdo9FTRWa0jH3_OzkQiBpVhnY_T2skccDWEtyh7w2lxGrdtbXvqn9bdgUUD-xqZD2i0JQjscysYAw9d8ru76SgrCi7U2z2Usfzm2dn4ATMuizwHz8sIlEcC_f5oI8TwT7bExADYRdtoilxtnaAThQgQkDsrEO88aIzBktFdH9G1rg&sai=AMfl-YTUiUAFeBXxUNOZz1l-SinHhVLmZBPW63_qeTyIOpfDZwj9GcwSfl2hIrLUdO8pxrYlF_EWGG8HxJLVdzjkv7npxZFw1gsl3VfPcHJVWmFD6QKbb61r4HotCBnrE76Oia7vZK-T4UMsIuVuwnWP6LR97T4s57lAzbNrj6ZF9-5jBCTTqUqKEr7KpiRyk8qmyxsVK53hZSZMCtmEhSIN5Bztx1EvlYU&sig=Cg0ArKJSzNHyAxnYCmpnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=219&cbvp=1&cstd=216&cisv=r20220810.64796&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 15 Aug 2022 16:16:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EB98 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:19:05 GMT
index.html
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		99 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
338cc71e3573fc434aa46c637c9d7b2706e57ee1b893417aebc91308b0254f38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:46 GMT
expires
Tue, 15 Aug 2023 16:16:46 GMT
last-modified
Tue, 17 May 2022 15:50:56 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EA4B 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWJGAFgl-_sCeSd41fPy4YkuRZfoCLZy_5OTOLLxLoZAM3NjXBDtZa40mW8JdyOyDjn5DBEJYVFvZ6tB9b620krWcwacVssJIaVKiPGgz-NSXei9gB0YFZ-XzODp2NAiV_jPP2_BVPurDwTmcAwu0PRzfQHmFvSKLtihtdskgfRWxY5024OahPqh7gWfT9FBqYAK7GyHoEo4VwKeRVSgUpEZp-Ms3LeCEAYyQYEZ-UTYPjfNEgFskQhXgBjZRkL1MNoK5BGsgwfCQ9Pj1jVSIKCbLaNFARh5cwkIa6KG7yUCQ1iLV3MudDMkebZuwtyS2VYtEiLZT9cbPmp65Ber41pr4MuNI4a0UEH2jhCT4olZcyjn7L5Mf5ZA58qbXQF231CFqXhuicO8_Gypdq_xBqWLrum73qsvpccwITzJ_NgfTI82WAunqYgUqHn45l344FIUeKD1u8-XQ74lE_Av9z7pYkIgn7yqXlO9kYxTi3zzjOQ_ZxCCYVq2FENkXc9HzCY22Vy86vZUOwUe05OXBFBaf2lZ4zxAq4uLTECjQgJNr18w_KN6CE9EqP0qRL6rveiNba825pmS0s1ArPFmZGIiVo562YandeDYqOU03TW-lC6g5qnvP4Amz9Gfor9arXDz1pRrD8NvyvYjlhN4PWfTJyCKxaewnRpm0cMoZNB5TQQbDhMTfkiljTqDwJ4XZe8vrRe8-3nt10Ln0QnmXUyMPZUKdeGImbgeD1j7DY6_JVjPf0JbHvMPkl_L_gWww9iubDZWFz03m-Fq9RN0gSgM5HY-_3LVdWhdSU5-fANvIhyBgafGxNNwmRQ5EjX5mGdJBMLe8fgDpSxDz1fwP_ON3nymmq8FS0iIaTUU-PFIzha7GO8xupzpbhcORPGf6QIk8MS2siunFWCw0Tn3uy1k93nfU7loFTGB11XlrjeFaYal_Ev2g1XIoE8-js2sHENA6GPZqQvXEH5b8nTitzLjXYAmqZIlP4YYMd6EdbiWGLRER3k7s9WIWCLV83Bd9zlZekLtrSW0mUuhjs7tJ58n6a5tFdVL7Eq3Ax0Hr8fVHh4UM5RtyCRzYSd6OLuSOlob_PLhFVWrQnQScLgwuiD5XaIG7Is00stT-qtVO8Fuj60JnXPY0ckjlNIaUSq6yedo6piFhfeiRxSUFY00mbkNJ5g8-Q9_3n_HZyGn4&sai=AMfl-YQIMjTR2Hq_cfvpI9NUaG1drK9BS2h65AwYBBirfv680WgHpHLUtI2gD2-pr6z9r8smoz4dOCx3qEfjFmlhn3B3Gk6LKvFoXP1fpTaA5FNMdj7f12GZURAzf9QYTiWhlDSSvhKP47Uepk56fIqEjpbKtha0hrK713Okmj6Qp-ohQsNeVPdYV3TTV3O_YIXErgy9eM4Cd8Z1xWRW3UNVLYZOonRGKOI&sig=Cg0ArKJSzPm1ZKl_jNY9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=207&cbvp=1&cstd=201&cisv=r20220810.30906&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 15 Aug 2022 16:16:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7784
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 Aug 2022 16:16:46 GMT
expires
Mon, 15 Aug 2022 16:16:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:46 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EB98 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
362e1485a661dee5c278fb4810353137f67368cc96edfb0e723791e8569befa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
pagead2.googlesyndication.com/bg/ Frame CE8D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nFxlsDypB7fADXJag6hgweS-nRuXDEO5nQJQNtw06Bw.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:34:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
13339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14139
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 12:34:27 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7E1E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
341860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:19:06 GMT
expires
Fri, 11 Aug 2023 17:19:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4647 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
341860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:19:06 GMT
expires
Fri, 11 Aug 2023 17:19:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A522 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:16:46 GMT
index.js
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/ Frame A522 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ab6ab06fc61aa1d2555b475051833b26e53725e01d80ded3d03b5e9d58a2c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4242
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:46 GMT
gwdpage_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		55 B
103 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwdpagedeck_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		731 B
263 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwdgooglead_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		24 B
72 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwdimage_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		281 B
187 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwdattached_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		26 B
74 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwdtaparea_style.css
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		157 B
144 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
css
fonts.googleapis.com/ Frame D2E2 		6 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:regular|Open+Sans:regular|Playfair+Display+SC:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8d245c20017c8ded328ee520b0253ce7d2d1743fcf1ef8dc65fed31b89d4cf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 14:27:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 15 Aug 2022 16:16:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Aug 2022 16:16:46 GMT
googbase_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		400 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
275
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6276
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwdpage_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwdpagedeck_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3191
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
Enabler_01_248.js
s0.2mdn.net/879366/ Frame D2E2 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 09:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24931
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 09:21:15 GMT
gwdgooglead_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
548383
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4481
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:57:03 GMT
gwdimage_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2014
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwdattached_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		1 KB
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
590
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwdtexthelper_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 19:20:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248154
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2823
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Aug 2023 19:20:52 GMT
gwdtaparea_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwd-events-support.1.0.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwd-events-support.1.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97cdf067606c37c831a54b3ffc71cafb94ff1f4db84a1ba620b2e9e43cc1084d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1215
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 22:21:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582907
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1293
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 22:21:39 GMT
gwddatabinder_min.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2351
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
gwd-dynamic-binders.js
s0.2mdn.net/sadbundle/4967240334341465534/ Frame D2E2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4967240334341465534/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 16:00:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9229
x-xss-protection
0
last-modified
Tue, 17 May 2022 15:50:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 16:00:37 GMT
generate_204
tpc.googlesyndication.com/ Frame F71B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tpIBJw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
bgrd.jpg
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/bgrd.jpg
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
880d32dcc497aee64bd822845df3620fc8a37f6eb1e972322edd41cd1122fe4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:46 GMT
x-content-type-options
nosniff
age
411240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9409
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:46 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EB98 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssoOWmkvabpE1DJnxb8TB1HdPdl5kZ5gUK0t3kTNM4uBUO8Ue9woyesmVE_x8HI3cFSZScyvYIPdO33LOzFUoP39QpABqGYjwIqdHCVvXc3CbblqjLyGIt1lna5qntuNYH3uGW9byrln0Or18SHhwAj-6vJP57Xw7ke59WwfkDwvmFNebaDgQXphNSmCpHNseaAd14feA2Nne5PDp4fho3aO5pT37cH-8LUHafSRrHZ6pkJ6Uw7c6ooazxWTSAYgYUL8Q8c-PzT55s_koxBfYkbSP8GDB5IoGYDxhFo4Ztv_nKjE1-3mjgSzcm5jCroA5lDH1PxX1PuggNi5Ala5_cQBlkKM_sr_vt91qahTbMumOIqLLsXN7RZ4QqW5lQRg7Yh7EtdkBgBuiM38p6RtwgFIP-6QhV4JDlpVbJ24iE7MRX8vOvHqO_7osgf-Pi5gPACJ4UK0OJw_Nf9ck1tLWh5yBlB3d8ANCfwtXF80kAnN30hoVwHTRu6EMiwESs8gRb1rN87OqwZaNO2OsPXaYXMz3L37HsHYkHZdPrf9M97H4Z_RnvNhM26_TOiiDCRizAceeiz2LweDYFOxGbxFRNG8VGdMauuOD0ZpHwfQvPS6uh-2oPU8_NiDZ-W7ZtKEd3AlOl3UimubJNxOH5lJH6BnjzZS5Hw0LRotty4A0Oc0Kd7YOd5CWIt5CyarGPBIm0sWiJyAUAtk55WtYuaJC6NYkyOK9N7NtId1JQOzIE-tpNfOMR-asAhLsddio7fq-vu7xeQ7e5p7Dwlq-dP0QeuThCc1-plHCFr04Od6F60WlNrUn-K2kv2hvaDJxqSzR1tu0_o-mylo4Dr9IbntZEsQXZVubkKRkmmcu2ZXS-QmuynxO_qzOj1rrIkleYGCNMeg97EKQCMBmcN9tBSV2FYxiWT0f4H43ncOb-SZ2UGBeL0_qIe7F-G4MMFQ7IL6BXxBafwHRReC9uUWvStzqa2QeCvBruSOE9Cz41J7TutosbX0h3u7et7UFaVXdxEFIDwpYs3GUoMBAygXx1WfZRBUJFvbhsxjYPcSWa9KAkCl057_8dlCQ56YVd5JbXdDvVfWZ9sby4V0hgUpY0q10B7LfeRvqiKIunuQIyRjOT8xm-Vcx26cop3MMdo9FTRWa0jH3_OzkQiBpVhnY_T2skccDWEtyh7w2lxGrdtbXvqn9bdgUUD-xqZD2i0JQjscysYAw9d8ru76SgrCi7U2z2Usfzm2dn4ATMuizwHz8sIlEcC_f5oI8TwT7bExADYRdtoilxtnaAThQgQkDsrEO88aIzBktFdH9G1rg&sai=AMfl-YTUiUAFeBXxUNOZz1l-SinHhVLmZBPW63_qeTyIOpfDZwj9GcwSfl2hIrLUdO8pxrYlF_EWGG8HxJLVdzjkv7npxZFw1gsl3VfPcHJVWmFD6QKbb61r4HotCBnrE76Oia7vZK-T4UMsIuVuwnWP6LR97T4s57lAzbNrj6ZF9-5jBCTTqUqKEr7KpiRyk8qmyxsVK53hZSZMCtmEhSIN5Bztx1EvlYU&sig=Cg0ArKJSzNHyAxnYCmpnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=434&vt=11&dtpt=215&dett=3&cstd=216&cisv=r20220810.64796&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
NoeDisplay-Bold.woff2
s0.2mdn.net/creatives/assets/4519006/ Frame D2E2 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4519006/NoeDisplay-Bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
252af27dff2d714fae7aae5783d33fb6a2f5089bd387717569317188c63c2a3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:13:55 GMT
x-content-type-options
nosniff
age
171
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23068
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 13:58:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:28:55 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ Frame D2E2 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:regular|Open+Sans:regular|Playfair+Display+SC:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 11:57:13 GMT
x-content-type-options
nosniff
age
15573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16720
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 11:57:13 GMT
lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
pagead2.googlesyndication.com/bg/ Frame 7E1E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
13943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14125
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 12:24:23 GMT
lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
pagead2.googlesyndication.com/bg/ Frame 4647 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
13943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14125
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 12:24:23 GMT
btn.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/btn.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd5619e0897c78252e40d1faeb490a78702d0bfed74ea0771e40fc5e1c5a4424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:47 GMT
x-content-type-options
nosniff
age
411239
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2145
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:47 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EA4B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWJGAFgl-_sCeSd41fPy4YkuRZfoCLZy_5OTOLLxLoZAM3NjXBDtZa40mW8JdyOyDjn5DBEJYVFvZ6tB9b620krWcwacVssJIaVKiPGgz-NSXei9gB0YFZ-XzODp2NAiV_jPP2_BVPurDwTmcAwu0PRzfQHmFvSKLtihtdskgfRWxY5024OahPqh7gWfT9FBqYAK7GyHoEo4VwKeRVSgUpEZp-Ms3LeCEAYyQYEZ-UTYPjfNEgFskQhXgBjZRkL1MNoK5BGsgwfCQ9Pj1jVSIKCbLaNFARh5cwkIa6KG7yUCQ1iLV3MudDMkebZuwtyS2VYtEiLZT9cbPmp65Ber41pr4MuNI4a0UEH2jhCT4olZcyjn7L5Mf5ZA58qbXQF231CFqXhuicO8_Gypdq_xBqWLrum73qsvpccwITzJ_NgfTI82WAunqYgUqHn45l344FIUeKD1u8-XQ74lE_Av9z7pYkIgn7yqXlO9kYxTi3zzjOQ_ZxCCYVq2FENkXc9HzCY22Vy86vZUOwUe05OXBFBaf2lZ4zxAq4uLTECjQgJNr18w_KN6CE9EqP0qRL6rveiNba825pmS0s1ArPFmZGIiVo562YandeDYqOU03TW-lC6g5qnvP4Amz9Gfor9arXDz1pRrD8NvyvYjlhN4PWfTJyCKxaewnRpm0cMoZNB5TQQbDhMTfkiljTqDwJ4XZe8vrRe8-3nt10Ln0QnmXUyMPZUKdeGImbgeD1j7DY6_JVjPf0JbHvMPkl_L_gWww9iubDZWFz03m-Fq9RN0gSgM5HY-_3LVdWhdSU5-fANvIhyBgafGxNNwmRQ5EjX5mGdJBMLe8fgDpSxDz1fwP_ON3nymmq8FS0iIaTUU-PFIzha7GO8xupzpbhcORPGf6QIk8MS2siunFWCw0Tn3uy1k93nfU7loFTGB11XlrjeFaYal_Ev2g1XIoE8-js2sHENA6GPZqQvXEH5b8nTitzLjXYAmqZIlP4YYMd6EdbiWGLRER3k7s9WIWCLV83Bd9zlZekLtrSW0mUuhjs7tJ58n6a5tFdVL7Eq3Ax0Hr8fVHh4UM5RtyCRzYSd6OLuSOlob_PLhFVWrQnQScLgwuiD5XaIG7Is00stT-qtVO8Fuj60JnXPY0ckjlNIaUSq6yedo6piFhfeiRxSUFY00mbkNJ5g8-Q9_3n_HZyGn4&sai=AMfl-YQIMjTR2Hq_cfvpI9NUaG1drK9BS2h65AwYBBirfv680WgHpHLUtI2gD2-pr6z9r8smoz4dOCx3qEfjFmlhn3B3Gk6LKvFoXP1fpTaA5FNMdj7f12GZURAzf9QYTiWhlDSSvhKP47Uepk56fIqEjpbKtha0hrK713Okmj6Qp-ohQsNeVPdYV3TTV3O_YIXErgy9eM4Cd8Z1xWRW3UNVLYZOonRGKOI&sig=Cg0ArKJSzPm1ZKl_jNY9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=448&vt=11&dtpt=241&dett=3&cstd=201&cisv=r20220810.30906&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
bubble.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/bubble.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09116db47352e59eca013b0eb39727769454564d8c6c962721af498921615af7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:47 GMT
x-content-type-options
nosniff
age
411239
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14976
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:47 GMT
dieter.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/dieter.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e11c6ec3cfc264f3fe11d67495dc083c08d5e33c753f26fcf0a9fd17fca5d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:47 GMT
x-content-type-options
nosniff
age
411239
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10423
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D2E2 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89030fae640e95fdeacbbf8785c8de9df17c6532eef863dda68b8be210429969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5478
x-xss-protection
0
23720825_20220520013528796_300x250_Sello_SPA.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220520013528796_300x250_Sello_SPA.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45ba8cb65f35489fc6d6c2aea04344fe107f3dfda6541f112ab05db5ea939a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 14:58:03 GMT
x-content-type-options
nosniff
age
4723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11012
x-xss-protection
0
last-modified
Fri, 20 May 2022 08:35:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 14:58:03 GMT
23720825_20220511060324724_CANCEL-DE-300x250.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220511060324724_CANCEL-DE-300x250.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c03953fc13eb8db32714771621a082908c0944fc8bd3dca7ab0dc7734f10bd77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 22:23:41 GMT
x-content-type-options
nosniff
age
64385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9343
x-xss-protection
0
last-modified
Wed, 11 May 2022 13:03:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 22:23:41 GMT
23720825_20211125045126622_300x250_Logo.svg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		28 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20211125045126622_300x250_Logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1f6139cd11db9f41ef24575cd59d3f14cbd1c239ce23aa887ef1ad8b3756ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:03:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8077
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 10:37:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 16:03:32 GMT
23720825_20211124073950898_300x250_Pastilla.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20211124073950898_300x250_Pastilla.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6b3b484d4e929920d22052e680577b181eec29fb6dc2aef0c14dd2893d55ea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:03:32 GMT
x-content-type-options
nosniff
age
794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87545
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 15:39:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 16:03:32 GMT
23720825_20220520013917193_300x250_Parejas.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220520013917193_300x250_Parejas.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d96da7a2ff4125250016ce45e9c7681efb880de8491352e46a7062f86f5c41cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 14:58:03 GMT
x-content-type-options
nosniff
age
4723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69091
x-xss-protection
0
last-modified
Fri, 20 May 2022 08:39:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 14:58:03 GMT
23720825_20220511050543557_BAL300x250.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220511050543557_BAL300x250.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81976775fecf2752aa0b89d19da6a7d0c318f2db7894a7202f60cf50bdab31e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 16:48:26 GMT
x-content-type-options
nosniff
age
84500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67266
x-xss-protection
0
last-modified
Wed, 11 May 2022 12:05:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:48:26 GMT
finger.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		844 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/finger.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f01a9bc4e78790459c7127bd0cda22c56ed6e92744c1653fba9dc071b59a633a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
411238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
844
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:48 GMT
truncated
/ Frame D2E2 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/gif
h1.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/h1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:48 GMT
x-content-type-options
nosniff
age
411238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1167
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:48 GMT
23720825_20220511050543557_BAL300x250.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220511050543557_BAL300x250.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81976775fecf2752aa0b89d19da6a7d0c318f2db7894a7202f60cf50bdab31e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 16:48:26 GMT
x-content-type-options
nosniff
age
84500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67266
x-xss-protection
0
last-modified
Wed, 11 May 2022 12:05:43 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:48:26 GMT
23720825_20220520013917193_300x250_Parejas.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220520013917193_300x250_Parejas.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d96da7a2ff4125250016ce45e9c7681efb880de8491352e46a7062f86f5c41cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 14:58:03 GMT
x-content-type-options
nosniff
age
4723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69091
x-xss-protection
0
last-modified
Fri, 20 May 2022 08:39:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 14:58:03 GMT
23720825_20211124073950898_300x250_Pastilla.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20211124073950898_300x250_Pastilla.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6b3b484d4e929920d22052e680577b181eec29fb6dc2aef0c14dd2893d55ea5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:03:32 GMT
x-content-type-options
nosniff
age
794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87545
x-xss-protection
0
last-modified
Wed, 24 Nov 2021 15:39:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 16:03:32 GMT
23720825_20211125045126622_300x250_Logo.svg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		28 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20211125045126622_300x250_Logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1f6139cd11db9f41ef24575cd59d3f14cbd1c239ce23aa887ef1ad8b3756ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:03:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8077
x-xss-protection
0
last-modified
Fri, 26 Nov 2021 10:37:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 16:03:32 GMT
23720825_20220511060324724_CANCEL-DE-300x250.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220511060324724_CANCEL-DE-300x250.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c03953fc13eb8db32714771621a082908c0944fc8bd3dca7ab0dc7734f10bd77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 22:23:41 GMT
x-content-type-options
nosniff
age
64385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9343
x-xss-protection
0
last-modified
Wed, 11 May 2022 13:03:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 22:23:41 GMT
23720825_20220520013528796_300x250_Sello_SPA.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame D2E2 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20220520013528796_300x250_Sello_SPA.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45ba8cb65f35489fc6d6c2aea04344fe107f3dfda6541f112ab05db5ea939a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4967240334341465534/index.html?e=69&leftOffset=0&topOffset=0&c=Q6JdqMVGUZ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 14:58:03 GMT
x-content-type-options
nosniff
age
4723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11012
x-xss-protection
0
last-modified
Fri, 20 May 2022 08:35:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 14:58:03 GMT
h2.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		689 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/h2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4775bafc6404ab4de18fabb0fc0559f5c1cc744fc687e410ef5e7c25e1b8737a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:46 GMT
x-content-type-options
nosniff
age
411240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
689
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D2E2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 16:16:46 GMT
h3.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		826 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/h3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:46 GMT
x-content-type-options
nosniff
age
411240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
826
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E1E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8wjnbXH6YobEKMSn9u8PkJOlmA0AAAAAOAHgBAI&bg=!XF-lXxvNAAa4hXTbmIU7ACkAdvg8Wt9QaN8ApoEGZq6-XpUrmxPHHaDYdte55tSbg40TC_8LiqCuRwIAAADCUgAAAANoAQeZA3-_ckFbkDFlZga6mxZq0FVFp89rYTD6Fjpb6UGN2p8NmQzvYB9_7UFkyA3LDB2qaSAuSmN_DWYDVEGF4pT-K5yA0wARb8nqcMbnGtqW5CMaqujFurKkZoa3PSmV3YS1M2DAH-zHe4AVXS8XZsAXuABA8u53Cx68ltMy-yDVRtUf431ETqZN8GwRKRs20XmR5k81Gb1JYihoWB-Y46S8c16q8_E9arfSkicrvhVGZ9xPko-6YFs7h5rocfmLjS0QqUA-g1v3nJCBemDKcDoeZNwmUu3tIHz0j1c3h_x53EcUdILgQVzXG7PczXahH4QGhkj_0Xugwx_ujJ379U3sELLHFfl6YGbSFh7kEuZNYAGqo1noOaClCWIhfigwqL2k281X7yuZyroUsBqxrYeKAFCCEhD7Ao8hNciRzcDhZZG6vtDO9z8KqutXcfq7sGwmsPCFJrsW4erigU57Gq7lp2E8ko_yj21L2sqhOUC5m30qzvJI_2fMMvC6LOCRFuLzfsCMAkExOdc2l25BhzfN4iYkgrN_joeN3MWnpXu8LWtAJ4LQ8t1DXZj2w-SdGkXCm4RMVcHerMS2fIAcWOMeQIgnJOvLHeAlKHB7yOSwiq0jwlxYS6C6oukZ0zLhuXYrMUtMbg5hzArxvipB17xRH_iVeQttqIrZ4D-WN4D2TxoNWf-ws1ejFBFkkJtL1vYwIUBXYUNeaRhk7t0ZFCIe6EHyUmAFc9SSbXG2pxaCAVWpR5tOyI9iqADiMmlJdUAR4jaPrznTWWBfDXmmmV7MjY2H0gM7jsGJMZCGqYdJH6ickB5vv_AJyycM4Cl7eNuNhgzca9pVV5nPNywx7cCoqjET54XoeNyTfFShSRCBwPE_aoe8dDGCvTxnQhCrgfjcBSd7Q4O2PX-9TeHf9mtXaSN5nh1xKyeRvMnx92KqjiO9F8ip5BRAzmpCCdaZtN8spM9RkP-EAmkHbBwK7HaedbAg5D86PLq6U42npaJvL97vxJDE9csaB8Z3lUW3NCev2MFLBe0Vx55R1VtuPshwtRCg2uv3qbKUUztgQ8H6d5HuDbINoPuyvxAG7LqxKGVdNKFmmjU994568AN8sZAnDC_HG1tbzM0WPCeg2rViDeh8TFeH6M3sC1GlRLqyqjztac1xX9vNXwA_bWa3BDWVCIRznd6aULshDyUCSYbPii3Z
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4647 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BicXKbXH6YuvKKJSB9u8PwL-zkAYAAAAAOAHgBAI&bg=!dnWldTHNAAa4hXTbmIU7ACkAdvg8WjM48SXue5noO6M890TxZXsYO8CNx5yzs5UzFn-XzL1bJSbcHQIAAAC9UgAAAAJoAQcKADi_P4wullYtK78n9BgAlvc927Ydp4f87jh8vY2ATUQA3nwVoMr3e1JynxUBxzuv2lCt3HmO7t5bwpkDOUK_ttttQAeER0eCb_OuUuk7T9k5bTZmajoIMFFEUIHcl5QkzGoFX3VC-wwK4Wpx6TCtvl__T37RhF0xVEgJ72VTrOYgySyCoEBhIevRWSJfqwtg9CpGR5_7cuc_btFol0SrkFC7_EUEn3k80v8DHVCEl8kX4ctQznFT84t6AHmgRpvFKeVguQnA7qvRPV7mvX9gs7V0ZeB1YZeOZ-jI2BpmrYXusvIYH7BtYiGNRp9H-ZSji03SPtFTgnHDcCEgbhKAVuVs6h0_W_e-PcDZ_RR6RXQXcgfXN8oC6N--fPWLXCqpXVbdsHVfMxepq1K401vIvI3K4AV1xdBTcayieZRE7-OwAhRNtFKjm6z6rpI96ETiY3zCUFMHi4Dm8IRAWmPtvLAxl3byUDS7eMKLuGlMJpRJyKRcJeCBhZ5UIpps3GYSmB8x7U3-04sjXdALupygp1kLSBm_46Bf6unaZSnSGDiy27W--wlMsZLKlUje8zZVobUmc3ls0Ur9hY7cw1V7mCwfk06iCAYDjyX1-6DHRyd0MygIFO-ETPvk0YlpgCswdDKv81pESoIHAdKBdY6I2wdasJmeqehm8v0XDvBBA2lcXn-1Z11MmrPiOxNsV7x2iRZZFXaPUo29Pff4n0mD6myBRTF0aOSx1IstXgfxPEwPOUfRjosSjlUNNxObK_Uqs0trlakKjX-vMBDAKvQiBjN6pf02wPYlYoSoxJQp1sklYfvKSC_8suAuOwYum2ocYo-8TH3Aa3hatxFThuha3lCmw3LbnDI3LYt5zy47qICu8DChdqdqek5Legqur_4wryRogB6ww1LAEsTYwLeJZffCkzWbHwyJuFagx_32Dj167DqXiY6SNw6fQ-hmF92pb1Nw9YpNxAYxwY_RMo4Kgzi7d3QhDwpxzNbW2ZpLjD8SaXQwNAUyP8oquWYSM9ndRYas7fyYNmPmxViV1rOi4oUyF7uA8s0VnycXJ-_u0glXgW1stu10pqlZthpM9jWGJcM_atTzE0CAzHID18VSBMjFnsiR7Qoe3DcY0nPhUy-c5SvAX5jZWYn-e4QsJtH89AS8Vcu_ytPGImcpeBqmnKBwfuM_hQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
h4.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		967 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/h4.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:46 GMT
x-content-type-options
nosniff
age
411240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
967
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:46 GMT
h5.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		621 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/h5.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ddbf7aaf7599952a778f62b98829702e3f9e0d253947292af8c2cefb1a26006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:46 GMT
x-content-type-options
nosniff
age
411240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
621
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:46 GMT
h6.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		682 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/h6.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:46 GMT
x-content-type-options
nosniff
age
411240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
682
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:46 GMT
introlog.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/introlog.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:46 GMT
x-content-type-options
nosniff
age
411240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3529
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:46 GMT
siegel.png
s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/ Frame A522 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/images/siegel.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1491781193815818240/freenet_202207_mobilfunk_Stroeer_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 22:02:49 GMT
x-content-type-options
nosniff
age
411237
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4943
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 12:47:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 22:02:49 GMT
container.html
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 418B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:45 GMT
expires
Tue, 15 Aug 2023 16:16:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A3D7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:45 GMT
expires
Tue, 15 Aug 2023 16:16:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4B6C 		466 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW2Q0QcOAKydPO5LNx1G6G01aefuhAzTNzM1zbrZ2_ViCTKAQsP42fUzXeSJH0HuO0N81dq8vceR9dQK8YxaP31ul5GURtRrdalJGERTsGSXhckzv7oz1w9tRQVHALW7ueSHqrq70XW51WPHviE1yHk9IOt2QdnEV0vawkiuyEt8V6xXT0
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
280
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 418B 		101 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCCA6L9tCAsVzZA_y4yH0ubdzzAYDwPzqIqcSuQlIo6AobvzxGuUvdUFaZhrauDn6qCyBFw8vmxRTCHZA9yd20T5j0_6_mOH5KhzxuMZondFZak9rCgVdbOlLTZqimc7-4lkRYuuxia3xX6MAvh-TQBOJ7vg&dbm_d=AKAmf-B6hXtn6hOlUcN-NhrxXM8KCe8d-Bof3BH7NbUD3EFN4H9Fw6BTvMO7AFn9fI6BEof-HQ6dHdAk70fPaHHwwYTpy8ojfytRHjHfHYYNfJctmAh-WsRxEmE9a8hzJutLQvGJEYQAHaH32sjnSnr1s-8NNlMfjVExkLPN1pesSyr4IdMvA-xX4wFWfG63I5C1867DWXdPg1i4XpA1tHAre1wko9m2crx7KEbaf8t5YiqkcHTuSiRQGqKenKTUTi5iQbnwHgpITjnytApU3fp-yllcXT6nvchNjcCg91MYtH-6G9qA6SS88duDpPWAiY9dMNza6i6G5Vwup2FyDZWeH4LB66MXnJXVZ7yTlZcWvb_bHl7LgA5rWC7WKGnt9utXCok_BIYU_RgvhwsQdkohgqvQYLWdl6ubD9yo--9olYypSWVQuX2KOUAloxl-lRyWiI11TfREcbD5dYQj9R3SVKuAD5WhQg_ruwY9-RQ--8xNG4fB_4gNGldVqKk1n8I525b8dA2D0jq7AqqHcsYBOtUEsxJ7D213S_NcIUeqZ1dZjkdlJ12WKhbveFz_lsCLSrHEXP8u0Ws8GSKuHo1ZTr6vFrLzABRB218yhxygwd4yyHPtSgY9kpmzHz1aYs43wTG7CIU424mpipDBrEgNgWifMHFvjlGJMbykw45YXGBY55tthht0LYzMRKZBr5b5ZlpddN1Gjqr63XFGUOLaAx-BVerVzMF0xRuwEAbKZIIzZ03FVuMQt-aw3sRsNlHngH9Q9dS379yybiXr4cmSQ9aNgfJSjvppX3eSEFkuA4EKfsB4pNmSY8iML33osk-WIqJ4wM3wFkHX6Fu4usk2PCyocBcGlcRVcmKsZAtPYF-UDS68-3a7SVfao2jidpnhPJOGGr0hdqABOO4r5DQv7UR_OznxM49QQd56PUJd4w0BLbYpDp0L3eMhfImj6cSgX6DP3c98f0hwWbwI5xkQ6vMMLU1K5h0fUzv-6ZuAVgJZV0nkzOvob_VJtI8fIwUzSIQ3CrcISd8uZ3ZDZji2mh3YgoQPGkTMzt6VBGWmWWS935iN7dpbhidIi-Wg4jeBXypYTd9CQKIsbKra9K1QwgzWbONb450IG7Qj-sCY5g6qiGi-xswWWZ9w1e_iOD6hDxwS7hid7JErlLsBK6E8NGa6UBtAd1cnlGWBBVTiPTKxxOIDOBth4ITozJ9wGzuIe-LjLArM1t9-d3Mix58WmN41UR3rdReiphReST7gC0kk5Kz1tbcGXiqY5ui69qQAZQMPZsthtyM9hGBH2z_7GcJ86aJXiBtUIj7U1mKR7ufr4Dz-HoUuptp8xDymxMFr8Uhkn7tMWeKGevnu690m2WEPix-SpDMYM1egC6yyj7IyRL3o4wEnpbcbyiW9NJQPLfMefeKX8L8sb0iiyKOxZ1UHuY_ol7e4ClF3IUGAQwWVjJHkVZ01qDBBaMI6MZ_91fO5Y2--auQF4kLYEHeWSHrfWIza7bxIXcvjsT_31lt3lqrZu9ZgrDAmycw3Y1JtcFdxRYBAWMT4qVDrlRy6lYb8QZ2oyMfrsq2__5t99t4ybdKG6ZyriaFhjNpHl0truPTlHoDf_Np85hXqjIqLDj_HWVZahbH7uxKp7jbgozHUFs0dtoim_GU2bXi5UUOZIM469mlXF5tnK8alfzuEMaVbh2Fu56r5vFLMkrSFSwzz0tVW8cTw9rPUODcL-CsvYXP_aiel8HYZ1Qz5Db9fLZmNJXxB06n6z-v-s4YqEB1XwxZZxpSk1avenjsdDQG58fBfIfx7tu6PerZytikJ-G8Zu_Xc_79F1jTnQPDOOyiDgXPs5NNOIOtNQvSwe0qbmR3taSLUXCPO6acBnxh_6oO4BP6dv6MSf_2zdT19mn_nuQzSznaBh0UkGkxljYDH0eItWs1qTDfOsR2pqmXizlzJp0zEkH_9C_F1PUk3rm7fAS5boEOlzCCK2oyy19DYLL66qP5DBqSRzNeNMKbY9BOpuwnrE9iN5VTwZ3ZX7bn1EGkzKtQc-6gvIEcTZCEOSlAelH82_fDqiwc2DTSV9tWRGQ1JrnlAIfMz5687kzJAyJi8ulC1hcaxRd4y3OG-jJ9y9bx7L1XSKZa2L4v9okPXoGHQPqxCtRQDR8iXUt07DifY7kvEyu7NKbF3Q_xJgRSN_fkk4GQJE5ylaa2RPtTeNUwImzFhN8D_SZTNuRHozJc_yZG1FED13pIqqC0tABWQQIo4Tg_zE7ni5Zj1LqBRlN-kqm0-9qBQlZdlktIMfcLATL-reT2sox1mJFQQRk3Z5q0UpV8fW1xp5jDC6zjc6Nz6nJe3uY80B4PqgWAIZA8hhgwlOKEd-3CCjkILVmOXGW_VDwhhsoKXJ4d43UvvZyYUJbx80WeorVHUZN_La86Ewvc__j-6zJ8BMVY7cBTvrEnbOtyis1w2kpUcbaaczQvs683Je-b_6yITuu_4nq-ons27YQEhi9ZM4x72O1r8BBytASl_bRNBCuHONBShD7XQrcweeWbYwAdWWUY5FyhEx9W1s23m8nR9JrcRi_HvVWJWWZfLV0bPsFLj-Z2JsESpXP4QZAl56qifqiG1LNuiptbfoTz4Dbpxi1qmp7sGpqNXQYO8NO8AHdyOipUh1W7MwvuUBQZ72OSL0KyXH3SKFiBZps9u3Y-hRcYSCrAlVLYn4C_TK_hIav3RkPFm11ZGIKazLZSAcqgqyZUSfT1I1z_cBRhUtGBWDhWsLOp-VrPITd5gPLh-tRfUuSc8MbBAwXvbp-R6f3FswWkTh9QZkuQrn8w-7TdY71-AUg3fNBBAkj-NCszeRPrtB86_6nJbVigqgXif8TrQP7yNzeBtMieihuSkHVATOeXYuq521XciA6pDMfsaFPaA8kF1kGoiXF49cdcowrXqg0LfSN0kxDt347hgGYgvJre0_97Kdl1f5batvf4LkX2ARLULpPhq5CfUk1rwiCte0My62p7qx7w66OUq9UuSOES2bR8TM7yEdfzIHTGu982WSRGXhV347ASdq242XikmYbo7FiXlqJjb7pc6jdSRdpKhRmcjLuSJ8DTysL_dw1gmUjrP-lCwwt6_guwZSMCwoctbmeei9-RpSGMJqJpXssk66xfr7Gqr5ns3MgwwgK2QjoilEktFwr09S5nMNMJY_gMYgs9KlF5VLeKi6aGYau3JsP5jhS5fx2wG2PESCdwise3KPNpMLQBXKVwrdRYNrnuo0XpSwQTO6W8mPB-pnhjjhfH-QAwefLq8BV15Vk8ZyfNBsK-kZaC-vev1gIj3nWd127O8t_N4omwZGSVDGuDcyjroDYmiV9RavYH7jjlhQVTI990y9GUX4VYy5N283A85q732WDwpU6rML_AT75OwOjX42Nx10in-8-eANieBFFEkR-9ogQsXt0FH9T9J-U0uOZsnpoQ&cid=CAASJeRoIZLDfcnEGommfUGk9GnYv0h4QGZsKFdeDRtuej44vpVb0c0&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1f959ca012d693a20ae3db7bb5588f7700bcc26cad771ab82f63a9898978da5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37925
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 418B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFSM79XLzS_6V30JXynVz_U3sWc9tD4g_lWxOm2Xbv6TuTfwEbP8kxsmge_RPSGp3LOmcaPyrw1YipPq3gK57LKilDqnvYPogSCSr3OX82XSHmhdk
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 418B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:13:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 418B 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 16:16:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 418B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:48 GMT
l
www.google.com/ads/measurement/ Frame 418B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEwKd61eibHRpmHUoby0UJ9l9cEPwazuzEGkF_V8Gx2IyaoJ9nLOzCj-rjTXiDdJnvq39KltaGv5Bw6dfTYHPcrhDcmw
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 400D 		466 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYmeGZyAEwAQ&v=APEucNXpd5ubKja-rQjo7d_Q24R5JnJSzNafbNJ9KZJDCMQlktbDjm0zUEdXluOGFF3jYMa6vAseQeynKl_rOqF4MChKFXEiGhpekg6PR54UqxFERLmG-D_wdV0P-WVysVg6VWdW-Mhs05703psVm9ZGImyN1aX6EpecqQ71fCxuknpGupfJeuk
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
280
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A3D7 		101 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0qbQ8Xx0qyWXO-AytJwcbr1Ro70zE_X_73Rcmbzh5uvCVrWVWtbq8usE5K5cGTXx2eHo-rNjKw5FTtYYaS-qOJbZFkOzHrcQpvdHC5D_YmNszwmA6Grgd-4XcNbRRPG7CVOx5j2qBT4_nZWjt9vBpxv49lg&dbm_d=AKAmf-DPmx9B2vuDb1LPf2WCgzWNmd6mrJn3z_hTzA1yevV4676tsjEbvXrKonTg304lyf8m-ZeNCgR_nWJiJDANHkKaE-zPJ6THM4YsagQX8j2CDfm8potqbJTbH5XHXCec9NGLA1Q4jorf2xyJsSaGiSFZ5aZPBdMGfYjy0hLVCyYOydviRxXythJjpO-zhi04JFCyk0Yu0Xc0WAsaiqjB1nq5y0Cv5kQiSsUN7Iglmz-7HQY1WF39kIQTscTUZMxQ4jpB5YrcvPj67Smys0otXpL49OSc0ks9XDlhKO_swTUsi82qiGXZqxGiGTzwdejk-kvnkpKIPBulRHXAww3TLWrcGjVIVE9MaAGLt37YSJ1cJzhkp8jUNtk7Qzk0lYlJp6EWBniCIl_GJmJchyWr8Ib9IAaluNmkuNl7yeKf7WKwZC1gQ2DsWOiVsoVwOSLOxPh7cYVLF8Qqt8rF0y0fWfRlZ7KhOuxEU3oDn5H_3w7b5KNuzEQev2JHhvCMN3eRDYo9vaqxACzeFWNE7mb33aRt5omIelqb3lBKlghP9C1HzYBdEVa95hq3y2ZdxXg-YkL8zZCSSNlYrLQyrjG2HywF7qrwPW8ObLy5jCEHSUEmwHwOWvNPNfWY7EAxqcCBJl6kJk7LyOGCeHm32EOJXy9A-uix2w36p0yvKiJGXx5tHJLxdab-fQcR407sFMwd6SQrqlLGlpJkF0KHXmfLA4K_YSvjPGZtr4Ydu_1qTGaDqlpCUtfjlDIB2KyDmYAscw8FR8j56yPyUCaBox0CQGsnXJuimZW_Clwo5vLHFsYUokcP_g6Bde95cYDyyBJSqF7Mr7UM_SHvFzi-ltKcVyc7SZlAoc9ya1wNOLlSyTiv6c6gSLkBo30rMsco69FZjvknIoiUe1nrlKGlXRtccVbohUbc4_HFBrdffcvu-LpqT0mEYW34FC0obZgPG9804KSWV9AdPfgEH0qo2It7kjiEisMzW-4JddHXigL2k4_9FVm3lNihustR6xIjW26zYIr9bjmWJj7ptYPJ05fzXAhTP2oRC3ubzl2zfk819icjuHDL_M3KDkUzAEH0qGFULi2eV0ijQV1HRHdUu5Cyfdn1ItAcP5Ml4zikLgWCm8nXBjMkAUsC7ARl-LXgi6Heg5krOQJSU5jkIC7V6E1eFlFjm6PlFGzag42F0Av_R2B_neCVt-4Ka0GCuSaoYrQU3ivbvG2T48p_QurrHSBIz44PC48Ezd75oeMxxFX9HIwdPq9Wbmgpbwl3llzJWioN2A2XKSk4P6AGBHO_ZTlktZh7wuh7JwsOKDU_fbfEZiJFRKy9_KTImHrxdNNuelPmT5IGlbGSUBFPRpXXWR7wJ0Bsm3Nh0U2KQAl_PGk5SlEcE51F1wy13u5tW3Zp1FZ-xBckSZcuRP5EBEaMObfa4cdisFIXDZL-RwXFsFWY06JNW2tKcTBKrCt7NIhaKrUGvqBJP0F7OPituJj6WXwsAj7rKcYViL-Wfy9errYC1g1B79guzSQv3HoVntqqgLMK5euyTmHOHaSR_wSZQx4Q6B3Kd20R1jfwOKW857qrdNeCZJwQ3OW4aIYs1K4qk5nfzb2E-lHsWxr4rBs1-Q_WbjC7mTiHQllX4b4A2p1dIo41oWXDMCEqK6P0kSootBhQCjVJkuGYgh3lriA294vTDJMGhLCc-yL08zp6JPFVXzxLVNDAnZU2apI2G6o9xcfAtB6SWM07NwzKFFBBn6t7v9YYnODxwO0nk0EkWWeu5Q8hGVh7feobxIZgNDXJdtx42-HfM6sywfXlh-Gh-8PFQD4QweeWF0R1ZaoxKqplpuPXCyOWt2UWCn3s7Jt4ConaRGUFG4YJvCMIbEsSr84DBFQr2VXOkV0ucaIlVXsh2HUFHwmvVALkNRPUWXTekmFTgmZ9fBRsmOVWOQAnjg5QRfb0I6mzoLHYX8YwHxvMEsEdRSgnIj_bBgoyn68RjpD1IV0hShOJ3BPCMJ_ezQp5zby1Xt6_bLgF_yaR44AXEuST0h3AtkJv1EYjAAyPlL_H0FApE9mc-BzG8bK2J1Y3HdDJbAs1mGVeSoxZO5JX5NrXChRPTow-wXA56Nlj4oBhvVo2-gJDA_R3lqOrks6ml9wlfNua5ZhcO8TnYprlBPwhto91yIpsAb1ota6mml_SMNGhx6PKgIVRq5ulbPpK1E5P_X88M18ZPltVxyTwJsxXLwF55-0OHXlSeh7zFGY-NrVBPsvmNPWNrMLevbtqhZbZhC1sWjoVCn1XBxLURe1lmV6jbrqyRVOI-nSt5lGO8j-80l049gyo2SgBirHJ4HZJEChNtWwW2VukgPbEPSFkj4U0LLEmHQLcvOGirQrv2N6xSn9nxYBhsP-iobJA_egWaBQUaui44m1zE1c8iIR8SJ8LSBWiNyH0i1Vd6MKyiMKFboNxXmSuVoA00ys7CW8FIxSjy7tf9PxxmljdBKq2R3VdrNY7NYbLy3vbXuJBkR-JhBRRElNr0dvnJgCNGuVEerORqADV8LGqz_oUo2lBTOeB6vsklimrGRH2unHZ_iMZWR1bJGKY_M-4_e16aoeUxOSUMixB5IjFxnMvs9II-ORgdnsrWzpCyZYq_NyLd0zcIABDGerg8YttkF_AiE7qvWjD6bN5fdjLeTpV2tu648sB_lno9Ve9YZhzR2ytf_CjE7YXeT7orLWkI1Flvoq8IfGvYO9gaozMgDgRTjNYbaYrMv3asu2RjAADX7x6Ix28iRNZs-VAphHQ5-TWH2yrEzoMWYu5iqKkS1-Yq9ZkEQpQoGOSZyPcuiDW1zGRocA1bSRbbEDfR-88f_bkXq0OlX7jkPSPx0DhLfsngyT0FwLa3HUqW_e62cpGTVT0NuyBVL-NiyZih7LMsl42y4vP2fd9PWZjL_OkynEHqmzBWRXPSZ3TqdiqnLCJCcMQI1ujh3AE2mgPNnJiAWNiQ_Pq7NDhhbL015KNJ5IbLPCSymap55ibqE59iQwOEyZxGta67H9Z0pz3yWaImpnazGdyag-OwdkyekrBCDK2bjIQqeeUW6qQyv_xDakMbU4ltUw5o0glxmt5LlhWDL9HDbKDcXUcwLfV8Nk4-9dcPEWjMzyg6QldE3qVMaykqP5tQB85j1GfaanGFZLDMP9G3x06F_23gTkOW1xmyFk73SGBXIYNkZgsRGQ6FD41XZt_KC7rC8vd3TFfnKpdldKLCCMSs6SRY-s_bk_-MJRyWxHUUVXB4LM38GIAcdXHuBeEp2U6NpqiNAcNY8dBUsTsEZbS139NRAFmhSZKzpDj3XP7SHVbX0XpNHX3cwyEYqH_H5DHjsgQNCH9O2-fUffpUHNwdJvkfpMLbHIPpiVd53QcPZQX6jnFSC6O9lHQw2BZIsI-N0N_6G0-YoqnGfXIn80syta6nCT6moEckjfte0EChpxc4gc&cid=CAASJeRoguXIoCxBBR11u0T9ccTS1vkgVaVeIh9vGMeadg9BqhAyHnM&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
521365901c12bb2fc89e6f9c632a73f8e26657c9f7c8eea5ca0aec6db60c44a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38151
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A3D7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBAvnxv14PDNc-dZP2_TqTHuhIpz__jexzow7FbH1MCLSsVoR9a5uBPK8WXCQrfL2YXBFxgEEaIM1HSv91VWr93o2R_iIzzZ1pTvBEaoQ8O284m2k
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A3D7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
188
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:13:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A3D7 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 16:16:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame A3D7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:48 GMT
l
www.google.com/ads/measurement/ Frame A3D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtwoA6V1t32aGENLb8Aj00kivNBUOTY-QD4AqnGsjDYhN1mFSWStiDju5IkXeMnMfbmKMu5lJd2HGrNHlEz0baWeoqRg
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
partner
sync.search.spotxchange.com/ Frame 4B6C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1&__user_check__=1&sync_id=a9025e70-1cb5-11ed-8af9-18b2794d0206
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1&__user_check__=1&sync_id=a9025e70-1cb5-11ed-8af9-18b2794d0206
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW2Q0QcOAKydPO5LNx1G6G01aefuhAzTNzM1zbrZ2_ViCTKAQsP42fUzXeSJH0HuO0N81dq8vceR9dQK8YxaP31ul5GURtRrdalJGERTsGSXhckzv7oz1w9tRQVHALW7ueSHqrq70XW51WPHviE1yHk9IOt2QdnEV0vawkiuyEt8V6xXT0
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 15 Aug 2022 16:16:46 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
105
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 15 Aug 2022 16:16:46 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1&__user_check__=1&sync_id=a9025e70-1cb5-11ed-8af9-18b2794d0206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
66
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4B6C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTkwMDZkMTYtMWNiNS0xMWVkLWI3ZjgtMWQ3YWJiYWQwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTkwMDZkMTYtMWNiNS0xMWVkLWI3ZjgtMWQ3YWJiYWQwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW2Q0QcOAKydPO5LNx1G6G01aefuhAzTNzM1zbrZ2_ViCTKAQsP42fUzXeSJH0HuO0N81dq8vceR9dQK8YxaP31ul5GURtRrdalJGERTsGSXhckzv7oz1w9tRQVHALW7ueSHqrq70XW51WPHviE1yHk9IOt2QdnEV0vawkiuyEt8V6xXT0
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Aug 2022 16:16:46 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTkwMDZkMTYtMWNiNS0xMWVkLWI3ZjgtMWQ3YWJiYWQwNTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
42
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4B6C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lVWVRZXQ5RTJ1RjREMnZpNG16NWZMQUF5UXRFaFhZQ35B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lVWVRZXQ5RTJ1RjREMnZpNG16NWZMQUF5UXRFaFhZQ35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW2Q0QcOAKydPO5LNx1G6G01aefuhAzTNzM1zbrZ2_ViCTKAQsP42fUzXeSJH0HuO0N81dq8vceR9dQK8YxaP31ul5GURtRrdalJGERTsGSXhckzv7oz1w9tRQVHALW7ueSHqrq70XW51WPHviE1yHk9IOt2QdnEV0vawkiuyEt8V6xXT0
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lVWVRZXQ5RTJ1RjREMnZpNG16NWZMQUF5UXRFaFhZQ35B
date
Mon, 15 Aug 2022 16:16:46 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner
sync.search.spotxchange.com/ Frame 400D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1&__user_check__=1&sync_id=a902cee3-1cb5-11ed-8a8c-1024185a0406
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1&__user_check__=1&sync_id=a902cee3-1cb5-11ed-8a8c-1024185a0406
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYmeGZyAEwAQ&v=APEucNXpd5ubKja-rQjo7d_Q24R5JnJSzNafbNJ9KZJDCMQlktbDjm0zUEdXluOGFF3jYMa6vAseQeynKl_rOqF4MChKFXEiGhpekg6PR54UqxFERLmG-D_wdV0P-WVysVg6VWdW-Mhs05703psVm9ZGImyN1aX6EpecqQ71fCxuknpGupfJeuk
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 15 Aug 2022 16:16:46 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
85
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 15 Aug 2022 16:16:46 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESECH5IC4wZ7D2prmBo-h7m70&google_cver=1&__user_check__=1&sync_id=a902cee3-1cb5-11ed-8a8c-1024185a0406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
29
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 400D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTkwMDZkMTYtMWNiNS0xMWVkLWI3ZjgtMWQ3YWJiYWQwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTkwMDZkMTYtMWNiNS0xMWVkLWI3ZjgtMWQ3YWJiYWQwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYmeGZyAEwAQ&v=APEucNXpd5ubKja-rQjo7d_Q24R5JnJSzNafbNJ9KZJDCMQlktbDjm0zUEdXluOGFF3jYMa6vAseQeynKl_rOqF4MChKFXEiGhpekg6PR54UqxFERLmG-D_wdV0P-WVysVg6VWdW-Mhs05703psVm9ZGImyN1aX6EpecqQ71fCxuknpGupfJeuk
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Aug 2022 16:16:46 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=YTkwMDZkMTYtMWNiNS0xMWVkLWI3ZjgtMWQ3YWJiYWQwNTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
140
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 400D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lVWVRZXQ5RTJ1RjREMnZpNG16NWZMQUF5UXRFaFhZQ35B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lVWVRZXQ5RTJ1RjREMnZpNG16NWZMQUF5UXRFaFhZQ35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYmeGZyAEwAQ&v=APEucNXpd5ubKja-rQjo7d_Q24R5JnJSzNafbNJ9KZJDCMQlktbDjm0zUEdXluOGFF3jYMa6vAseQeynKl_rOqF4MChKFXEiGhpekg6PR54UqxFERLmG-D_wdV0P-WVysVg6VWdW-Mhs05703psVm9ZGImyN1aX6EpecqQ71fCxuknpGupfJeuk
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1lVWVRZXQ5RTJ1RjREMnZpNG16NWZMQUF5UXRFaFhZQ35B
date
Mon, 15 Aug 2022 16:16:46 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
skeleton.js
fw.adsafeprotected.com/rjss/st/886862/62195781/ Frame 418B 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/886862/62195781/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.82.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-82-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
56621134dbdf4ed410909e14c5e2002526b45365338218797b3fc3ce729b525c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 418B 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Origin
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 17:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 17:52:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 418B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCCA6L9tCAsVzZA_y4yH0ubdzzAYDwPzqIqcSuQlIo6AobvzxGuUvdUFaZhrauDn6qCyBFw8vmxRTCHZA9yd20T5j0_6_mOH5KhzxuMZondFZak9rCgVdbOlLTZqimc7-4lkRYuuxia3xX6MAvh-TQBOJ7vg&dbm_d=AKAmf-B6hXtn6hOlUcN-NhrxXM8KCe8d-Bof3BH7NbUD3EFN4H9Fw6BTvMO7AFn9fI6BEof-HQ6dHdAk70fPaHHwwYTpy8ojfytRHjHfHYYNfJctmAh-WsRxEmE9a8hzJutLQvGJEYQAHaH32sjnSnr1s-8NNlMfjVExkLPN1pesSyr4IdMvA-xX4wFWfG63I5C1867DWXdPg1i4XpA1tHAre1wko9m2crx7KEbaf8t5YiqkcHTuSiRQGqKenKTUTi5iQbnwHgpITjnytApU3fp-yllcXT6nvchNjcCg91MYtH-6G9qA6SS88duDpPWAiY9dMNza6i6G5Vwup2FyDZWeH4LB66MXnJXVZ7yTlZcWvb_bHl7LgA5rWC7WKGnt9utXCok_BIYU_RgvhwsQdkohgqvQYLWdl6ubD9yo--9olYypSWVQuX2KOUAloxl-lRyWiI11TfREcbD5dYQj9R3SVKuAD5WhQg_ruwY9-RQ--8xNG4fB_4gNGldVqKk1n8I525b8dA2D0jq7AqqHcsYBOtUEsxJ7D213S_NcIUeqZ1dZjkdlJ12WKhbveFz_lsCLSrHEXP8u0Ws8GSKuHo1ZTr6vFrLzABRB218yhxygwd4yyHPtSgY9kpmzHz1aYs43wTG7CIU424mpipDBrEgNgWifMHFvjlGJMbykw45YXGBY55tthht0LYzMRKZBr5b5ZlpddN1Gjqr63XFGUOLaAx-BVerVzMF0xRuwEAbKZIIzZ03FVuMQt-aw3sRsNlHngH9Q9dS379yybiXr4cmSQ9aNgfJSjvppX3eSEFkuA4EKfsB4pNmSY8iML33osk-WIqJ4wM3wFkHX6Fu4usk2PCyocBcGlcRVcmKsZAtPYF-UDS68-3a7SVfao2jidpnhPJOGGr0hdqABOO4r5DQv7UR_OznxM49QQd56PUJd4w0BLbYpDp0L3eMhfImj6cSgX6DP3c98f0hwWbwI5xkQ6vMMLU1K5h0fUzv-6ZuAVgJZV0nkzOvob_VJtI8fIwUzSIQ3CrcISd8uZ3ZDZji2mh3YgoQPGkTMzt6VBGWmWWS935iN7dpbhidIi-Wg4jeBXypYTd9CQKIsbKra9K1QwgzWbONb450IG7Qj-sCY5g6qiGi-xswWWZ9w1e_iOD6hDxwS7hid7JErlLsBK6E8NGa6UBtAd1cnlGWBBVTiPTKxxOIDOBth4ITozJ9wGzuIe-LjLArM1t9-d3Mix58WmN41UR3rdReiphReST7gC0kk5Kz1tbcGXiqY5ui69qQAZQMPZsthtyM9hGBH2z_7GcJ86aJXiBtUIj7U1mKR7ufr4Dz-HoUuptp8xDymxMFr8Uhkn7tMWeKGevnu690m2WEPix-SpDMYM1egC6yyj7IyRL3o4wEnpbcbyiW9NJQPLfMefeKX8L8sb0iiyKOxZ1UHuY_ol7e4ClF3IUGAQwWVjJHkVZ01qDBBaMI6MZ_91fO5Y2--auQF4kLYEHeWSHrfWIza7bxIXcvjsT_31lt3lqrZu9ZgrDAmycw3Y1JtcFdxRYBAWMT4qVDrlRy6lYb8QZ2oyMfrsq2__5t99t4ybdKG6ZyriaFhjNpHl0truPTlHoDf_Np85hXqjIqLDj_HWVZahbH7uxKp7jbgozHUFs0dtoim_GU2bXi5UUOZIM469mlXF5tnK8alfzuEMaVbh2Fu56r5vFLMkrSFSwzz0tVW8cTw9rPUODcL-CsvYXP_aiel8HYZ1Qz5Db9fLZmNJXxB06n6z-v-s4YqEB1XwxZZxpSk1avenjsdDQG58fBfIfx7tu6PerZytikJ-G8Zu_Xc_79F1jTnQPDOOyiDgXPs5NNOIOtNQvSwe0qbmR3taSLUXCPO6acBnxh_6oO4BP6dv6MSf_2zdT19mn_nuQzSznaBh0UkGkxljYDH0eItWs1qTDfOsR2pqmXizlzJp0zEkH_9C_F1PUk3rm7fAS5boEOlzCCK2oyy19DYLL66qP5DBqSRzNeNMKbY9BOpuwnrE9iN5VTwZ3ZX7bn1EGkzKtQc-6gvIEcTZCEOSlAelH82_fDqiwc2DTSV9tWRGQ1JrnlAIfMz5687kzJAyJi8ulC1hcaxRd4y3OG-jJ9y9bx7L1XSKZa2L4v9okPXoGHQPqxCtRQDR8iXUt07DifY7kvEyu7NKbF3Q_xJgRSN_fkk4GQJE5ylaa2RPtTeNUwImzFhN8D_SZTNuRHozJc_yZG1FED13pIqqC0tABWQQIo4Tg_zE7ni5Zj1LqBRlN-kqm0-9qBQlZdlktIMfcLATL-reT2sox1mJFQQRk3Z5q0UpV8fW1xp5jDC6zjc6Nz6nJe3uY80B4PqgWAIZA8hhgwlOKEd-3CCjkILVmOXGW_VDwhhsoKXJ4d43UvvZyYUJbx80WeorVHUZN_La86Ewvc__j-6zJ8BMVY7cBTvrEnbOtyis1w2kpUcbaaczQvs683Je-b_6yITuu_4nq-ons27YQEhi9ZM4x72O1r8BBytASl_bRNBCuHONBShD7XQrcweeWbYwAdWWUY5FyhEx9W1s23m8nR9JrcRi_HvVWJWWZfLV0bPsFLj-Z2JsESpXP4QZAl56qifqiG1LNuiptbfoTz4Dbpxi1qmp7sGpqNXQYO8NO8AHdyOipUh1W7MwvuUBQZ72OSL0KyXH3SKFiBZps9u3Y-hRcYSCrAlVLYn4C_TK_hIav3RkPFm11ZGIKazLZSAcqgqyZUSfT1I1z_cBRhUtGBWDhWsLOp-VrPITd5gPLh-tRfUuSc8MbBAwXvbp-R6f3FswWkTh9QZkuQrn8w-7TdY71-AUg3fNBBAkj-NCszeRPrtB86_6nJbVigqgXif8TrQP7yNzeBtMieihuSkHVATOeXYuq521XciA6pDMfsaFPaA8kF1kGoiXF49cdcowrXqg0LfSN0kxDt347hgGYgvJre0_97Kdl1f5batvf4LkX2ARLULpPhq5CfUk1rwiCte0My62p7qx7w66OUq9UuSOES2bR8TM7yEdfzIHTGu982WSRGXhV347ASdq242XikmYbo7FiXlqJjb7pc6jdSRdpKhRmcjLuSJ8DTysL_dw1gmUjrP-lCwwt6_guwZSMCwoctbmeei9-RpSGMJqJpXssk66xfr7Gqr5ns3MgwwgK2QjoilEktFwr09S5nMNMJY_gMYgs9KlF5VLeKi6aGYau3JsP5jhS5fx2wG2PESCdwise3KPNpMLQBXKVwrdRYNrnuo0XpSwQTO6W8mPB-pnhjjhfH-QAwefLq8BV15Vk8ZyfNBsK-kZaC-vev1gIj3nWd127O8t_N4omwZGSVDGuDcyjroDYmiV9RavYH7jjlhQVTI990y9GUX4VYy5N283A85q732WDwpU6rML_AT75OwOjX42Nx10in-8-eANieBFFEkR-9ogQsXt0FH9T9J-U0uOZsnpoQ&cid=CAASJeRoIZLDfcnEGommfUGk9GnYv0h4QGZsKFdeDRtuej44vpVb0c0&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 418B 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DCCA6L9tCAsVzZA_y4yH0ubdzzAYDwPzqIqcSuQlIo6AobvzxGuUvdUFaZhrauDn6qCyBFw8vmxRTCHZA9yd20T5j0_6_mOH5KhzxuMZondFZak9rCgVdbOlLTZqimc7-4lkRYuuxia3xX6MAvh-TQBOJ7vg&dbm_d=AKAmf-B6hXtn6hOlUcN-NhrxXM8KCe8d-Bof3BH7NbUD3EFN4H9Fw6BTvMO7AFn9fI6BEof-HQ6dHdAk70fPaHHwwYTpy8ojfytRHjHfHYYNfJctmAh-WsRxEmE9a8hzJutLQvGJEYQAHaH32sjnSnr1s-8NNlMfjVExkLPN1pesSyr4IdMvA-xX4wFWfG63I5C1867DWXdPg1i4XpA1tHAre1wko9m2crx7KEbaf8t5YiqkcHTuSiRQGqKenKTUTi5iQbnwHgpITjnytApU3fp-yllcXT6nvchNjcCg91MYtH-6G9qA6SS88duDpPWAiY9dMNza6i6G5Vwup2FyDZWeH4LB66MXnJXVZ7yTlZcWvb_bHl7LgA5rWC7WKGnt9utXCok_BIYU_RgvhwsQdkohgqvQYLWdl6ubD9yo--9olYypSWVQuX2KOUAloxl-lRyWiI11TfREcbD5dYQj9R3SVKuAD5WhQg_ruwY9-RQ--8xNG4fB_4gNGldVqKk1n8I525b8dA2D0jq7AqqHcsYBOtUEsxJ7D213S_NcIUeqZ1dZjkdlJ12WKhbveFz_lsCLSrHEXP8u0Ws8GSKuHo1ZTr6vFrLzABRB218yhxygwd4yyHPtSgY9kpmzHz1aYs43wTG7CIU424mpipDBrEgNgWifMHFvjlGJMbykw45YXGBY55tthht0LYzMRKZBr5b5ZlpddN1Gjqr63XFGUOLaAx-BVerVzMF0xRuwEAbKZIIzZ03FVuMQt-aw3sRsNlHngH9Q9dS379yybiXr4cmSQ9aNgfJSjvppX3eSEFkuA4EKfsB4pNmSY8iML33osk-WIqJ4wM3wFkHX6Fu4usk2PCyocBcGlcRVcmKsZAtPYF-UDS68-3a7SVfao2jidpnhPJOGGr0hdqABOO4r5DQv7UR_OznxM49QQd56PUJd4w0BLbYpDp0L3eMhfImj6cSgX6DP3c98f0hwWbwI5xkQ6vMMLU1K5h0fUzv-6ZuAVgJZV0nkzOvob_VJtI8fIwUzSIQ3CrcISd8uZ3ZDZji2mh3YgoQPGkTMzt6VBGWmWWS935iN7dpbhidIi-Wg4jeBXypYTd9CQKIsbKra9K1QwgzWbONb450IG7Qj-sCY5g6qiGi-xswWWZ9w1e_iOD6hDxwS7hid7JErlLsBK6E8NGa6UBtAd1cnlGWBBVTiPTKxxOIDOBth4ITozJ9wGzuIe-LjLArM1t9-d3Mix58WmN41UR3rdReiphReST7gC0kk5Kz1tbcGXiqY5ui69qQAZQMPZsthtyM9hGBH2z_7GcJ86aJXiBtUIj7U1mKR7ufr4Dz-HoUuptp8xDymxMFr8Uhkn7tMWeKGevnu690m2WEPix-SpDMYM1egC6yyj7IyRL3o4wEnpbcbyiW9NJQPLfMefeKX8L8sb0iiyKOxZ1UHuY_ol7e4ClF3IUGAQwWVjJHkVZ01qDBBaMI6MZ_91fO5Y2--auQF4kLYEHeWSHrfWIza7bxIXcvjsT_31lt3lqrZu9ZgrDAmycw3Y1JtcFdxRYBAWMT4qVDrlRy6lYb8QZ2oyMfrsq2__5t99t4ybdKG6ZyriaFhjNpHl0truPTlHoDf_Np85hXqjIqLDj_HWVZahbH7uxKp7jbgozHUFs0dtoim_GU2bXi5UUOZIM469mlXF5tnK8alfzuEMaVbh2Fu56r5vFLMkrSFSwzz0tVW8cTw9rPUODcL-CsvYXP_aiel8HYZ1Qz5Db9fLZmNJXxB06n6z-v-s4YqEB1XwxZZxpSk1avenjsdDQG58fBfIfx7tu6PerZytikJ-G8Zu_Xc_79F1jTnQPDOOyiDgXPs5NNOIOtNQvSwe0qbmR3taSLUXCPO6acBnxh_6oO4BP6dv6MSf_2zdT19mn_nuQzSznaBh0UkGkxljYDH0eItWs1qTDfOsR2pqmXizlzJp0zEkH_9C_F1PUk3rm7fAS5boEOlzCCK2oyy19DYLL66qP5DBqSRzNeNMKbY9BOpuwnrE9iN5VTwZ3ZX7bn1EGkzKtQc-6gvIEcTZCEOSlAelH82_fDqiwc2DTSV9tWRGQ1JrnlAIfMz5687kzJAyJi8ulC1hcaxRd4y3OG-jJ9y9bx7L1XSKZa2L4v9okPXoGHQPqxCtRQDR8iXUt07DifY7kvEyu7NKbF3Q_xJgRSN_fkk4GQJE5ylaa2RPtTeNUwImzFhN8D_SZTNuRHozJc_yZG1FED13pIqqC0tABWQQIo4Tg_zE7ni5Zj1LqBRlN-kqm0-9qBQlZdlktIMfcLATL-reT2sox1mJFQQRk3Z5q0UpV8fW1xp5jDC6zjc6Nz6nJe3uY80B4PqgWAIZA8hhgwlOKEd-3CCjkILVmOXGW_VDwhhsoKXJ4d43UvvZyYUJbx80WeorVHUZN_La86Ewvc__j-6zJ8BMVY7cBTvrEnbOtyis1w2kpUcbaaczQvs683Je-b_6yITuu_4nq-ons27YQEhi9ZM4x72O1r8BBytASl_bRNBCuHONBShD7XQrcweeWbYwAdWWUY5FyhEx9W1s23m8nR9JrcRi_HvVWJWWZfLV0bPsFLj-Z2JsESpXP4QZAl56qifqiG1LNuiptbfoTz4Dbpxi1qmp7sGpqNXQYO8NO8AHdyOipUh1W7MwvuUBQZ72OSL0KyXH3SKFiBZps9u3Y-hRcYSCrAlVLYn4C_TK_hIav3RkPFm11ZGIKazLZSAcqgqyZUSfT1I1z_cBRhUtGBWDhWsLOp-VrPITd5gPLh-tRfUuSc8MbBAwXvbp-R6f3FswWkTh9QZkuQrn8w-7TdY71-AUg3fNBBAkj-NCszeRPrtB86_6nJbVigqgXif8TrQP7yNzeBtMieihuSkHVATOeXYuq521XciA6pDMfsaFPaA8kF1kGoiXF49cdcowrXqg0LfSN0kxDt347hgGYgvJre0_97Kdl1f5batvf4LkX2ARLULpPhq5CfUk1rwiCte0My62p7qx7w66OUq9UuSOES2bR8TM7yEdfzIHTGu982WSRGXhV347ASdq242XikmYbo7FiXlqJjb7pc6jdSRdpKhRmcjLuSJ8DTysL_dw1gmUjrP-lCwwt6_guwZSMCwoctbmeei9-RpSGMJqJpXssk66xfr7Gqr5ns3MgwwgK2QjoilEktFwr09S5nMNMJY_gMYgs9KlF5VLeKi6aGYau3JsP5jhS5fx2wG2PESCdwise3KPNpMLQBXKVwrdRYNrnuo0XpSwQTO6W8mPB-pnhjjhfH-QAwefLq8BV15Vk8ZyfNBsK-kZaC-vev1gIj3nWd127O8t_N4omwZGSVDGuDcyjroDYmiV9RavYH7jjlhQVTI990y9GUX4VYy5N283A85q732WDwpU6rML_AT75OwOjX42Nx10in-8-eANieBFFEkR-9ogQsXt0FH9T9J-U0uOZsnpoQ&cid=CAASJeRoIZLDfcnEGommfUGk9GnYv0h4QGZsKFdeDRtuej44vpVb0c0&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:15:13 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/886862/62195778/ Frame A3D7 		236 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/886862/62195778/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.82.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-82-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e85057cd586e863f939dba97e7088f658a7d5e7ecc77f3d22f5c2d4f86a12194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A3D7 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Origin
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 17:52:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 17:52:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame A3D7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0qbQ8Xx0qyWXO-AytJwcbr1Ro70zE_X_73Rcmbzh5uvCVrWVWtbq8usE5K5cGTXx2eHo-rNjKw5FTtYYaS-qOJbZFkOzHrcQpvdHC5D_YmNszwmA6Grgd-4XcNbRRPG7CVOx5j2qBT4_nZWjt9vBpxv49lg&dbm_d=AKAmf-DPmx9B2vuDb1LPf2WCgzWNmd6mrJn3z_hTzA1yevV4676tsjEbvXrKonTg304lyf8m-ZeNCgR_nWJiJDANHkKaE-zPJ6THM4YsagQX8j2CDfm8potqbJTbH5XHXCec9NGLA1Q4jorf2xyJsSaGiSFZ5aZPBdMGfYjy0hLVCyYOydviRxXythJjpO-zhi04JFCyk0Yu0Xc0WAsaiqjB1nq5y0Cv5kQiSsUN7Iglmz-7HQY1WF39kIQTscTUZMxQ4jpB5YrcvPj67Smys0otXpL49OSc0ks9XDlhKO_swTUsi82qiGXZqxGiGTzwdejk-kvnkpKIPBulRHXAww3TLWrcGjVIVE9MaAGLt37YSJ1cJzhkp8jUNtk7Qzk0lYlJp6EWBniCIl_GJmJchyWr8Ib9IAaluNmkuNl7yeKf7WKwZC1gQ2DsWOiVsoVwOSLOxPh7cYVLF8Qqt8rF0y0fWfRlZ7KhOuxEU3oDn5H_3w7b5KNuzEQev2JHhvCMN3eRDYo9vaqxACzeFWNE7mb33aRt5omIelqb3lBKlghP9C1HzYBdEVa95hq3y2ZdxXg-YkL8zZCSSNlYrLQyrjG2HywF7qrwPW8ObLy5jCEHSUEmwHwOWvNPNfWY7EAxqcCBJl6kJk7LyOGCeHm32EOJXy9A-uix2w36p0yvKiJGXx5tHJLxdab-fQcR407sFMwd6SQrqlLGlpJkF0KHXmfLA4K_YSvjPGZtr4Ydu_1qTGaDqlpCUtfjlDIB2KyDmYAscw8FR8j56yPyUCaBox0CQGsnXJuimZW_Clwo5vLHFsYUokcP_g6Bde95cYDyyBJSqF7Mr7UM_SHvFzi-ltKcVyc7SZlAoc9ya1wNOLlSyTiv6c6gSLkBo30rMsco69FZjvknIoiUe1nrlKGlXRtccVbohUbc4_HFBrdffcvu-LpqT0mEYW34FC0obZgPG9804KSWV9AdPfgEH0qo2It7kjiEisMzW-4JddHXigL2k4_9FVm3lNihustR6xIjW26zYIr9bjmWJj7ptYPJ05fzXAhTP2oRC3ubzl2zfk819icjuHDL_M3KDkUzAEH0qGFULi2eV0ijQV1HRHdUu5Cyfdn1ItAcP5Ml4zikLgWCm8nXBjMkAUsC7ARl-LXgi6Heg5krOQJSU5jkIC7V6E1eFlFjm6PlFGzag42F0Av_R2B_neCVt-4Ka0GCuSaoYrQU3ivbvG2T48p_QurrHSBIz44PC48Ezd75oeMxxFX9HIwdPq9Wbmgpbwl3llzJWioN2A2XKSk4P6AGBHO_ZTlktZh7wuh7JwsOKDU_fbfEZiJFRKy9_KTImHrxdNNuelPmT5IGlbGSUBFPRpXXWR7wJ0Bsm3Nh0U2KQAl_PGk5SlEcE51F1wy13u5tW3Zp1FZ-xBckSZcuRP5EBEaMObfa4cdisFIXDZL-RwXFsFWY06JNW2tKcTBKrCt7NIhaKrUGvqBJP0F7OPituJj6WXwsAj7rKcYViL-Wfy9errYC1g1B79guzSQv3HoVntqqgLMK5euyTmHOHaSR_wSZQx4Q6B3Kd20R1jfwOKW857qrdNeCZJwQ3OW4aIYs1K4qk5nfzb2E-lHsWxr4rBs1-Q_WbjC7mTiHQllX4b4A2p1dIo41oWXDMCEqK6P0kSootBhQCjVJkuGYgh3lriA294vTDJMGhLCc-yL08zp6JPFVXzxLVNDAnZU2apI2G6o9xcfAtB6SWM07NwzKFFBBn6t7v9YYnODxwO0nk0EkWWeu5Q8hGVh7feobxIZgNDXJdtx42-HfM6sywfXlh-Gh-8PFQD4QweeWF0R1ZaoxKqplpuPXCyOWt2UWCn3s7Jt4ConaRGUFG4YJvCMIbEsSr84DBFQr2VXOkV0ucaIlVXsh2HUFHwmvVALkNRPUWXTekmFTgmZ9fBRsmOVWOQAnjg5QRfb0I6mzoLHYX8YwHxvMEsEdRSgnIj_bBgoyn68RjpD1IV0hShOJ3BPCMJ_ezQp5zby1Xt6_bLgF_yaR44AXEuST0h3AtkJv1EYjAAyPlL_H0FApE9mc-BzG8bK2J1Y3HdDJbAs1mGVeSoxZO5JX5NrXChRPTow-wXA56Nlj4oBhvVo2-gJDA_R3lqOrks6ml9wlfNua5ZhcO8TnYprlBPwhto91yIpsAb1ota6mml_SMNGhx6PKgIVRq5ulbPpK1E5P_X88M18ZPltVxyTwJsxXLwF55-0OHXlSeh7zFGY-NrVBPsvmNPWNrMLevbtqhZbZhC1sWjoVCn1XBxLURe1lmV6jbrqyRVOI-nSt5lGO8j-80l049gyo2SgBirHJ4HZJEChNtWwW2VukgPbEPSFkj4U0LLEmHQLcvOGirQrv2N6xSn9nxYBhsP-iobJA_egWaBQUaui44m1zE1c8iIR8SJ8LSBWiNyH0i1Vd6MKyiMKFboNxXmSuVoA00ys7CW8FIxSjy7tf9PxxmljdBKq2R3VdrNY7NYbLy3vbXuJBkR-JhBRRElNr0dvnJgCNGuVEerORqADV8LGqz_oUo2lBTOeB6vsklimrGRH2unHZ_iMZWR1bJGKY_M-4_e16aoeUxOSUMixB5IjFxnMvs9II-ORgdnsrWzpCyZYq_NyLd0zcIABDGerg8YttkF_AiE7qvWjD6bN5fdjLeTpV2tu648sB_lno9Ve9YZhzR2ytf_CjE7YXeT7orLWkI1Flvoq8IfGvYO9gaozMgDgRTjNYbaYrMv3asu2RjAADX7x6Ix28iRNZs-VAphHQ5-TWH2yrEzoMWYu5iqKkS1-Yq9ZkEQpQoGOSZyPcuiDW1zGRocA1bSRbbEDfR-88f_bkXq0OlX7jkPSPx0DhLfsngyT0FwLa3HUqW_e62cpGTVT0NuyBVL-NiyZih7LMsl42y4vP2fd9PWZjL_OkynEHqmzBWRXPSZ3TqdiqnLCJCcMQI1ujh3AE2mgPNnJiAWNiQ_Pq7NDhhbL015KNJ5IbLPCSymap55ibqE59iQwOEyZxGta67H9Z0pz3yWaImpnazGdyag-OwdkyekrBCDK2bjIQqeeUW6qQyv_xDakMbU4ltUw5o0glxmt5LlhWDL9HDbKDcXUcwLfV8Nk4-9dcPEWjMzyg6QldE3qVMaykqP5tQB85j1GfaanGFZLDMP9G3x06F_23gTkOW1xmyFk73SGBXIYNkZgsRGQ6FD41XZt_KC7rC8vd3TFfnKpdldKLCCMSs6SRY-s_bk_-MJRyWxHUUVXB4LM38GIAcdXHuBeEp2U6NpqiNAcNY8dBUsTsEZbS139NRAFmhSZKzpDj3XP7SHVbX0XpNHX3cwyEYqH_H5DHjsgQNCH9O2-fUffpUHNwdJvkfpMLbHIPpiVd53QcPZQX6jnFSC6O9lHQw2BZIsI-N0N_6G0-YoqnGfXIn80syta6nCT6moEckjfte0EChpxc4gc&cid=CAASJeRoguXIoCxBBR11u0T9ccTS1vkgVaVeIh9vGMeadg9BqhAyHnM&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame A3D7 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0qbQ8Xx0qyWXO-AytJwcbr1Ro70zE_X_73Rcmbzh5uvCVrWVWtbq8usE5K5cGTXx2eHo-rNjKw5FTtYYaS-qOJbZFkOzHrcQpvdHC5D_YmNszwmA6Grgd-4XcNbRRPG7CVOx5j2qBT4_nZWjt9vBpxv49lg&dbm_d=AKAmf-DPmx9B2vuDb1LPf2WCgzWNmd6mrJn3z_hTzA1yevV4676tsjEbvXrKonTg304lyf8m-ZeNCgR_nWJiJDANHkKaE-zPJ6THM4YsagQX8j2CDfm8potqbJTbH5XHXCec9NGLA1Q4jorf2xyJsSaGiSFZ5aZPBdMGfYjy0hLVCyYOydviRxXythJjpO-zhi04JFCyk0Yu0Xc0WAsaiqjB1nq5y0Cv5kQiSsUN7Iglmz-7HQY1WF39kIQTscTUZMxQ4jpB5YrcvPj67Smys0otXpL49OSc0ks9XDlhKO_swTUsi82qiGXZqxGiGTzwdejk-kvnkpKIPBulRHXAww3TLWrcGjVIVE9MaAGLt37YSJ1cJzhkp8jUNtk7Qzk0lYlJp6EWBniCIl_GJmJchyWr8Ib9IAaluNmkuNl7yeKf7WKwZC1gQ2DsWOiVsoVwOSLOxPh7cYVLF8Qqt8rF0y0fWfRlZ7KhOuxEU3oDn5H_3w7b5KNuzEQev2JHhvCMN3eRDYo9vaqxACzeFWNE7mb33aRt5omIelqb3lBKlghP9C1HzYBdEVa95hq3y2ZdxXg-YkL8zZCSSNlYrLQyrjG2HywF7qrwPW8ObLy5jCEHSUEmwHwOWvNPNfWY7EAxqcCBJl6kJk7LyOGCeHm32EOJXy9A-uix2w36p0yvKiJGXx5tHJLxdab-fQcR407sFMwd6SQrqlLGlpJkF0KHXmfLA4K_YSvjPGZtr4Ydu_1qTGaDqlpCUtfjlDIB2KyDmYAscw8FR8j56yPyUCaBox0CQGsnXJuimZW_Clwo5vLHFsYUokcP_g6Bde95cYDyyBJSqF7Mr7UM_SHvFzi-ltKcVyc7SZlAoc9ya1wNOLlSyTiv6c6gSLkBo30rMsco69FZjvknIoiUe1nrlKGlXRtccVbohUbc4_HFBrdffcvu-LpqT0mEYW34FC0obZgPG9804KSWV9AdPfgEH0qo2It7kjiEisMzW-4JddHXigL2k4_9FVm3lNihustR6xIjW26zYIr9bjmWJj7ptYPJ05fzXAhTP2oRC3ubzl2zfk819icjuHDL_M3KDkUzAEH0qGFULi2eV0ijQV1HRHdUu5Cyfdn1ItAcP5Ml4zikLgWCm8nXBjMkAUsC7ARl-LXgi6Heg5krOQJSU5jkIC7V6E1eFlFjm6PlFGzag42F0Av_R2B_neCVt-4Ka0GCuSaoYrQU3ivbvG2T48p_QurrHSBIz44PC48Ezd75oeMxxFX9HIwdPq9Wbmgpbwl3llzJWioN2A2XKSk4P6AGBHO_ZTlktZh7wuh7JwsOKDU_fbfEZiJFRKy9_KTImHrxdNNuelPmT5IGlbGSUBFPRpXXWR7wJ0Bsm3Nh0U2KQAl_PGk5SlEcE51F1wy13u5tW3Zp1FZ-xBckSZcuRP5EBEaMObfa4cdisFIXDZL-RwXFsFWY06JNW2tKcTBKrCt7NIhaKrUGvqBJP0F7OPituJj6WXwsAj7rKcYViL-Wfy9errYC1g1B79guzSQv3HoVntqqgLMK5euyTmHOHaSR_wSZQx4Q6B3Kd20R1jfwOKW857qrdNeCZJwQ3OW4aIYs1K4qk5nfzb2E-lHsWxr4rBs1-Q_WbjC7mTiHQllX4b4A2p1dIo41oWXDMCEqK6P0kSootBhQCjVJkuGYgh3lriA294vTDJMGhLCc-yL08zp6JPFVXzxLVNDAnZU2apI2G6o9xcfAtB6SWM07NwzKFFBBn6t7v9YYnODxwO0nk0EkWWeu5Q8hGVh7feobxIZgNDXJdtx42-HfM6sywfXlh-Gh-8PFQD4QweeWF0R1ZaoxKqplpuPXCyOWt2UWCn3s7Jt4ConaRGUFG4YJvCMIbEsSr84DBFQr2VXOkV0ucaIlVXsh2HUFHwmvVALkNRPUWXTekmFTgmZ9fBRsmOVWOQAnjg5QRfb0I6mzoLHYX8YwHxvMEsEdRSgnIj_bBgoyn68RjpD1IV0hShOJ3BPCMJ_ezQp5zby1Xt6_bLgF_yaR44AXEuST0h3AtkJv1EYjAAyPlL_H0FApE9mc-BzG8bK2J1Y3HdDJbAs1mGVeSoxZO5JX5NrXChRPTow-wXA56Nlj4oBhvVo2-gJDA_R3lqOrks6ml9wlfNua5ZhcO8TnYprlBPwhto91yIpsAb1ota6mml_SMNGhx6PKgIVRq5ulbPpK1E5P_X88M18ZPltVxyTwJsxXLwF55-0OHXlSeh7zFGY-NrVBPsvmNPWNrMLevbtqhZbZhC1sWjoVCn1XBxLURe1lmV6jbrqyRVOI-nSt5lGO8j-80l049gyo2SgBirHJ4HZJEChNtWwW2VukgPbEPSFkj4U0LLEmHQLcvOGirQrv2N6xSn9nxYBhsP-iobJA_egWaBQUaui44m1zE1c8iIR8SJ8LSBWiNyH0i1Vd6MKyiMKFboNxXmSuVoA00ys7CW8FIxSjy7tf9PxxmljdBKq2R3VdrNY7NYbLy3vbXuJBkR-JhBRRElNr0dvnJgCNGuVEerORqADV8LGqz_oUo2lBTOeB6vsklimrGRH2unHZ_iMZWR1bJGKY_M-4_e16aoeUxOSUMixB5IjFxnMvs9II-ORgdnsrWzpCyZYq_NyLd0zcIABDGerg8YttkF_AiE7qvWjD6bN5fdjLeTpV2tu648sB_lno9Ve9YZhzR2ytf_CjE7YXeT7orLWkI1Flvoq8IfGvYO9gaozMgDgRTjNYbaYrMv3asu2RjAADX7x6Ix28iRNZs-VAphHQ5-TWH2yrEzoMWYu5iqKkS1-Yq9ZkEQpQoGOSZyPcuiDW1zGRocA1bSRbbEDfR-88f_bkXq0OlX7jkPSPx0DhLfsngyT0FwLa3HUqW_e62cpGTVT0NuyBVL-NiyZih7LMsl42y4vP2fd9PWZjL_OkynEHqmzBWRXPSZ3TqdiqnLCJCcMQI1ujh3AE2mgPNnJiAWNiQ_Pq7NDhhbL015KNJ5IbLPCSymap55ibqE59iQwOEyZxGta67H9Z0pz3yWaImpnazGdyag-OwdkyekrBCDK2bjIQqeeUW6qQyv_xDakMbU4ltUw5o0glxmt5LlhWDL9HDbKDcXUcwLfV8Nk4-9dcPEWjMzyg6QldE3qVMaykqP5tQB85j1GfaanGFZLDMP9G3x06F_23gTkOW1xmyFk73SGBXIYNkZgsRGQ6FD41XZt_KC7rC8vd3TFfnKpdldKLCCMSs6SRY-s_bk_-MJRyWxHUUVXB4LM38GIAcdXHuBeEp2U6NpqiNAcNY8dBUsTsEZbS139NRAFmhSZKzpDj3XP7SHVbX0XpNHX3cwyEYqH_H5DHjsgQNCH9O2-fUffpUHNwdJvkfpMLbHIPpiVd53QcPZQX6jnFSC6O9lHQw2BZIsI-N0N_6G0-YoqnGfXIn80syta6nCT6moEckjfte0EChpxc4gc&cid=CAASJeRoguXIoCxBBR11u0T9ccTS1vkgVaVeIh9vGMeadg9BqhAyHnM&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:15:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022080901&jk=3542724981462181&bg=!mJulm9_NAAa4hXTbmIU7ACkAdvg8WlxhH_dCEKXwPfnbMZ28KErcc3TJbehUnl8tqvFVvj3k4m0WbgIAAAFHUgAAAAJoAQeZAub3k-_UplABFCgYYSizY37CP3dYh-rSQ0XbdEeQce7hgtyEjIdfIorkXUumoVupoJbb0VJCBTUlNTXkRk9H2Qu1ntlmEiqDSK2hkAQpJEhZdub3zZuiAh2Uzpxk8kYWWAj4VIaDGOqeFG80yYE0YRw3XaAewc7Rxen2HFpAFIL1m2extJEZLbiDTZTmDRfVh8eiwA6vA6ei8y2sBtjiXcvbv9PeKHqku9K7ukkKzlCdazG7PNttbbP3sDAb0vmbpqiBer544q4WYhWQbhQ2TroYOfj0qFcnz45UTHbjmrXIlJvsm02VhfZy17oeBtXR1R_OCUIj3csAq8Br9mekv1eCWpbW-iHVLKwkbGcJ2UWpsUhR1NvV6CPWHzPjKQZZGJ6z2fv2qAqf8VXsDPHqzFVheR6lGTb34p8gyD-rLtM0pegiF2C_PWWGQ6TV2hYrRkKIo0xrbRGCgCMF_WDe-9MImyVVL-w0M_CMFnhbxSimhtjU_sRsBaCAiRxGvYHncK1Y7s3MkB9JsEIxzOCO41nQLtwexsQwfPtnMhfQwYkdQs6TuE5rA94TtwRulHIUstu-g-BYrJPIrSsCyT-qWCh-lM-OWf5jphOxCFumcNhO1rr0Zx4b21ehjk4bJc2Xqd_why9o1WRIyzVxrHi-Z27VrXsTQ0TeBoIQPmtqsKLB9d_0Ag8WT9PSEgctmL-J8yxljhuXKg4nUklwAZpJ6msrhaDUdxtuYdzDxgwkmWiNuHQWA-TK0JWHBNpqnJ7tHH5IDwcoo0TbcngV4icQA258MG7-UaDFZQ8Imy8NQhc-Hb3WeDJbVceWT3_UDjxd3czp8LdZwpriUCoWcGDhJEusuaYxYcly6hEDE_ahPgQ8z621tJS4OZRrwfKRyGVTYHCkYL9mXdcxFC1JvobTfdqW3Lo_1z7nVrthhEBLQcfXQz7FJuyV9xRreIh8ToWojIXh6vDV8ixjbfWS_1pYxKQRTdxMquPc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
c
prebid.a-mo.net/a/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Mon, 15 Aug 2022 16:16:46 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://kooora4lives.net
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=62847116133
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Aug 2022 16:16:44 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ 		19 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.25.1-c&referrer=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tmax=2000&gdpr=false
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.201.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-201-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status
7, 7
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
prebid.smilewanted.com/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kooora4lives.net
date
Mon, 15 Aug 2022 16:16:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		343 B
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48106&zone_id=2493968&size_id=10&gdpr=0&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1660580206781-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=b749c173-b4b5-4789-ba0a-6537a7938331&l_pb_bid_id=429c3e94fc6516e1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1660580206781-0&slots=1&rand=0.8284782340340482
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
36099920524d1907123967edf40d02849de4ef734e3d800599df85dd803ae786

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:46 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
343
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		344 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=10&gdpr=0&rp_schain=1.0,1!adipolo.com,620a5acab6e80f22ac327b74,1,,,&eid_pubcid.org=4a21c4cf-3aac-417e-98a5-3437ccc70679%5E1&rf=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&tg_i.pbadslot=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1660580206781-0&tk_flint=pbjs_lite_v6.25.1-c&x_source.tid=b749c173-b4b5-4789-ba0a-6537a7938331&l_pb_bid_id=431cd4b04318424e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F7047%2C202189885%2Fapl%2Faplmcm7047%2Fdynamic%2Fkoora4live%23div-gpt-ad-1660580206781-0&slots=1&rand=0.05766433208093669
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7361bd273038993e79464f99516b2bfe32ec15efef459c2eed74ee00d4ec0267

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:46 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
344
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6bb3300ed90f4dbdc87391cf6b0bc8910c6f4e17416478e6fdcf10ebb880b485
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 Aug 2022 16:16:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
093f1b4e-4b8c-44c4-b1dd-b6713e42baa9
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kooora4lives.net
date
Mon, 15 Aug 2022 16:16:46 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kooora4lives.net
date
Mon, 15 Aug 2022 16:16:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f3e946036f5c6423b17d856fa108526605170a2f5402c2e3b179a887e376c0d3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:47 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
fa488567-8ce4-4335-9d1b-f73aaf9d4c96
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adipololtd-d.openx.net/w/1.0/ 		173 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adipololtd-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b749c173-b4b5-4789-ba0a-6537a7938331&nocache=1660580206842&gdpr=0&pubcid=4a21c4cf-3aac-417e-98a5-3437ccc70679&schain=1.0%2C1!adipolo.com%2C620a5acab6e80f22ac327b74%2C1%2C%2C%2C&aus=300x600&divids=div-gpt-ad-1660580206781-0&aucs=%252F7047%252C202189885%252Fapl%252Faplmcm7047%252Fdynamic%252Fkoora4live%2523div-gpt-ad-1660580206781-0&auid=556544515
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
28a41b3753a143974fc4d4fa302d3ac388dcfb8ce3d47bf230f7d091eadbe868

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://kooora4lives.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.25.1-c&cb=45558341520
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3f077ef0e063f281d6c40ca6ec9094f7c0606eef8be03c873d525cfda2167c41
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 15 Aug 2022 16:16:47 GMT
X-Proxy-Origin
37.58.57.5; 37.58.57.5; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ad2668ef-44e9-4fe5-99d3-4b4cfae7f2f4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://kooora4lives.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://kooora4lives.net
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		25 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.25.1-c
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
ecdfdc69165947796c823e17809e96fd38b4b9e759555c06707661c0621c9a33

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 Aug 2022 16:16:46 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://kooora4lives.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A3D7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:19:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0E47 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Mon, 15 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 418B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:19:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9957 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85769
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Mon, 15 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 418B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1389b54a5b3b77f6006fd94fe19d136f4f6f7ad5d6869f0566370ec3f5ce901e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A3D7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebb9f330ec4ad29ffa4b57c7a31a56861fd4561c1f64ca35dbc0c8ec33f0fd6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame 419A 		21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0af374f8cbcb355cb1e9761a08c2d41400bf81b7f9ad176ef22871d31bc31ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:46 GMT
expires
Tue, 15 Aug 2023 16:16:46 GMT
last-modified
Wed, 18 May 2022 15:39:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A3D7 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-Kf4GcszJzQhOuhHv4OcKIIgtZ81LrgDOuWOX1EVtoAX9oFtEa9OfpohzR9OGG5grvVl-JkWvAi_SF5_HMe_hJiWb-Gv9tpp7y54NRic6b5Ixxrvj0B3OibZHC6OTongm77n4gqSZmH7Yla272E2BieH6VxPacgGgBMg6-8XWtD8f27cWhAotilw11VrF3eRqSUdYo1tviIg2uIHxf1bqbHzys5yMHGEAbpA95vwD0qQoOiFbXIfvlFezknlqhyD6zO7J6QEAoCP2XdnwjV21ceFnicb4V-hkQeRvoYivANiRN9yCMYLzddqTjeNCCT362QY0gcGxWcXHqrF9Li_JY3Wa2WX6fMy39NQ13KljNjcEqLON5F45PzgJSpPE4nmWI0aKG6kT7TK6o7PmJJ3LckJaVcTryJDHVx_xX89nYlbjzSDSggyM5BcckL82unvRykQG9YV0B0DZqbRcX-185M7l9efSf2KLo3oQW8DyVd-AYiKn0iVoOD3ZLj3k41HcVAI7FKKw5bV7BTVw-h3NhMwNkXoT_YRv_kX0U6OzI1QWjTtILoHiozZCa3m_sSTmE4uPJw50E0Q3SKS2ZzNGl-ycQvk6IgrpfYTzSdD3jerM98qmvCKYn5HL8-YTTFqBY5JoQ2sM4bOyMNQ38JuDtMTrLxRs4BXgX9bz0kLCOt7mysTWNzVxBOnf6kSywHp_oJ25YPFAFgMdwuPkzGNNgSoPtPLiDQcEcprWXXesH0qxLB_xqDq--Jvf2DcI13Vv7OmSFejW5EsejaCavAju432g39U74TCNBYhOh6bMJJcBB4_Wo_a8wZZ2NcNkw_OZfC0y70DktgnA5A_Alp0ptnnf2l1S07v5PHgw71eOUzwDvU5wds7o5FZTKhRC4SCGUbspY0JznrDBRgux0hs0rCtlTSbuxe-wURwnIz2ISY55aJ1KWqGr2szpPumpdArjEhUQvuKCLXGorJFgM5R27kl4g1WTZ_Oz54Scsr0aDYDlsVUH-3OFAzXjPrX5nPH7qT_yZEojdulc6oLqU0cR93NWaK0meTpz6AkTUkhkgBJjXEIWt8RyAA52A7rEvKpVGc77pYrSqZ2xaOKqmIrMJZNN_GUl4irmgznygIOiBQf0uO4XrhuUmxK_QPEnir4vf3w1aZzmnEc9rinVfIchc-h0gjm05sjNVJuTV4mFS2ub9VEvyhVlneawSopuKxwC0izJYxVdF_KPjZXJrPCfERUysmXWJmEdzbHl9KK-Qe4mFcFnm__Mdg&sai=AMfl-YROk9mz1kFRntlg3fliTsSjflRYbpakooWn87UBmqumytzkvJj_vUXf3j0k_0ovmSZ_dPaBzXoIlQEMPpvOvU9264Q2WJD1k5KKJEBAwGPIfJz-4YmRfHDGEnEfCdflBQ8_xK74gkWHyM0hmm7iiZaFS8RK1tp1hNfaJAQnzovvPf_72mKIGSjfG2CBCSK2c_xvB8dQ5h6Tr0s8w_TnaQm6&sig=Cg0ArKJSzMwAp1H5vlJsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=115&cbvp=1&cstd=112&cisv=r20220810.32164&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 15 Aug 2022 16:16:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 610E 		21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
943bffe44175fda268b40ed3fecfcf77df13d166786504fa59f30567319d9a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:46 GMT
expires
Tue, 15 Aug 2023 16:16:46 GMT
last-modified
Tue, 10 May 2022 13:01:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 418B 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvE3kVCBDCcbNp0lSs1tYLdq4bjFV9gDE68qUYrFaGP3frecDpEU1vvY6UCeKnM3Qd1AHcxNY30od9R_K5iA9tKmTQ0EZ6DMcm5Xq6LOW2MtABFwVmd1XkJHsS6UM2EWke-tZqo2RXxnougDJ2tllJSi-rAgqwb4HIXcUUmVUPV_YC48rsZstvEYBI_nn8gUIe5OaddlU7qD5PGSI2H4ftumLc1Wp1i4wrdlu6i2KGcRDC-DHvylD3XuVPZTDRhldOKVNrqlBxCOrnqPjYvQ7V_GD7Zcu1ycQFEzAOrTSZc2g11sGmQL6NdhFtPOTA8YZHH2IbOPT1ieQgY7qzceLjXqISYzfrTWp-gwzUXAQDO03g3Vq-nd1Rj_Tiyva15NhjRkYGrwONFXqhkSz1RIXZBE23hsV332Dsdi7d4EWiuD6uPr6u5DuAc63bnJMu1fp3zSig06egY8Ahu6HzL70fHT9ue3Dmku6IQNSCNXPN1wJEjDlxuryL6yQQVzouo8jZi0z_3vWgTLFzIiHiFSsRDqVpnuynOpGKd77sSFExCy9Tstga5HHBWVcOPlmjBn6PGC7xPbTsOx5Nqs7BViGv3qH5Xb2GdZDfFF8Jfv9Z1E7xs6iEyhF0tmeHDpSEUF1czx805EMX6jN0ZUImINAigbWdB7huC7lw_YVtxdonxdgdKi18x9vstk59-lcgN3005ibc2sWs3eIKmcINSPxpaFb-lBy_0fX04EGI4uD2FcMjzqbIQZ2SaCkum013WA5nadbMTIh0gwzl-oPYT6FoD74iENw2Mo83qL6IeVXwY5XJ48E4I-AP_XhY100Cweay0RoP7NFxDuwBV_kcDgtOejhcvbUrcYW979NrYReRxLxeBQrl84M8jPyIrFmj8PlOhPcoPErP3A-R6rC1-W6VWLEinNbETp-EbwlENhHAGVN_iIEcl9KSEuAnNnMINzfEcEkrGMw-YCe0OZsrfkJjJv_8ZEZMbKigjCozrgDvnbsot3UpHO8nKYoiYuEtxIxZPUQPvQ06XYwrDDNVN15P_ZNLf3-mOnKtVJYsqF_jAEmvFMvN3a9vCFy2SEAzBXliuSXcyC30aSVWgADdJILw6GrPfqJ7KbJDgB3RNOJEmaoAkPRgg2G-sEPN6pdhfxw-rRYGcZ5s6U2SzwlCxAB81ozOJS-ngBrxWSYE5-2azXpcBZ1eWwzGm6tse65toXbrNPx_ErFlJSIfGdOrrztYeARPhwQkI67DKFtWRYMImEvMAflBjJpJG_w&sai=AMfl-YS2JHJyeLPz0ilvltFB7DujbnbEK5fkJ66MSFRaScDBVjfW1lruq2l0JzMdWIP7UTt-HaTyrT90xmD-v3WNU2ikTy9SiHJQdBq2GMGW1yUBDeTcLolF85RxJWPgKroZtvN6rtkZ9FKV7JqFylWMDgSZbrSkHN4udCvv1PWdqBVryWczepFvhNsrtBe4eHNLqfVHkz55xh5kADXtvIeZcOlT&sig=Cg0ArKJSzOjASb5WSW95EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=132&cbvp=1&cstd=128&cisv=r20220810.05443&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 15 Aug 2022 16:16:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 34BD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
341860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:19:06 GMT
expires
Fri, 11 Aug 2023 17:19:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 0E47 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELLo6HoJNf9jOwFei0seuuU&google_cver=1&google_push=AehlK4AAf9luJ8hlrbfw-AP_YD05MvFqsdYV8c9kGqBrXbZY0KWh2Q1H4fTYVHGXxTkhTt9oo1T7W1Js560mdzJpTe_OWLO19EL9
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 0E47
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELsodV_BrXV_iKqG83ydBeY&google_cver=1&google_push=AehlK4BZN1Z4WIKhMQ2B0fomMb0ljKIHmsIg7Sd1TPqebwTAORMTYjKe_uu4eUKN5tf-7cJAcDGM-qWCovFzltWaFx4qzf4ztWnQ&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELsodV_BrXV_iKqG83ydBeY&google_cver=1&google_push=AehlK4BZN1Z4WIKhMQ2B0fomMb0ljKIHmsIg7Sd1TPqebwTAORMTYjKe_uu4eUKN5tf-7cJAcDGM-qWCovFzltWaFx4qzf4ztWn...
43 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELsodV_BrXV_iKqG83ydBeY&google_cver=1&google_push=AehlK4BZN1Z4WIKhMQ2B0fomMb0ljKIHmsIg7Sd1TPqebwTAORMTYjKe_uu4eUKN5tf-7cJAcDGM-qWCovFzltWaFx4qzf4ztWnQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BZN1Z4WIKhMQ2B0fomMb0ljKIHmsIg7Sd1TPqebwTAORMTYjKe_uu4eUKN5tf-7cJAcDGM-qWCovFzltWaFx4qzf4ztWnQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73b33c96ffbb92b7-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
550
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73b33c95addb92b7-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELsodV_BrXV_iKqG83ydBeY&google_cver=1&google_push=AehlK4BZN1Z4WIKhMQ2B0fomMb0ljKIHmsIg7Sd1TPqebwTAORMTYjKe_uu4eUKN5tf-7cJAcDGM-qWCovFzltWaFx4qzf4ztWnQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4BZN1Z4WIKhMQ2B0fomMb0ljKIHmsIg7Sd1TPqebwTAORMTYjKe_uu4eUKN5tf-7cJAcDGM-qWCovFzltWaFx4qzf4ztWnQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0E47 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECLLAgXPkx_YdC3C8oo3GhU&google_cver=1&google_push=AehlK4BUdTUU8wtHjumFi-D5sEbTR-X1IvSgeJXlYYcNVMbEgzh6_VoSvXU4deUHVIrUkcsgIZlQbUhckJuPQ0IYXDNwdiUb4Kx_
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 0E47
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOCAhI_Cz52lsQPbVMZXr6o&google_cver=1&google_push=AehlK4DPQvDDD5wyfxaxhefwLyyOt-z0-bVUhu6TildffpLEyFVqE-ym43DrdPouHQPyfjjwk6RYbTQBXmG...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DPQvDDD5wyfxaxhefwLyyOt-z0-bVUhu6TildffpLEyFVqE-ym43DrdPouHQPyfjjwk6RYbTQBXmGBWIbroNh-SjQQV1hg&google_hm=KCX3RPqgSseO0GQMUVeHXAU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DPQvDDD5wyfxaxhefwLyyOt-z0-bVUhu6TildffpLEyFVqE-ym43DrdPouHQPyfjjwk6RYbTQBXmGBWIbroNh-SjQQV1hg&google_hm=KCX3RPqgSseO0GQMUVeHXAU
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4DPQvDDD5wyfxaxhefwLyyOt-z0-bVUhu6TildffpLEyFVqE-ym43DrdPouHQPyfjjwk6RYbTQBXmGBWIbroNh-SjQQV1hg&google_hm=KCX3RPqgSseO0GQMUVeHXAU
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame 0E47 		43 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEDqTQdzyVKja1kTwBZAtoNU&google_cver=1&google_push=AehlK4CDAqCcJaWFOZq2CUobkgR2yFTiUmubQkuFkttbSwrvNdhm4Q1flgnhVw91fP1Stc86vrjeT7IPSkoji1DOJdvej8tGKXqo
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 16:16:46 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0E47 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKverVEH5AVK9tWxqgkeLY0&google_cver=1&google_push=AehlK4Bt-0h3i_kr6m3H8XUSGHT1PLH1ChyGKV1II2oA8fFiZG5-fJ8-OQjldsJUOtgjOkHkJs5xI1fNbxvYCl8joCmc6PXzyBwt
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0E47
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_hm=YvpxbTNHY8ri1u91sak5PgAABG8AAAAB&google_nid=index&google_push=AehlK4An3UEzZ4RsJxM87b4_ckUqhCj4AHtoc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_hm=YvpxbTNHY8ri1u91sak5PgAABG8AAAAB&google_nid=index&google_push=AehlK4An3UEzZ4RsJxM87b4_ckUqhCj4AHtocb0QRdnk-0SE23rfDYRyENTTF1m1bGbjojxly8DSpYShlWag-qj9OnPtQbFSOfo
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nu16llgojdk5uJZoOPICqA5YzQxIyYDqkkljTvxRuJeq5fgocdE2jeS3WBeTLit3sq8%2B6tLi%2Flcl6cgwBM0DtuID2%2FwxsA6TYon2ldaPiW1qqKD8NbnsN3myr%2F4nuToDQsgGwFnwU8yeAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_hm=YvpxbTNHY8ri1u91sak5PgAABG8AAAAB&google_nid=index&google_push=AehlK4An3UEzZ4RsJxM87b4_ckUqhCj4AHtocb0QRdnk-0SE23rfDYRyENTTF1m1bGbjojxly8DSpYShlWag-qj9OnPtQbFSOfo
cache-control
no-cache
cf-ray
73b33c95ad1e9b40-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 0E47 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRtSyID88CZ99AsnGhD9DxSZ-ZAUEgm7KqmTIBNO3QuAjqvGu7q95JG8l1am_1Jyp7u7q8
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1956 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
341860
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:19:06 GMT
expires
Fri, 11 Aug 2023 17:19:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9957 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECLLAgXPkx_YdC3C8oo3GhU&google_cver=1&google_push=AehlK4D0xgmbrHpyEdDn7RGLXn_Z1QRHSlfwOrE4m39dtWD8Z30JAldVLjZliL0yWWucd2Ngr4crjY_SgS0l6mUjIpexH9y6rrU
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9957 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGWJjNQ4-wzzlNRHZ_QtjUA&google_cver=1&google_push=AehlK4AS_4-37HJANn0ahxu_jeTSkuH056BzvnlAx_ThQc16u9_mueaC9EEnyJziaSRD2OiF67TbEummMorpmoCWXA05Z1KgRqSu
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 9957
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIyHM40en7xwt-tDJejQnnM&google_cver=1&google_push=AehlK4AtIBCNaxsO7PqlBesU99C4k8eujqfu3_8ZNJycW_cA71r3CEZQIz1SzEQ7nSsqGTnDneNumogxIUkhQxL3MXqPBwt...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AtIBCNaxsO7PqlBesU99C4k8eujqfu3_8ZNJycW_cA71r3CEZQIz1SzEQ7nSsqGTnDneNumogxIUkhQxL3MXqPBwt6pk0&google_hm=NTY5MjA3MjYzMTM1MDM1Nzc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AtIBCNaxsO7PqlBesU99C4k8eujqfu3_8ZNJycW_cA71r3CEZQIz1SzEQ7nSsqGTnDneNumogxIUkhQxL3MXqPBwt6pk0&google_hm=NTY5MjA3MjYzMTM1MDM1Nzc4OA%3D%3D
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 15 Aug 2022 16:16:47 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AtIBCNaxsO7PqlBesU99C4k8eujqfu3_8ZNJycW_cA71r3CEZQIz1SzEQ7nSsqGTnDneNumogxIUkhQxL3MXqPBwt6pk0&google_hm=NTY5MjA3MjYzMTM1MDM1Nzc4OA%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dds
rtb.openx.net/sync/ Frame 9957 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECFqGHHILFZAf7vKZKU98f4&google_cver=1&google_push=AehlK4DyHxCE1FTbtyKNb_fPQV1AQfcgUaQL0kA09FYkT3uZnqMv8s9qh_vF4xNE1-EhtdJ05Se7mUV87Z0-q4qKaDgJHS7SeSE
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:46 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ll46st0ukgfr6lb6j7cdtnu6d3acro14
pixel
cm.g.doubleclick.net/ Frame 9957
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_hm=YvpxbTNHY8ri1u91sak5PgAABG8AAAAB&google_nid=index&google_push=AehlK4CP6l3dZRPhJU4Y_6dH7AXvQ9MHYUKlT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_hm=YvpxbTNHY8ri1u91sak5PgAABG8AAAAB&google_nid=index&google_push=AehlK4CP6l3dZRPhJU4Y_6dH7AXvQ9MHYUKlTnj7OTsRmrR-dgFo3HJ3gjDV6kcaXQnob5VxoFcScGWtTpZCHBOHhMyQODAup-Z6
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUoSho9orlx9Qe7B3P6yCJxW7JarObvmE0WuS1yAGTMoQlttFfLz4Uh%2F1Lx8U2i3U4uF2%2FWGBqNR3XWdchgaVxHf%2BxErR%2BHENOeh0DgTlXsNepv%2FYSvBnCrQHsBqxC60fcIuJqav5OrihQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIgvM8bj16-lJQrFDI1k01E&google_hm=YvpxbTNHY8ri1u91sak5PgAABG8AAAAB&google_nid=index&google_push=AehlK4CP6l3dZRPhJU4Y_6dH7AXvQ9MHYUKlTnj7OTsRmrR-dgFo3HJ3gjDV6kcaXQnob5VxoFcScGWtTpZCHBOHhMyQODAup-Z6
cache-control
no-cache
cf-ray
73b33c95ad1f9b40-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 9957
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEEKiL0FpIciPWOTszdqCgrs&google_cver=1&google_push=AehlK4DMRuuBtu_wAJ9mIIxFk4SQ8zBn4HCGoQrJP7JGgO0gXsSWN9KmVwxj7t7wbQZ4WmRlXeohljuzyr6IkZtt4bDuxg...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEKiL0FpIciPWOTszdqCgrs&google_cver=1&google_push=AehlK4DMRuuBtu_wAJ9mIIxFk4SQ8zBn4HCGoQrJP7JGgO0gXsSWN9KmVwxj7t7wbQZ4WmRlXeohljuzyr6IkZtt...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ujFyt7uqSOqHtGPw7f5GBA&google_push=AehlK4DMRuuBtu_wAJ9mIIxFk4SQ8zBn4HCGoQrJP7JGgO0gXsSWN9KmVwxj7t7wbQZ4WmRlXeohljuzyr6IkZt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ujFyt7uqSOqHtGPw7f5GBA&google_push=AehlK4DMRuuBtu_wAJ9mIIxFk4SQ8zBn4HCGoQrJP7JGgO0gXsSWN9KmVwxj7t7wbQZ4WmRlXeohljuzyr6IkZtt4bDuxgXb9G_0
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ujFyt7uqSOqHtGPw7f5GBA&google_push=AehlK4DMRuuBtu_wAJ9mIIxFk4SQ8zBn4HCGoQrJP7JGgO0gXsSWN9KmVwxj7t7wbQZ4WmRlXeohljuzyr6IkZtt4bDuxgXb9G_0
date
Mon, 15 Aug 2022 16:16:47 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 9957
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4CztWPSGXA_OQ-93eLSOfw3ky9htz38uhdsG8GJdQPcqZYcSk3X0RQieM-fGJCehiBB0FoFzuWpRCbiVATBU4OPZYqqu85z&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-73eabc84-880f-44e0-af9d-957e111354f3-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CztWPSGXA_OQ-93eLSO...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CztWPSGXA_OQ-93eLSOfw3ky9htz38uhdsG8GJdQPcqZYcSk3X0RQieM-fGJCehiBB0FoFzuWpRCbiVATBU4OPZYqqu85z&google_hm=A3PqvISID0Tgr52VfhETVPM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CztWPSGXA_OQ-93eLSOfw3ky9htz38uhdsG8GJdQPcqZYcSk3X0RQieM-fGJCehiBB0FoFzuWpRCbiVATBU4OPZYqqu85z&google_hm=A3PqvISID0Tgr52VfhETVPM
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CztWPSGXA_OQ-93eLSOfw3ky9htz38uhdsG8GJdQPcqZYcSk3X0RQieM-fGJCehiBB0FoFzuWpRCbiVATBU4OPZYqqu85z&google_hm=A3PqvISID0Tgr52VfhETVPM
date
Mon, 15 Aug 2022 16:16:47 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX73eabc84880f44e0af9d957e111354f3003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 9957 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JX6U2iMpHolu0Imz61bJOeRJZ4Nio4QM2AUNp8YgHqAw1aj8-KWME30qhu6k-D7ZRvdT38
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
pagead2.googlesyndication.com/bg/ Frame 36F1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
13943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14125
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 12:24:23 GMT
adlib.css
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame 419A 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416983
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1870
x-xss-protection
0
last-modified
Wed, 18 May 2022 15:39:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 20:27:04 GMT
fonts.css
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame 419A 		1002 B
264 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416983
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
last-modified
Wed, 18 May 2022 15:39:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 20:27:04 GMT
adStyle.css
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame 419A 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38d08cb91aebf6b33bb560d39265b174413c0112c64ad9a214cf9252336e266f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416983
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1256
x-xss-protection
0
last-modified
Wed, 18 May 2022 15:39:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 20:27:04 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 419A 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 07:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 07:12:48 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 419A 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:16:47 GMT
SplitText.min.js
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame 419A 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/SplitText.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416983
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3818
x-xss-protection
0
last-modified
Wed, 18 May 2022 15:39:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 20:27:04 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame 419A 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2f9d442f2bdcfc85728dbe33d891a4e160d31a22e80811519cca5e4493ca00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 05:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
559002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10631
x-xss-protection
0
last-modified
Wed, 18 May 2022 15:39:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 05:00:05 GMT
animation.js
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame 419A 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b8e119aed83815ba6c2fa51e63f3760a1a6ecc0131a8b2a35b695c746ddf70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 20:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416983
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2922
x-xss-protection
0
last-modified
Wed, 18 May 2022 15:39:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 20:27:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1203 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfVbOLALiIx47cybPqc50RgLFAZPlQB6XkUXYlvX7vdSfjhZmMJUoRS56Fa3lv-A8Ogwms8Lhm-D-NVr0hnP4f-wRESQc9vxmHLUxUjXgrImwoqMSyJiDSSgGFFiZZQbwikuy0T6MSTAwzY-7bF9SbZJiAhVmi2R-jn8t6zZAH&sai=AMfl-YTF3Z0tCngA3AcXk_Zeq-wVtPZdEGirvKmSeQu7z7LHrKB_sOnKJdx_TrhnQob5ygIzGIVMatwoktidb77MKdMs2jBuujA2_RDyCIqVXyQR1aBd2V2GPJLoBxrI7379&sig=Cg0ArKJSzCVen7GIUYJgEAE&id=ampim&o=315,423&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1026&mtos=0,0,0,1026,1026&tos=0,0,0,1026,0&tfs=453&tls=1479&g=100&h=100&tt=1480&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3293583545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adlib.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 610E 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1870
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 18:24:32 GMT
fonts.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 610E 		1002 B
264 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 18:24:32 GMT
adStyle.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 610E 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ca835533fc4836f0ceefea006b64fdf2ff220e4af8c7f35f9feb0578ef1a963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1023
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 18:24:32 GMT
Enabler_01_248.js
s0.2mdn.net/879366/ Frame 610E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 09:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 09:21:15 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 610E 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:16:47 GMT
SplitText.min.js
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 610E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/SplitText.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3818
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 18:24:32 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 610E 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:24:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424335
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10657
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 18:24:32 GMT
animation.js
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 610E 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
757c6dc6f0497810e93559029b21701920c7d217ebdd2a276fa308bc53fa7765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
548380
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2775
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 07:57:07 GMT
lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
pagead2.googlesyndication.com/bg/ Frame 34BD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
13944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14125
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 12:24:23 GMT
lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
pagead2.googlesyndication.com/bg/ Frame 1956 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
13944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14125
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 12:24:23 GMT
4.js
static.adsafeprotected.com/ Frame 418B
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/886862/62195781/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_bnH6Yv...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:33:36 GMT
content-encoding
gzip
age
423792
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 10 Aug 2022 18:33:31 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
x-amz-version-id
DQfL4mKoLNW9EgAZKVigi2Be2tj2DgAs
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
1ur-9u31JiBddVKs38iCDhvIx2qUGJhmDfgmRFQSXO3oSfgjMfIHMw==

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 5828 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
7890134
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
oVTlGHAmOuREgv00hVmb90T7LM1tGCd2iNKrBgPdEyDqvMp6MOWGiw==
4.js
static.adsafeprotected.com/ Frame A3D7
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/886862/62195778/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_bnH6Yu...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:33:36 GMT
content-encoding
gzip
age
423792
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 10 Aug 2022 18:33:31 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
x-amz-version-id
DQfL4mKoLNW9EgAZKVigi2Be2tj2DgAs
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
ueyGHZbBLyLHi8YL_gNFrosLwvhdLNRdPWpon3nqsBwBoWUZ6tfp5A==

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 80D3 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
7890134
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
qWt24f3IFmWhPQGucbNzUYCd5276sJFHYv-bWMlAG-J678OCrFWobQ==
dt
dt.adsafeprotected.com/ Frame 418B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=54370028-ab57-8d4f-dd18-1bb8ce7c6593&tv=%7Bc:lnqH2d,pingTime:-3,time:88,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:89,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C151211%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a*.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 418B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=54370028-ab57-8d4f-dd18-1bb8ce7c6593&tv=%7Bc:lnqH2f,pingTime:-6,time:90,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:90,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B85~0%5D,as:%5B85~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C151211%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a*.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:kooora4lives.net*&br=c
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 0731 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstjEWpSkw46RE-zyaIXxUQwY45K0LbtnLiGRvhOCda3sTlGYOPH_sUGVqVHx69Jl8xQe7wy4dZh2bWrZnJp9oOxYqeJT_J3GI80UZeHrtsKm8XKbZCH645vblZ-dq1SC8uNLzxILag8XVXSPkFFimS_wg3GpXUsdEoL9KS5OQ&sai=AMfl-YSGmSb9fTgakqg-6yR5viHUEslJbflO1--Cd7KJkwS0RtS2Bm-lhBtPXmIlMa23KffwCJiZbIxC_cyAFnJbwq_mUZRXo9fPBvWCSRe8XQ&sig=Cg0ArKJSzJ7Rz9YYmuhXEAE&cid=CAQSLgCsnQUxIWLNj4uKqDu2ZMQgfZt16ZhqVyZEpGmhOhwUG3UgJ5-B1bJgsyXMMsY&id=ampim&o=315,100&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1047&mtos=0,0,0,1047,1047&tos=0,0,0,1047,0&tfs=418&tls=1465&g=100&h=100&tt=1465&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2911869608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame A3D7 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=fee7acae-2665-8bcd-ff33-36ebf2d4fb52&tv=%7Bc:lnqH2t,pingTime:-3,time:58,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C151211%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b*.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A3D7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=fee7acae-2665-8bcd-ff33-36ebf2d4fb52&tv=%7Bc:lnqH2u,pingTime:-6,time:59,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:59,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C151211%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b*.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:kooora4lives.net*&br=c
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kooora4lives.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3542724981462181&correlator=4466633035669359&eid=31068924&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&iu_parts=7047%3A202189885%2Capl%2Caplmcm7047%2Cdynamic%2Ckoora4live&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600&ifi=19&adks=947194105&sfv=1-0-38&fsapi=false&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1660580206781-0%26is_vmhbmp%3Dtrue%26hb_override_id%3D4240983%26hb_buyer_id%3D6515%26hb_r_id%3D433758977fc48b26%26hb_site_id%3D14381%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D1.26%26hb_adid%3D4654f022c78ae8f9%26hb_bidder%3DadtelligentMarket%26excl_cat%3DPREPOST&eri=1&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fkooora4lives.net%252Fhome5%252F&sc=1&cookie=ID%3Da2009fd45f95b087%3AT%3D1660580205%3AS%3DALNI_Mb8RnErqyf4n6vVb8TKQuYVMwm1xg&abxe=1&dt=1660580207183&lmt=1660580207&dlt=1660580203756&idt=1013&adxs=1600&adys=601&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkooora4lives.net%2Fhome5%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&psts=AEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPJ3naCPWXLDthoAtCkxK5yXJoWVaWhWBxPFUbWDu1ofgLqKo53iXh_IxdynLYn2gRa8t9JbtajYw2rNvZYkFi9tGr4%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd%2CAEC3cPLEC5p1exrRec7vYVQlnhNd&ga_vid=1976694.1660580205&ga_sid=1660580205&ga_hid=1257922158&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4f38aea07cdc4bdb169d4305ac9c3219e8924a88a2a0adf8fe9ce4be1fb5fbaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9726
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 418B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=54370028-ab57-8d4f-dd18-1bb8ce7c6593&tv=%7Bc:lnqH2G,pingTime:-2,time:117,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:452,beZ:453,mfA:454,cmA:455,inA:455,inZ:459,prA:459,prZ:465,si:470,poA:471,poZ:490,cmZ:490,mfZ:490,loA:541,loZ:543,ltA:569,ltZ:569%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:320.50,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C151211%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a*.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a4%7C1b.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:97,readyFired:true%7D&br=c
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ Frame 419A 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9b3fc71cd002392e14df90c7073a171b566cb614624014f4bbb5e51cd0a76dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5675
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame A3D7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=fee7acae-2665-8bcd-ff33-36ebf2d4fb52&tv=%7Bc:lnqH2L,pingTime:-2,time:76,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:494,beZ:495,mfA:497,cmA:498,inA:498,inZ:501,prA:502,prZ:508,si:512,poA:513,poZ:532,cmZ:532,mfZ:532,loA:554,loZ:556,ltA:571,ltZ:571%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:76,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B71~0%5D,as:%5B71~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C151211%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b*.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1b*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,sinceFw:57,readyFired:true%7D&br=c
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/getconfig/ Frame 610E 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2757f97bf973b84d3ad98c080ad5df8e488c2aa6fa76cd48f1536f4105d1218e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5691
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 Aug 2022 16:16:47 GMT
syncframe
gum.criteo.com/ Frame 94ED 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kooora4lives.net
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6145
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:46 GMT
server-processing-duration-in-ticks
3106
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
last-modified
Tue, 02 Aug 2022 12:51:23 GMT
server
nginx
etag
W/"62e91dcb-15b76"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 Aug 2022 16:16:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 610E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 16:16:47 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 418B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvE3kVCBDCcbNp0lSs1tYLdq4bjFV9gDE68qUYrFaGP3frecDpEU1vvY6UCeKnM3Qd1AHcxNY30od9R_K5iA9tKmTQ0EZ6DMcm5Xq6LOW2MtABFwVmd1XkJHsS6UM2EWke-tZqo2RXxnougDJ2tllJSi-rAgqwb4HIXcUUmVUPV_YC48rsZstvEYBI_nn8gUIe5OaddlU7qD5PGSI2H4ftumLc1Wp1i4wrdlu6i2KGcRDC-DHvylD3XuVPZTDRhldOKVNrqlBxCOrnqPjYvQ7V_GD7Zcu1ycQFEzAOrTSZc2g11sGmQL6NdhFtPOTA8YZHH2IbOPT1ieQgY7qzceLjXqISYzfrTWp-gwzUXAQDO03g3Vq-nd1Rj_Tiyva15NhjRkYGrwONFXqhkSz1RIXZBE23hsV332Dsdi7d4EWiuD6uPr6u5DuAc63bnJMu1fp3zSig06egY8Ahu6HzL70fHT9ue3Dmku6IQNSCNXPN1wJEjDlxuryL6yQQVzouo8jZi0z_3vWgTLFzIiHiFSsRDqVpnuynOpGKd77sSFExCy9Tstga5HHBWVcOPlmjBn6PGC7xPbTsOx5Nqs7BViGv3qH5Xb2GdZDfFF8Jfv9Z1E7xs6iEyhF0tmeHDpSEUF1czx805EMX6jN0ZUImINAigbWdB7huC7lw_YVtxdonxdgdKi18x9vstk59-lcgN3005ibc2sWs3eIKmcINSPxpaFb-lBy_0fX04EGI4uD2FcMjzqbIQZ2SaCkum013WA5nadbMTIh0gwzl-oPYT6FoD74iENw2Mo83qL6IeVXwY5XJ48E4I-AP_XhY100Cweay0RoP7NFxDuwBV_kcDgtOejhcvbUrcYW979NrYReRxLxeBQrl84M8jPyIrFmj8PlOhPcoPErP3A-R6rC1-W6VWLEinNbETp-EbwlENhHAGVN_iIEcl9KSEuAnNnMINzfEcEkrGMw-YCe0OZsrfkJjJv_8ZEZMbKigjCozrgDvnbsot3UpHO8nKYoiYuEtxIxZPUQPvQ06XYwrDDNVN15P_ZNLf3-mOnKtVJYsqF_jAEmvFMvN3a9vCFy2SEAzBXliuSXcyC30aSVWgADdJILw6GrPfqJ7KbJDgB3RNOJEmaoAkPRgg2G-sEPN6pdhfxw-rRYGcZ5s6U2SzwlCxAB81ozOJS-ngBrxWSYE5-2azXpcBZ1eWwzGm6tse65toXbrNPx_ErFlJSIfGdOrrztYeARPhwQkI67DKFtWRYMImEvMAflBjJpJG_w&sai=AMfl-YS2JHJyeLPz0ilvltFB7DujbnbEK5fkJ66MSFRaScDBVjfW1lruq2l0JzMdWIP7UTt-HaTyrT90xmD-v3WNU2ikTy9SiHJQdBq2GMGW1yUBDeTcLolF85RxJWPgKroZtvN6rtkZ9FKV7JqFylWMDgSZbrSkHN4udCvv1PWdqBVryWczepFvhNsrtBe4eHNLqfVHkz55xh5kADXtvIeZcOlT&sig=Cg0ArKJSzOjASb5WSW95EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=732&vt=11&dtpt=600&dett=3&cstd=128&cisv=r20220810.05443&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 419A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 16:16:47 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A3D7 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-Kf4GcszJzQhOuhHv4OcKIIgtZ81LrgDOuWOX1EVtoAX9oFtEa9OfpohzR9OGG5grvVl-JkWvAi_SF5_HMe_hJiWb-Gv9tpp7y54NRic6b5Ixxrvj0B3OibZHC6OTongm77n4gqSZmH7Yla272E2BieH6VxPacgGgBMg6-8XWtD8f27cWhAotilw11VrF3eRqSUdYo1tviIg2uIHxf1bqbHzys5yMHGEAbpA95vwD0qQoOiFbXIfvlFezknlqhyD6zO7J6QEAoCP2XdnwjV21ceFnicb4V-hkQeRvoYivANiRN9yCMYLzddqTjeNCCT362QY0gcGxWcXHqrF9Li_JY3Wa2WX6fMy39NQ13KljNjcEqLON5F45PzgJSpPE4nmWI0aKG6kT7TK6o7PmJJ3LckJaVcTryJDHVx_xX89nYlbjzSDSggyM5BcckL82unvRykQG9YV0B0DZqbRcX-185M7l9efSf2KLo3oQW8DyVd-AYiKn0iVoOD3ZLj3k41HcVAI7FKKw5bV7BTVw-h3NhMwNkXoT_YRv_kX0U6OzI1QWjTtILoHiozZCa3m_sSTmE4uPJw50E0Q3SKS2ZzNGl-ycQvk6IgrpfYTzSdD3jerM98qmvCKYn5HL8-YTTFqBY5JoQ2sM4bOyMNQ38JuDtMTrLxRs4BXgX9bz0kLCOt7mysTWNzVxBOnf6kSywHp_oJ25YPFAFgMdwuPkzGNNgSoPtPLiDQcEcprWXXesH0qxLB_xqDq--Jvf2DcI13Vv7OmSFejW5EsejaCavAju432g39U74TCNBYhOh6bMJJcBB4_Wo_a8wZZ2NcNkw_OZfC0y70DktgnA5A_Alp0ptnnf2l1S07v5PHgw71eOUzwDvU5wds7o5FZTKhRC4SCGUbspY0JznrDBRgux0hs0rCtlTSbuxe-wURwnIz2ISY55aJ1KWqGr2szpPumpdArjEhUQvuKCLXGorJFgM5R27kl4g1WTZ_Oz54Scsr0aDYDlsVUH-3OFAzXjPrX5nPH7qT_yZEojdulc6oLqU0cR93NWaK0meTpz6AkTUkhkgBJjXEIWt8RyAA52A7rEvKpVGc77pYrSqZ2xaOKqmIrMJZNN_GUl4irmgznygIOiBQf0uO4XrhuUmxK_QPEnir4vf3w1aZzmnEc9rinVfIchc-h0gjm05sjNVJuTV4mFS2ub9VEvyhVlneawSopuKxwC0izJYxVdF_KPjZXJrPCfERUysmXWJmEdzbHl9KK-Qe4mFcFnm__Mdg&sai=AMfl-YROk9mz1kFRntlg3fliTsSjflRYbpakooWn87UBmqumytzkvJj_vUXf3j0k_0ovmSZ_dPaBzXoIlQEMPpvOvU9264Q2WJD1k5KKJEBAwGPIfJz-4YmRfHDGEnEfCdflBQ8_xK74gkWHyM0hmm7iiZaFS8RK1tp1hNfaJAQnzovvPf_72mKIGSjfG2CBCSK2c_xvB8dQ5h6Tr0s8w_TnaQm6&sig=Cg0ArKJSzMwAp1H5vlJsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=726&vt=11&dtpt=611&dett=3&cstd=112&cisv=r20220810.32164&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
pagead2.googlesyndication.com/bg/ Frame 8E41 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
13944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14125
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 12:24:23 GMT
container.html
505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 88AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kooora4lives.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:45 GMT
expires
Tue, 15 Aug 2023 16:16:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6194cee7f9236718ab2531de/original/ Frame 610E 		651 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6194cee7f9236718ab2531de/original/skyblue.png_1650378740125_skyblue.png
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c60e3aa73627a9fa0a352e64d12c004924052cc0fbe4b45ee08fd831447fef07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 05:00:23 GMT
x-content-type-options
nosniff
age
386184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
651
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Aug 2023 05:00:23 GMT
Generic_451_2182_0.64.jpeg_1650378740125_Generic_451_2182_0.64.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182ab5b64d32994b3bbad42/original/ Frame 610E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182ab5b64d32994b3bbad42/original/Generic_451_2182_0.64.jpeg_1650378740125_Generic_451_2182_0.64.jpeg
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daa2101a8136cc4ea1e6ebf6f6064808dd5018045a821b7061ca6e7462aa68db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:01:56 GMT
x-content-type-options
nosniff
age
202491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6716
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:01:56 GMT
blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 610E 		91 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:00:03 GMT
x-content-type-options
nosniff
age
202604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:00:03 GMT
icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 610E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/icon1.png_1650378740125_icon1.png
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 05:00:36 GMT
x-content-type-options
nosniff
age
558971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7071
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 05:00:36 GMT
icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 610E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/icon2.png_1650378740125_icon2.png
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:01:24 GMT
x-content-type-options
nosniff
age
202523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5901
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:01:24 GMT
icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 610E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/icon3.png_1650378740125_icon3.png
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 16:45:31 GMT
x-content-type-options
nosniff
age
603076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6126
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 16:45:31 GMT
274x200_TUI-Live-Happy2.png_1650378740125_274x200_TUI-Live-Happy2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182601964d3291a07bacf95/original/ Frame 610E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182601964d3291a07bacf95/original/274x200_TUI-Live-Happy2.png_1650378740125_274x200_TUI-Live-Happy2.png
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41d60face1b293297c046e0486070665b3b27a0225510b272064c31c278e628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:01:24 GMT
x-content-type-options
nosniff
age
202523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12016
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:01:24 GMT
logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 610E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/logo2.png_1650378740125_logo2.png
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=WQaGiluMUi&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:01:24 GMT
x-content-type-options
nosniff
age
202523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1701
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:01:24 GMT
blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 419A 		91 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/adlibUtils-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:00:03 GMT
x-content-type-options
nosniff
age
202604
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:00:03 GMT
skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d69cf9236724d422baf3/original/ Frame 419A 		359 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d69cf9236724d422baf3/original/skyblue.png_1650378740125_skyblue.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f70e21f986e952c4c99ddbb0226df11b3de722b1050153a767451b5c3239d27a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:00:14 GMT
x-content-type-options
nosniff
age
202593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
359
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:00:14 GMT
Pool-Boy_NoSmile_Ret_72dpi_32_468_1.62.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_32_468_1.62.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62751761d8cd7e6485d590e4/original/ Frame 419A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62751761d8cd7e6485d590e4/original/Pool-Boy_NoSmile_Ret_72dpi_32_468_1.62.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_32_468_1.62.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854519d07d155c90609264652626944b998fdf68a153e9a5b8c44173d401329e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:00:25 GMT
x-content-type-options
nosniff
age
202582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17679
x-xss-protection
0
last-modified
Tue, 17 May 2022 09:00:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:00:25 GMT
vector.png_1650378740125_vector.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d621f92367dc9122b2bb/original/ Frame 419A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d621f92367dc9122b2bb/original/vector.png_1650378740125_vector.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78d707e764332efe4a8d928a8726b495449073194bf4b9ca22856f08d5cafb8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:00:15 GMT
x-content-type-options
nosniff
age
202592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1472
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:00:15 GMT
gradient.png_1650378740125_gradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d64af92367802122b412/original/ Frame 419A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d64af92367802122b412/original/gradient.png_1650378740125_gradient.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f039a988d1611052fd690332adcf2199c47eebcc77fe9926a084a2e316216d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 09:25:59 GMT
x-content-type-options
nosniff
age
370248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3076
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Aug 2023 09:25:59 GMT
icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/ Frame 419A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/icon1.png_1650378740125_icon1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:00:15 GMT
x-content-type-options
nosniff
age
202592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7071
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:00:15 GMT
icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/ Frame 419A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/icon2.png_1650378740125_icon2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:00:15 GMT
x-content-type-options
nosniff
age
202592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5901
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:00:15 GMT
icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/ Frame 419A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/icon3.png_1650378740125_icon3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:00:15 GMT
x-content-type-options
nosniff
age
202592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6126
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:00:15 GMT
logo.png_1650378740125_logo.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/ Frame 419A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/logo.png_1650378740125_logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:00:15 GMT
x-content-type-options
nosniff
age
202592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3423
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:00:15 GMT
logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/ Frame 419A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b31afb39191271cc6da4/content/logo2.png_1650378740125_logo2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=760hT4BNJe&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:00:15 GMT
x-content-type-options
nosniff
age
202592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1701
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 13 Aug 2023 08:00:15 GMT
lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
pagead2.googlesyndication.com/bg/ Frame C941 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
13944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14125
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 12:24:23 GMT
sid
mug.criteo.com/ Frame 94ED
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kooora4lives.net&sn=ChromeSyncframe&so=0&topUrl=kooora4lives.net&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=hmcmZHwxTzlLNHZiY2MzaEswOTdpdk1IK2p6czFqakw3ejZLMzJXcExmSWpKQUE4WEhSeVVjY2NLeW5YbENKQkQvK0RtSmxzS1dOcjdJUzRrV3ZId1hVOGpPaVJCcFRGS2JTeVlpR2FUU0swOGxMWjNORjVCSUF2amk5dH...
460 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=hmcmZHwxTzlLNHZiY2MzaEswOTdpdk1IK2p6czFqakw3ejZLMzJXcExmSWpKQUE4WEhSeVVjY2NLeW5YbENKQkQvK0RtSmxzS1dOcjdJUzRrV3ZId1hVOGpPaVJCcFRGS2JTeVlpR2FUU0swOGxMWjNORjVCSUF2amk5dHhNeVlDUkR5dXZJY1ZvcG5oSlhxMldFdE0weXVGYUVyaUpIZlVXanp4VkhYZGRubGwrMDlEVXd0Q3RrUi8xWXpEZmhuaFY3Rld0dlJVamRIQnlhaE0wdFZ2anUyR3BwOTQ3WEtqUzNEcis2MzVzdDNIQkpndXRlc0xGMWZjaDFtWDFveVlhaTNrTFA5T1lQclYzMUJoOUp2WGdyS3VTZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7e69a796c9919800ce356d77445542042a7679fcc19c74ff87731d66855415a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5213
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=hmcmZHwxTzlLNHZiY2MzaEswOTdpdk1IK2p6czFqakw3ejZLMzJXcExmSWpKQUE4WEhSeVVjY2NLeW5YbENKQkQvK0RtSmxzS1dOcjdJUzRrV3ZId1hVOGpPaVJCcFRGS2JTeVlpR2FUU0swOGxMWjNORjVCSUF2amk5dHhNeVlDUkR5dXZJY1ZvcG5oSlhxMldFdE0weXVGYUVyaUpIZlVXanp4VkhYZGRubGwrMDlEVXd0Q3RrUi8xWXpEZmhuaFY3Rld0dlJVamRIQnlhaE0wdFZ2anUyR3BwOTQ3WEtqUzNEcis2MzVzdDNIQkpndXRlc0xGMWZjaDFtWDFveVlhaTNrTFA5T1lQclYzMUJoOUp2WGdyS3VTZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1505
content-length
541
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1F00 		398 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhD5qGIY65O9xwEwAQ&v=APEucNWPeP8S5jUnLloe0TcYCjuh3nMr498ArztgFBSUg8PgLfN-QDWVVtok8sRWt81PSVQ0d1DjcycTsWnIG-D8fXrYAQGYVQPFcaV9i57C9-mbXGEaNlBDBeTNJIb488A-Atsn5FmYzMXccEmrDGHbEZgbNZoowcUQ8aSfII9Hawt81iVKzys
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
258
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 15 Aug 2022 16:16:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 88AE 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CARW-iJRnYqo3S-11eEXGn-c692rg2utpRsuRxYkFVy9ZRnKGXYP9__eCjTgq-QzqN0ixriEsmLlKz28lX_MbMAq9joyEr4Ts3ZYVmwdA-ewM97y5epm_S6A5eKMoeCCQTqDP3SPqCCwVLI_8yxddxtnIu9g&dbm_d=AKAmf-DCClTyQtZa5bdetg0BT6AZAqyLOKLSwSoyo1crwSeXmnVKCKzQzk0eAPNhjXaVxka4T5qJUphA_dvzkG5YYpFUAbFT0wEKeP6T8GlYsn4IvqhmIiT7p4dLnS3rzLr9MSTfiLTswPzZP7dmGcQsVhMjjUX87Xj-S1usB5iWS4vpRBvoHBCELzoF79VEPa222VQdg8T7W3PDXc6sS8eEQd6eZDxJvQ2ook4fcYHWQfMNNc4QU26RGSd0ACsLHffhWVRQLjkYpSgoD9H0xfKfcth__ILaFLUnazA-QWLoXu-oLKms0Y7YnNBFkRatR4EdpUNYViypQ6ntY50umI1vUfvwaDmcWHnxVWuadeJt1zMJHyKSKIVKPDDao5-ZLTLURlP4Gif8v5bVkgmdTFB8MOaYhWZA1_Wd8PBdJbznyM2uvrx56wDWpeXPcFZk7wEcNT4HwIEZRcynNHMjCNiMgOkD2IwirmB_MKQ-nOQ1h8jH4MNXGCd7grOCyPU0upj9-NmTPAQZTbn_B0vaZ7VPIeH4B_WEYvK8O2YB0vyMmSTDEM1Ap6ECFoK0vc4pLFxYq_9F0u_h-cXNEKBKmCFQJgST2QEYTII4VGbHLqbK2vhF9PmlPq2vTBuqgWhPoiMflAw0pxxV-vh2Yc3nNIQc_F9M9FqvDa5_9YM7_lywk_jRVqwKTl36q2ODO2h6e3VLRjyNtbadQU_2ykq97-_17q_ruLnoxfdaQ3KMdWFeqgHNcgwfHxAVeB3dkd30ecgzDebR0_jFAuOUi2UmVO1qrj5FaZRyI0Mzw3hk4X4XE_37_HqAFnoEjkj9_xM3mcwlwkVnMrao4DgkAShtMp2vMltYwnEXDp-uNMKIVKKnWwDrCwBLmQJNkhM4GQhpQaRwf_GrvYOzrK462Gbk3li9Rtw8MNfIuByzKkJ9t_iC_fGka3SvSdG6SAi9roJ8FNA0PR1Dnyo0iqDtoruqju5A7CSSz6krBA8ULux-8SCZD0Z9ATPaqFs0-Oas25htUttH-ZWKMO-stTVPR1v6v5SVVZuCo4X3iSejI3TFmwrNT_manq_rTPjEvGO-7HUMC6s6x2rQ1UF5sC3-DNeMMTRQQHjJsUjOdj0h7Ohf7E7_XADrw-IoU1lXBsetiDG-VMnXNOPCwE6KQx3Ki6EB5YE1E69yB9n91vCjYWj6PCdMATb1KHLX0nQQsTwmmbbWwwPDEsk4eVHBPZS0nG3yX8GTxekmaRDwRBMwIuILaf-k4W_onM0beE4oRrG34_7nctLcEIOptg-05DOWMOoihnAQ9qjXTMeqBmu2-IVht5yfIVxNUp2eR16RJpeNGv6TJmjcm4LWpNs4I3ry8Aem3e987oXBwlGVpgryUvnKV7Y--RJtApKK0dDYLelwmSDyB7rIg2rF8JVbLcpnHaHpMpfq5MSNOI4ZhXk4L22vRI8x8jqMj-qsZPntLw1HhgMfUVIoMVjDZa3gvR5DgBzFgO1uQWe_gcnJJWGHtQ9Y4VX4ttxm-QCw74Spt_vnVFMLPjQ4HXozk0mAxwICHpPRZVG6AUoaAYmhO4IKtrR3IdHU7_0mSYs5nitv9xDi8FsClQ-Qj6vETC9cg1ZQWNQ9gXWW-m83JbLl3APaUL6fjTQTO8uT2l6-gO9WZoPUnTqLTPSADYyK26ut6dVd1AWIdULuB3vKFiDanoBUd-lerTUaK4S_KXzIB5uBBkBZGhegjGHU4AdqsPgRG1w78IhSGLH0WBNz1nLIg-OaaAxWqg2btHUVf4PE-d9WbAwBkZgTwQEfE5BqLoG1CtkweJHDeZratExmaSnnmNeXpMxnBED7k8ng_34ajAZbSMFBAHxoEfKKtA9eLJ7kAe6ovw_VA2DrSm3Fz9plx1IxsgtwPjk87utpBUkHc7nQSjIThY9JuzDJ50WeyIH4p2HmB0UVvpz-o0mmMeG6e7_EhPOM8amL8YL2ZUn_7HnMCFWOz1NGhujhj6MVph_f1IoGyRLDIJUTaLcyUqLaJKzkQ0tmJTHJBSP-P1U3sqK-kndKZ0m_fsBiKv7Fc6JKQZA1erhw913RvniUwFDt55ZrODEMZSbV7T6bvobcKnqWaCmQkTdNjnaIFGxuno_T7cK1rr_Fn1RsnIjY-fN7J1abu_GfsfM8umKcFjGflu9L3ZXcbgkmt7nxd23fK1msunQWsG8lykPAEX8X_m8N_PH9TDXEt9xHD1ia1cvXHWAF5BNnnKgjkR5PN49hDQ9tz5l3PeJ6M4BhyQJthH1qI05oT6Fr6HwncP8RYRzlOnelaz3rzqeFl8RD0pe-r7SAZsYi1GArDHsueqho9WKbrzr8oEOPfO2sSET2mAGUTsvDNU7JmsAB3Hk50girWlsVGSgSTYRMmttusS_dat02oroylkIjO7CwuqwynLH9d_jy9LCMihS-v0_krxrirZAbbhzDLZ1wh2TQMuJSnuXKLZL1f-YO7Q3HU3TcCdiUfHwhHir6AcWrPfHZ-NAso01N7m-zUXjzKRrewyjh8-Q0ITCY_tW_BoJ5ShFYYKyL8TYPWu6ge9hwD7BCXKEjHr9RwHN2vEM9_WkfFdSl4Wgh0mLTyqqI5AAV_-SQe7zyOeFbIq_0t6ALQvr1_UvFF3YLGUPGRbbnpYq22pXPWUEqSul0suCWFSlPhhSq-Gm7MXz8oORLBcmUe3ElbIG7bwmb5YnDW-ZtgTHE0Wz7bj6GKJd7BwOjyRz18d-wwLA_7s4Sf_pnYuRwf7mmei9wZ80K830JiMqaj4Gma2VNDbfC9_w8jiANsqeZxDBgDWue-oq6yMowqzvZy-g5kQkYsxLhlFAzgPYnP_tnqCh4wONVMdASxcmq05aGCGzAjHPWidw4PXWWGI6-U3A9meLXOOQ-atosn0rIMEvXK7PKojyYnZ1Tl2kXwFKGFFevt0ux-B0lr9MsWZfCNRNTz-kKsl5FPIP1xCWeq7Elt9bEomut7c57qWfAhZsDqo78-rJQIZpbr_o9AxvONnLw9d76g0_x1e-woKQnaEG1jzXSYMIkqeF6BYvHWTsbS_LZl9GzNBvLc-GyMlQhiCHqv1G-RIZ9FOhxtzLGxQ4JqXJdvaQYMYTRTef-vO5sW6nBwffmwozCWNvk61YxEUQPh5UnjjklI1DJD5PNFWIJw_AKrR_a0_GO2RsNmmBkR77jU_wO8nBIqbEK4R46SR1pmJnCB12Lp1j8a-UY9w3qwF5-CMnkwVo7b4ihCm08DTFGEGxw8lkKQQwymyH2J_7596jeeX9Z1XKiIM8ld3jNEUNp5sESSNeyYq7eodreKhqZRKN-dtk&cid=CAASJeRoxp_kUA1xV9cpxJLpygjNyzhBpyU21Hk95SpQdM9RXNEUdzk&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43b5cdf6749fa87750231c937ae08edb61910afaf11f790291192ac30e50c57d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36983
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 88AE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CFmtyHb3bnHgA8e5QsUv8xOsSTxHG4P54J5lHpje1U4YPcZhMFw4F6ATWk7CdAJ4U0K9dsG2MvX7n31gUSJ8XFChWlAHd3C5DbxtVh921tNWwrT8s
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 88AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/window_focus_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:13:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
189
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:13:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 88AE 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44015
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660137096112928"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 Aug 2022 16:16:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/ Frame 88AE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220810/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:48 GMT
l
www.google.com/ads/measurement/ Frame 88AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLtznZwf_8Y7NQeLDcwAQK3P8BtsEgS49FW6v3SfxScsCj23DS99H3G-_09g9tLQHOQOW-ObdFFYAA2LAZlxl65wqg-Q
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34BD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoexSbnH6YufRKdmF9u8PuviiuAsAAAAAOAHgBAI&bg=!LS6lLmrNAAa4hXTbmIU7ACkAdvg8WgCiOuJ--UYYn5gYbmcTm1zEu6aTN4NwKdat2A1xY2y0ZzVNFQIAAADcUgAAAANoAQeZAzmZ5Rb-psbtXnPaB71B6brb1e2aScUFeJbbcSHjvkqDOa31iz3MMaHxJTOdmBkjOZUQyU3QFOO8xwK8yb071GkVUmMxKltby5dv25eqaxaDoShfYc5lx5EEEHaaNQCH5TL9ccTo8Wjo6YP7eSwrxF86vHPOC6D42pzQf51LJ0EXkaLds94hc1skQHlFUQ3SafBV42JBCikT4YjG-8icHPBehzDQ2KFZk_eZ3Z1k1B-tkIGw2TBJP-bdmRcBEO9ZrIEGq5t1hflHz-0dd4HY7OiBRUKnd0JOCkkjg49HXVRgfWz4jtyUALvODq5SVI6fjltypLkncL1c-ZkJ-yh3K9IW5aV7P_zzF88AGh-kPBn-RsWpaImhQgvMzbA7B4kJylWWFHHRzqXeYDbRLJ9UUF5eYP_aD1dtxsqFH3JHh3TwW21uEXWHNpC2PCbfoRb4jYmBAASrZE06szIWamDIm3v2HgDtygIoBFrD75s5V054N1-lWUxuFpUsDdamZpMZujYNk_fxM8WXAfYhtZKsLu12ff2CYygSmvaXMfRB6AUv407ywuu12FpzB1DrlyTrF6ECNQw307khBmh4AE3TZ-JsZOYodeQ620Q2BA3tsk3D5lHmQIxOc3VCGTBKBrvaFDE0DfvQ98iNZ37YSKnQS1Q4dTIAE4nKkVMtpm5pLzKuHm7sxtFAaGbk6PgipTgpsG-rZbg0lr0HEwQAxrc4n0ReNgONz1v8N02bfJwHmlPVAST48LxZQ5WbxiuaKQT54uo7MbE27m1de8EP29XEk8juWT4Epq7OSBZpA5YJP8zuaar1zztHNx_2_fQN3tYxu5qexmmioNDLEbOvJ3gmr5WozkYx-VA6hsxVTzvdJldM_P3HAeJqkfUCWB3YNVEqcbGRkCkwuzbwhnTc_yBlwErDvjN-E1xFFOq7KIKSajr-t0EgfyCetrNCov5wli4sxYj8l9QZ2AsjbLtf1eZvn_7Pr2GvHkp0h44VVO_rS-LgtsPdBjHWlj5txLLi74Z0NQNzA3f1LZHk2L-raCNlJe30PqptdYe6EVHRfowByz_4I3aXbRMGnBot25McAHZ9I1gNmoAnj6I7a5Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1956 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BV_DEbnH6YvT9KJSB9u8PwL-zkAYAAAAAOAHgBAI&bg=!2dql2p7NAAa4hXTbmIU7ACkAdvg8WqX1Jlc0HyfuGyNx9rHGda6Xhe-5zbx6qR5S1qirqZBPJbB7AAIAAADPUgAAAAFoAQeZAyewtXMgxBBDI6J7YL6phQivrKnftsNimW21g3gv2u3Bg0pW1VuCqOMULnDKjj64TQkpqD_sIGd63FLhSanGdWmzD4rDkH6cqc9hlbNH7EzJTGE7f6uxnejInMcKI9AKHt2n-o5XD2XSnKx_6iNSJaAEYCTIMbVhstykEMNXnWOzPNqmXq2hmMkJlhxm_5MTtbYVDXLKAbwsWNYwOX0S3fB85I81TyVYnlv4cKdyB_1g2XneHCLlMFO0k9mEV0ABJmlJhT4B2D9J2cfRZpiugpp4olveKwRpydgh-4fTtClqDMcClSWk8wgvsQBA64BU4Ra5Lrt_OOQBjifotCP2wx2VbWSyF2cYDO0ev4r-n3VERBr4cA0ZUOIOl5-n7dUiVqyMnI1edV_bVPmynbG_Rr34Rt5JcYFVVPSRUX8tapPQG0Hgq6E_9sz-FdUdg8KFKAtxAPxNtF6r_8wTNGpcc1uSuDP04pPVmiMWB8b6Y4wdq97mFPAQ1n9LDIcYIM88FPGjCeBLwVDziD508fAcldxt45dUiZcd-HNWlP3anna99fvpNW96TdMIavKkJ2TZni43bW0Gf5gG5KUJgoT_HNwlnZfTXvp9TkwZrunStlJsnXShSxJXUVLsmSoq2fLHa3kSHrFHGzpABm5aJnGJ82hRllv6Cbr6myieL_MjRSpD9ZbAyxepIFK37DwFS_JXxrofXDG_3JNkOBBuZGGCjnFKuny7uP1agROVN3X19euBui_Vxz1ScSmb9H08zDBuEJoJ4Jc9woyiUHYYt4m6uhoDeqSqByIu5QW4nvWvNVX6f0M2aku7ceTjs4jPDpk8QcVUPKnWroLkvziR26wZM2eYZQVDRrP-fuhzLUURz_QT6uI4iq_ZPctpLs8Rzh0vGin02QQ34PsCgooXZAZlJc3N9yHHzrBfHF-klBu69-u3ko_3Bt4Yu5yyXyoyhanQPmco6NOVW7pWgYTtyu9I8WZ0_qWS9nJ1UORPNBk3K6pgotSCGTEoxuvv9LtA_9zekrBnQvlKS2u5XNYn7ZNLuvpy8i5ReGpUfbqK_L-WOQYr3wA2TtYkjaU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 418B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=54370028-ab57-8d4f-dd18-1bb8ce7c6593&tv=%7Bc:lnqHbw,time:665,type:e,im:%7Bpci:%7Btdr:452%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:665,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B660~0%5D,as:%5B660~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:548,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C151211%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a*.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a4%7C1b.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame A3D7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=fee7acae-2665-8bcd-ff33-36ebf2d4fb52&tv=%7Bc:lnqHbx,time:620,type:e,im:%7Bpci:%7Btdr:409%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:620,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B615~0%5D,as:%5B615~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:392,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C151211%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a.886862-62195781%7C1a1%7C1a2%7C1a3%7C1a4%7C1a5%7C1b*.886862-62195778%7C1b1%7C1b2%7C1b3%7C1b4,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 418B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=54370028-ab57-8d4f-dd18-1bb8ce7c6593&tv=%7Bc:lnqHcq,pingTime:-10,time:721,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660580207790%7C%7C776759cb76c50667c64e4d95c6a8dd16%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7Cc1f86b7a3ed4b91163f2cbb1b30c06e4%7C%7C54d9f0b9e9753e8eea35b5f665fa3cca%7C%7C694238354c66de7f06fd5839587f4b43%7C%7Cefb8a30f9a2bc541fb132b95c77458f5%7C%7Cc6c926171176942d3e32118aa236ed54%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
rtb-csync.smartadserver.com/redir/ Frame 1F00
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFQRguupOg_DZxy01JrszJc&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFQRguupOg_DZxy01JrszJc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhD5qGIY65O9xwEwAQ&v=APEucNWPeP8S5jUnLloe0TcYCjuh3nMr498ArztgFBSUg8PgLfN-QDWVVtok8sRWt81PSVQ0d1DjcycTsWnIG-D8fXrYAQGYVQPFcaV9i57C9-mbXGEaNlBDBeTNJIb488A-Atsn5FmYzMXccEmrDGHbEZgbNZoowcUQ8aSfII9Hawt81iVKzys
Protocol
HTTP/1.1
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:46 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEFQRguupOg_DZxy01JrszJc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 1F00 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhD5qGIY65O9xwEwAQ&v=APEucNWPeP8S5jUnLloe0TcYCjuh3nMr498ArztgFBSUg8PgLfN-QDWVVtok8sRWt81PSVQ0d1DjcycTsWnIG-D8fXrYAQGYVQPFcaV9i57C9-mbXGEaNlBDBeTNJIb488A-Atsn5FmYzMXccEmrDGHbEZgbNZoowcUQ8aSfII9Hawt81iVKzys
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
transfer-encoding
chunked
content-type
image/gif
skeleton.js
fw.adsafeprotected.com/rjss/st/1007518/62065264/ Frame 88AE 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1007518/62065264/skeleton.js?ias_dspID=3&ias_campId=28353527&ias_pubId=pub-4903453974745530&ias_chanId=1&ias_placementId=17197673205&bidurl=https://kooora4lives.net/home5/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0iWuU9bxIEfM0mlnF-96BrT
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.82.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-82-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d20bb381e64f0051aaddc86758c3f2142c72117d257dab44b09463ddd53b3898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 88AE 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Origin
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 09:05:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Aug 2022 09:05:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/ Frame 88AE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CARW-iJRnYqo3S-11eEXGn-c692rg2utpRsuRxYkFVy9ZRnKGXYP9__eCjTgq-QzqN0ixriEsmLlKz28lX_MbMAq9joyEr4Ts3ZYVmwdA-ewM97y5epm_S6A5eKMoeCCQTqDP3SPqCCwVLI_8yxddxtnIu9g&dbm_d=AKAmf-DCClTyQtZa5bdetg0BT6AZAqyLOKLSwSoyo1crwSeXmnVKCKzQzk0eAPNhjXaVxka4T5qJUphA_dvzkG5YYpFUAbFT0wEKeP6T8GlYsn4IvqhmIiT7p4dLnS3rzLr9MSTfiLTswPzZP7dmGcQsVhMjjUX87Xj-S1usB5iWS4vpRBvoHBCELzoF79VEPa222VQdg8T7W3PDXc6sS8eEQd6eZDxJvQ2ook4fcYHWQfMNNc4QU26RGSd0ACsLHffhWVRQLjkYpSgoD9H0xfKfcth__ILaFLUnazA-QWLoXu-oLKms0Y7YnNBFkRatR4EdpUNYViypQ6ntY50umI1vUfvwaDmcWHnxVWuadeJt1zMJHyKSKIVKPDDao5-ZLTLURlP4Gif8v5bVkgmdTFB8MOaYhWZA1_Wd8PBdJbznyM2uvrx56wDWpeXPcFZk7wEcNT4HwIEZRcynNHMjCNiMgOkD2IwirmB_MKQ-nOQ1h8jH4MNXGCd7grOCyPU0upj9-NmTPAQZTbn_B0vaZ7VPIeH4B_WEYvK8O2YB0vyMmSTDEM1Ap6ECFoK0vc4pLFxYq_9F0u_h-cXNEKBKmCFQJgST2QEYTII4VGbHLqbK2vhF9PmlPq2vTBuqgWhPoiMflAw0pxxV-vh2Yc3nNIQc_F9M9FqvDa5_9YM7_lywk_jRVqwKTl36q2ODO2h6e3VLRjyNtbadQU_2ykq97-_17q_ruLnoxfdaQ3KMdWFeqgHNcgwfHxAVeB3dkd30ecgzDebR0_jFAuOUi2UmVO1qrj5FaZRyI0Mzw3hk4X4XE_37_HqAFnoEjkj9_xM3mcwlwkVnMrao4DgkAShtMp2vMltYwnEXDp-uNMKIVKKnWwDrCwBLmQJNkhM4GQhpQaRwf_GrvYOzrK462Gbk3li9Rtw8MNfIuByzKkJ9t_iC_fGka3SvSdG6SAi9roJ8FNA0PR1Dnyo0iqDtoruqju5A7CSSz6krBA8ULux-8SCZD0Z9ATPaqFs0-Oas25htUttH-ZWKMO-stTVPR1v6v5SVVZuCo4X3iSejI3TFmwrNT_manq_rTPjEvGO-7HUMC6s6x2rQ1UF5sC3-DNeMMTRQQHjJsUjOdj0h7Ohf7E7_XADrw-IoU1lXBsetiDG-VMnXNOPCwE6KQx3Ki6EB5YE1E69yB9n91vCjYWj6PCdMATb1KHLX0nQQsTwmmbbWwwPDEsk4eVHBPZS0nG3yX8GTxekmaRDwRBMwIuILaf-k4W_onM0beE4oRrG34_7nctLcEIOptg-05DOWMOoihnAQ9qjXTMeqBmu2-IVht5yfIVxNUp2eR16RJpeNGv6TJmjcm4LWpNs4I3ry8Aem3e987oXBwlGVpgryUvnKV7Y--RJtApKK0dDYLelwmSDyB7rIg2rF8JVbLcpnHaHpMpfq5MSNOI4ZhXk4L22vRI8x8jqMj-qsZPntLw1HhgMfUVIoMVjDZa3gvR5DgBzFgO1uQWe_gcnJJWGHtQ9Y4VX4ttxm-QCw74Spt_vnVFMLPjQ4HXozk0mAxwICHpPRZVG6AUoaAYmhO4IKtrR3IdHU7_0mSYs5nitv9xDi8FsClQ-Qj6vETC9cg1ZQWNQ9gXWW-m83JbLl3APaUL6fjTQTO8uT2l6-gO9WZoPUnTqLTPSADYyK26ut6dVd1AWIdULuB3vKFiDanoBUd-lerTUaK4S_KXzIB5uBBkBZGhegjGHU4AdqsPgRG1w78IhSGLH0WBNz1nLIg-OaaAxWqg2btHUVf4PE-d9WbAwBkZgTwQEfE5BqLoG1CtkweJHDeZratExmaSnnmNeXpMxnBED7k8ng_34ajAZbSMFBAHxoEfKKtA9eLJ7kAe6ovw_VA2DrSm3Fz9plx1IxsgtwPjk87utpBUkHc7nQSjIThY9JuzDJ50WeyIH4p2HmB0UVvpz-o0mmMeG6e7_EhPOM8amL8YL2ZUn_7HnMCFWOz1NGhujhj6MVph_f1IoGyRLDIJUTaLcyUqLaJKzkQ0tmJTHJBSP-P1U3sqK-kndKZ0m_fsBiKv7Fc6JKQZA1erhw913RvniUwFDt55ZrODEMZSbV7T6bvobcKnqWaCmQkTdNjnaIFGxuno_T7cK1rr_Fn1RsnIjY-fN7J1abu_GfsfM8umKcFjGflu9L3ZXcbgkmt7nxd23fK1msunQWsG8lykPAEX8X_m8N_PH9TDXEt9xHD1ia1cvXHWAF5BNnnKgjkR5PN49hDQ9tz5l3PeJ6M4BhyQJthH1qI05oT6Fr6HwncP8RYRzlOnelaz3rzqeFl8RD0pe-r7SAZsYi1GArDHsueqho9WKbrzr8oEOPfO2sSET2mAGUTsvDNU7JmsAB3Hk50girWlsVGSgSTYRMmttusS_dat02oroylkIjO7CwuqwynLH9d_jy9LCMihS-v0_krxrirZAbbhzDLZ1wh2TQMuJSnuXKLZL1f-YO7Q3HU3TcCdiUfHwhHir6AcWrPfHZ-NAso01N7m-zUXjzKRrewyjh8-Q0ITCY_tW_BoJ5ShFYYKyL8TYPWu6ge9hwD7BCXKEjHr9RwHN2vEM9_WkfFdSl4Wgh0mLTyqqI5AAV_-SQe7zyOeFbIq_0t6ALQvr1_UvFF3YLGUPGRbbnpYq22pXPWUEqSul0suCWFSlPhhSq-Gm7MXz8oORLBcmUe3ElbIG7bwmb5YnDW-ZtgTHE0Wz7bj6GKJd7BwOjyRz18d-wwLA_7s4Sf_pnYuRwf7mmei9wZ80K830JiMqaj4Gma2VNDbfC9_w8jiANsqeZxDBgDWue-oq6yMowqzvZy-g5kQkYsxLhlFAzgPYnP_tnqCh4wONVMdASxcmq05aGCGzAjHPWidw4PXWWGI6-U3A9meLXOOQ-atosn0rIMEvXK7PKojyYnZ1Tl2kXwFKGFFevt0ux-B0lr9MsWZfCNRNTz-kKsl5FPIP1xCWeq7Elt9bEomut7c57qWfAhZsDqo78-rJQIZpbr_o9AxvONnLw9d76g0_x1e-woKQnaEG1jzXSYMIkqeF6BYvHWTsbS_LZl9GzNBvLc-GyMlQhiCHqv1G-RIZ9FOhxtzLGxQ4JqXJdvaQYMYTRTef-vO5sW6nBwffmwozCWNvk61YxEUQPh5UnjjklI1DJD5PNFWIJw_AKrR_a0_GO2RsNmmBkR77jU_wO8nBIqbEK4R46SR1pmJnCB12Lp1j8a-UY9w3qwF5-CMnkwVo7b4ihCm08DTFGEGxw8lkKQQwymyH2J_7596jeeX9Z1XKiIM8ld3jNEUNp5sESSNeyYq7eodreKhqZRKN-dtk&cid=CAASJeRoxp_kUA1xV9cpxJLpygjNyzhBpyU21Hk95SpQdM9RXNEUdzk&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:14:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
138
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:14:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/ Frame 88AE 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220810/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CARW-iJRnYqo3S-11eEXGn-c692rg2utpRsuRxYkFVy9ZRnKGXYP9__eCjTgq-QzqN0ixriEsmLlKz28lX_MbMAq9joyEr4Ts3ZYVmwdA-ewM97y5epm_S6A5eKMoeCCQTqDP3SPqCCwVLI_8yxddxtnIu9g&dbm_d=AKAmf-DCClTyQtZa5bdetg0BT6AZAqyLOKLSwSoyo1crwSeXmnVKCKzQzk0eAPNhjXaVxka4T5qJUphA_dvzkG5YYpFUAbFT0wEKeP6T8GlYsn4IvqhmIiT7p4dLnS3rzLr9MSTfiLTswPzZP7dmGcQsVhMjjUX87Xj-S1usB5iWS4vpRBvoHBCELzoF79VEPa222VQdg8T7W3PDXc6sS8eEQd6eZDxJvQ2ook4fcYHWQfMNNc4QU26RGSd0ACsLHffhWVRQLjkYpSgoD9H0xfKfcth__ILaFLUnazA-QWLoXu-oLKms0Y7YnNBFkRatR4EdpUNYViypQ6ntY50umI1vUfvwaDmcWHnxVWuadeJt1zMJHyKSKIVKPDDao5-ZLTLURlP4Gif8v5bVkgmdTFB8MOaYhWZA1_Wd8PBdJbznyM2uvrx56wDWpeXPcFZk7wEcNT4HwIEZRcynNHMjCNiMgOkD2IwirmB_MKQ-nOQ1h8jH4MNXGCd7grOCyPU0upj9-NmTPAQZTbn_B0vaZ7VPIeH4B_WEYvK8O2YB0vyMmSTDEM1Ap6ECFoK0vc4pLFxYq_9F0u_h-cXNEKBKmCFQJgST2QEYTII4VGbHLqbK2vhF9PmlPq2vTBuqgWhPoiMflAw0pxxV-vh2Yc3nNIQc_F9M9FqvDa5_9YM7_lywk_jRVqwKTl36q2ODO2h6e3VLRjyNtbadQU_2ykq97-_17q_ruLnoxfdaQ3KMdWFeqgHNcgwfHxAVeB3dkd30ecgzDebR0_jFAuOUi2UmVO1qrj5FaZRyI0Mzw3hk4X4XE_37_HqAFnoEjkj9_xM3mcwlwkVnMrao4DgkAShtMp2vMltYwnEXDp-uNMKIVKKnWwDrCwBLmQJNkhM4GQhpQaRwf_GrvYOzrK462Gbk3li9Rtw8MNfIuByzKkJ9t_iC_fGka3SvSdG6SAi9roJ8FNA0PR1Dnyo0iqDtoruqju5A7CSSz6krBA8ULux-8SCZD0Z9ATPaqFs0-Oas25htUttH-ZWKMO-stTVPR1v6v5SVVZuCo4X3iSejI3TFmwrNT_manq_rTPjEvGO-7HUMC6s6x2rQ1UF5sC3-DNeMMTRQQHjJsUjOdj0h7Ohf7E7_XADrw-IoU1lXBsetiDG-VMnXNOPCwE6KQx3Ki6EB5YE1E69yB9n91vCjYWj6PCdMATb1KHLX0nQQsTwmmbbWwwPDEsk4eVHBPZS0nG3yX8GTxekmaRDwRBMwIuILaf-k4W_onM0beE4oRrG34_7nctLcEIOptg-05DOWMOoihnAQ9qjXTMeqBmu2-IVht5yfIVxNUp2eR16RJpeNGv6TJmjcm4LWpNs4I3ry8Aem3e987oXBwlGVpgryUvnKV7Y--RJtApKK0dDYLelwmSDyB7rIg2rF8JVbLcpnHaHpMpfq5MSNOI4ZhXk4L22vRI8x8jqMj-qsZPntLw1HhgMfUVIoMVjDZa3gvR5DgBzFgO1uQWe_gcnJJWGHtQ9Y4VX4ttxm-QCw74Spt_vnVFMLPjQ4HXozk0mAxwICHpPRZVG6AUoaAYmhO4IKtrR3IdHU7_0mSYs5nitv9xDi8FsClQ-Qj6vETC9cg1ZQWNQ9gXWW-m83JbLl3APaUL6fjTQTO8uT2l6-gO9WZoPUnTqLTPSADYyK26ut6dVd1AWIdULuB3vKFiDanoBUd-lerTUaK4S_KXzIB5uBBkBZGhegjGHU4AdqsPgRG1w78IhSGLH0WBNz1nLIg-OaaAxWqg2btHUVf4PE-d9WbAwBkZgTwQEfE5BqLoG1CtkweJHDeZratExmaSnnmNeXpMxnBED7k8ng_34ajAZbSMFBAHxoEfKKtA9eLJ7kAe6ovw_VA2DrSm3Fz9plx1IxsgtwPjk87utpBUkHc7nQSjIThY9JuzDJ50WeyIH4p2HmB0UVvpz-o0mmMeG6e7_EhPOM8amL8YL2ZUn_7HnMCFWOz1NGhujhj6MVph_f1IoGyRLDIJUTaLcyUqLaJKzkQ0tmJTHJBSP-P1U3sqK-kndKZ0m_fsBiKv7Fc6JKQZA1erhw913RvniUwFDt55ZrODEMZSbV7T6bvobcKnqWaCmQkTdNjnaIFGxuno_T7cK1rr_Fn1RsnIjY-fN7J1abu_GfsfM8umKcFjGflu9L3ZXcbgkmt7nxd23fK1msunQWsG8lykPAEX8X_m8N_PH9TDXEt9xHD1ia1cvXHWAF5BNnnKgjkR5PN49hDQ9tz5l3PeJ6M4BhyQJthH1qI05oT6Fr6HwncP8RYRzlOnelaz3rzqeFl8RD0pe-r7SAZsYi1GArDHsueqho9WKbrzr8oEOPfO2sSET2mAGUTsvDNU7JmsAB3Hk50girWlsVGSgSTYRMmttusS_dat02oroylkIjO7CwuqwynLH9d_jy9LCMihS-v0_krxrirZAbbhzDLZ1wh2TQMuJSnuXKLZL1f-YO7Q3HU3TcCdiUfHwhHir6AcWrPfHZ-NAso01N7m-zUXjzKRrewyjh8-Q0ITCY_tW_BoJ5ShFYYKyL8TYPWu6ge9hwD7BCXKEjHr9RwHN2vEM9_WkfFdSl4Wgh0mLTyqqI5AAV_-SQe7zyOeFbIq_0t6ALQvr1_UvFF3YLGUPGRbbnpYq22pXPWUEqSul0suCWFSlPhhSq-Gm7MXz8oORLBcmUe3ElbIG7bwmb5YnDW-ZtgTHE0Wz7bj6GKJd7BwOjyRz18d-wwLA_7s4Sf_pnYuRwf7mmei9wZ80K830JiMqaj4Gma2VNDbfC9_w8jiANsqeZxDBgDWue-oq6yMowqzvZy-g5kQkYsxLhlFAzgPYnP_tnqCh4wONVMdASxcmq05aGCGzAjHPWidw4PXWWGI6-U3A9meLXOOQ-atosn0rIMEvXK7PKojyYnZ1Tl2kXwFKGFFevt0ux-B0lr9MsWZfCNRNTz-kKsl5FPIP1xCWeq7Elt9bEomut7c57qWfAhZsDqo78-rJQIZpbr_o9AxvONnLw9d76g0_x1e-woKQnaEG1jzXSYMIkqeF6BYvHWTsbS_LZl9GzNBvLc-GyMlQhiCHqv1G-RIZ9FOhxtzLGxQ4JqXJdvaQYMYTRTef-vO5sW6nBwffmwozCWNvk61YxEUQPh5UnjjklI1DJD5PNFWIJw_AKrR_a0_GO2RsNmmBkR77jU_wO8nBIqbEK4R46SR1pmJnCB12Lp1j8a-UY9w3qwF5-CMnkwVo7b4ihCm08DTFGEGxw8lkKQQwymyH2J_7596jeeX9Z1XKiIM8ld3jNEUNp5sESSNeyYq7eodreKhqZRKN-dtk&cid=CAASJeRoxp_kUA1xV9cpxJLpygjNyzhBpyU21Hk95SpQdM9RXNEUdzk&rfl=1%2Chttps%253A%252F%252Fkooora4lives.net%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:15:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 Aug 2022 16:15:13 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 88AE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 17:19:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
341862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Aug 2023 17:19:05 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EFFA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 14 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Mon, 15 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/3708803198342480291/ Frame 3203 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
148de0e06a5eb3895d0d1c671d3cc73fc6ef37f8b3f9cdcbe1ec06e06eb18d7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
460640
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1591
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 08:19:27 GMT
expires
Thu, 10 Aug 2023 08:19:27 GMT
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 88AE 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVqXosFv3iqMcwkpcN07x5o9WO4_uT7ETG02klql7gN4_cUODHjdt7rwXvnlN27_h4utnuKrl8tFFeIZJGGxmRjS_lizM8-z9HIdhOKtOP5Kq4vKuA0bqvInGBaWzxmIRsaigPyQ4M0wGxWksGV5r9yMLkcLavxMs1bz71bbQx2foi_aEhDVKS1WxJt9G9nzg778bdSKKz2PJLXwa41wAfbYvlb72yy5uJiRiavvsDWBdRTMFYb7tL72UkXvtu3E3L06kDlmcSFqRVIVdlBz13S_62l4tULujpEanKYNYWs4EqJZH5dwDlJxoTn3RerHMYo4fbIwCKQpFo05V3oyPusEgoHmIfEB14wsS3_EQPLR12PqN5Muwh_wDD5YBWy-W_EtHu8U7wyqtli5hzRTzm8_3z5VkOMfMQD9NwAvDHnF9DCMUUM2V0Asa0sCkk01Jk0tpCJq5FGnS1TNqSdQgvJQHNmI0fTiYNtAe4O2b-ZPJjyzrT-rMvsSFDjBwNIZNxPuoJ1TPIPfZNPaot-Ab7TRsVxk0BLUAdEjuAlxnJmQ8WKTFcX3K58glnIpK_bIN9qxCz6aEN8ik1wz2R_SpDg_iO2RvitT8AmX71PIumbT-TqAepzwv4RlkZq_00VtSBfOArAe4zqi0UYhnJFsvNQzuGTf1skfD6LjBK6q3GhmB9sZV9rXrl3QhIhkMZh9GxvZv_GAcx6Bxel6VowBblsXqvZfb3Wq9CuxC5WIxyYPnwVDBR1TLlmGzaa5X00zYMfsuvtmw-s8nG0tJ0JjLqpToST4TFXRj7MHH9N6WZ8D2gdxoOr9OVsq1GR2ccHBMRhj34DP279ojruSzQ4QzRCuWrfmOjkAytI9HIrTH0oHq-GE7Uqdyt7w4ZioRKOAFuTm0WfL03gKI4CprI1gchazF6-IBiY2wlyhMmEqydSjQ36wrUHaNs7wtcfebPiIQL378H4h2zwMwmlg2FOjWjAH7dCijBAhPhfmVwvaKlIjKwLJ16022qOeQ7kZbFkv62xxVQbTe4tRRBGIe5HgE1fGpCAzYMiSXqpsxnnmLTozMpS0x0y-F1TYiXDe4kmOk2uFRxGCcZJU0MjCrZ_TqXpqbdVnRJ__3HedqDM5ANwUo5hbu80YwRt5iYHs1tW732k3e4PdDi1wWRJYo9exPaWJlFYjizFMeEuv7jq4q-337gJJGlWco6cndy7C_ESVxz1y8I5q8h-Li0ah9_EBrFUAOMDpZIMZAuiFrcA8DrFBRzLKiy-7vAH3RCMWsSdd9oyVaG&sai=AMfl-YQJglwH_iDa6OMzfhDhv4PiwhkJ_qsu6b45yXgTumkG3msB8mRML7fkcOGmCrWhIveJXZeC20jQBALO2W1KINq1tpbQOUmrdDiiYM57hL2XPXyC-gmZ7rp4cRo4F_aqj0Dd2Y8vE_aKW8I1K6TcoWhmby3Z_C_4N4HAYRdv34xqdWBry9XzTy7RTsXjpjdq6goXpPxBZ1AjypPMwo7GH_l1Wmy08Z3dk-Okr6-pCDyokBs&sig=Cg0ArKJSzI1inLu0beaGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=47&cbvp=1&cstd=46&cisv=r20220810.39783&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Mon, 15 Aug 2022 16:16:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
main.19.8.343.js
static.adsafeprotected.com/ Frame 88AE 		193 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.343.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1007518/62065264/skeleton.js?ias_dspID=3&ias_campId=28353527&ias_pubId=pub-4903453974745530&ias_chanId=1&ias_placementId=17197673205&bidurl=https://kooora4lives.net/home5/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0iWuU9bxIEfM0mlnF-96BrT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d58d46be1f35b78ccafcab30011144eeaf985c95227ab27d683fbb46cdf2ca9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 16:34:22 GMT
content-encoding
gzip
age
344545
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 10 Aug 2022 18:33:46 GMT
server
AmazonS3
etag
W/"2a354ce8135fe47396c547d298dd1c1f"
vary
Accept-Encoding
x-amz-version-id
XdaPczT9hxfpUjvYqrD4cnU5x3Jkt2N0
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
s2f8kPZH1ECzET1dOxmSuCpmQDr5Twt80rIxSfzU7cIXiXo8KN3-FQ==
dt
dt.adsafeprotected.com/ Frame A3D7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=fee7acae-2665-8bcd-ff33-36ebf2d4fb52&tv=%7Bc:lnqHe4,pingTime:-10,time:777,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660580207790%7C%7C776759cb76c50667c64e4d95c6a8dd16%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7Cc1f86b7a3ed4b91163f2cbb1b30c06e4%7C%7C54d9f0b9e9753e8eea35b5f665fa3cca%7C%7C694238354c66de7f06fd5839587f4b43%7C%7Cefb8a30f9a2bc541fb132b95c77458f5%7C%7Cc6c926171176942d3e32118aa236ed54%7C%7C1629390669,sca:%7Bspg:54370028-ab57-8d4f-dd18-1bb8ce7c6593%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
style.css
s0.2mdn.net/sadbundle/3708803198342480291/styles/ Frame 3203 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55cedd4ea3b5e768b24238b50f0747de65a142c975c017270e8ee1df3d6a3783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460450
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1100
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 08:22:37 GMT
1bit.png
s0.2mdn.net/sadbundle/3708803198342480291/images/ Frame 3203 		941 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/images/1bit.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7503538f0f25a5032b4e9ba160febf3b3d55ef6301e8dae623f42e9c7c227c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:19:27 GMT
x-content-type-options
nosniff
age
460640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
941
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 08:19:27 GMT
gsap_3.1.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3203 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.1.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22938
x-xss-protection
0
last-modified
Fri, 24 Jan 2020 21:59:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:16:47 GMT
easepack_3.1.0_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3203 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.1.0_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9da24f671891e5ff2df9d55e23a7e33a8bfd30f868319676424ebfdf661af118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1384
x-xss-protection
0
last-modified
Fri, 24 Jan 2020 21:59:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:16:47 GMT
Enabler.js
s0.2mdn.net/ads/studio/ Frame 3203 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:09:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46978
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 19:45:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:24:19 GMT
ready.min.js
s0.2mdn.net/sadbundle/3708803198342480291/scripts/ Frame 3203 		521 B
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/scripts/ready.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b3b8399546b78434059bfb7b2a2a5146bc214022c795469c0d58e928ecb02dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:19:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 08:19:27 GMT
vars.min.js
s0.2mdn.net/sadbundle/3708803198342480291/scripts/ Frame 3203 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/scripts/vars.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09aafcbe0b5a138c671d01616024d1b99225297c6933fba67256159f7085f5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:19:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1258
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 08:19:27 GMT
politeLoad.min.js
s0.2mdn.net/sadbundle/3708803198342480291/scripts/ Frame 3203 		1 KB
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/scripts/politeLoad.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c3dd6689d03d2746a8f88a0b532c6017066bd0bf7f9da9c940ebb401d5cb72e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 16:54:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602520
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
598
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 16:54:47 GMT
script.js
s0.2mdn.net/sadbundle/3708803198342480291/scripts/ Frame 3203 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/scripts/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aebad28b5263e05a2d0144059201bcc27b764bfc2cc25543bc5e2512f9358d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 20:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1207
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Aug 2023 20:37:59 GMT
/
google2waycm.netmng.com/cm/ Frame EFFA 		0
0
dpixel
cms.quantserve.com/ Frame EFFA 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHPDmDeeOh9WhNQOvIRzHZ4&google_cver=1&google_push=AehlK4Dh_wIRz3e4rUFD--vbVTue8A3-f7bGmN9361bSbdFBjyaVBsVTVloWlFE9ZfgVl5zCEvkDPtrhPmy0lPVSLg5URovUkx3bgQ
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EFFA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEgLBVJJy3L5ltFw5UdNdtA&google_cver=1&google_push=AehlK4AzDHNK1pcqOskQk01vF4LB0A6lFiMSPXyr0lRD4Q8HtY8Ve8UhFR3Ys9SbAQnzKeblSWkoOTVjCWPymmpV...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AzDHNK1pcqOskQk01vF4LB0A6lFiMSPXyr0lRD4Q8HtY8Ve8UhFR3Ys9SbAQnzKeblSWkoOTVjCWPymmpVx04Oyx2eQHJD_A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AzDHNK1pcqOskQk01vF4LB0A6lFiMSPXyr0lRD4Q8HtY8Ve8UhFR3Ys9SbAQnzKeblSWkoOTVjCWPymmpVx04Oyx2eQHJD_A
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 15 Aug 2022 16:16:49 GMT
Server
MT3 4475 c1dc35a master nrt-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AzDHNK1pcqOskQk01vF4LB0A6lFiMSPXyr0lRD4Q8HtY8Ve8UhFR3Ys9SbAQnzKeblSWkoOTVjCWPymmpVx04Oyx2eQHJD_A
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 15 Aug 2022 16:16:48 GMT
dds
rtb.openx.net/sync/ Frame EFFA 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECFqGHHILFZAf7vKZKU98f4&google_cver=1&google_push=AehlK4DvRyXkT8dcgRvMobL6Ov0SflHYRnHYpNkOEnjUee7kOM1yEQRMKsl6jUagAV2u5dUINbBXPZqTfh-ExZlRhbcMggzs8jUEjQ
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
aadpkmcc1502pjuj023jo2vpmdvcph2r
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame EFFA 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKverVEH5AVK9tWxqgkeLY0&google_cver=1&google_push=AehlK4BtGDAdYcxEeamwIJwNIlL8EYsXIkMLGsyioxibYmrN7fpiw_PxLAkrq7aIEFQZEnaDzx-wvAN1BlrQJsNv3P75fuV2XsTgTA
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EFFA
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGqa42Xk0JUYS66wOANmhpE&google_cver=1&google_push=AehlK4Bl66tNDjtySyxfch3cbQt6OJrOdYPteJLJyqaqRJ_hlXlKnrV4mH5gU5WxHcL1WNp_8MaAgNLpaVJG5XLR...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4Bl66tNDjtySyxfch3cbQt6OJrOdYPteJLJyqaqRJ_hlXlKnrV4mH5gU5WxHcL1WNp_8MaAgNLpaVJG5XLRE4cvSqfusBLNvg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4Bl66tNDjtySyxfch3cbQt6OJrOdYPteJLJyqaqRJ_hlXlKnrV4mH5gU5WxHcL1WNp_8MaAgNLpaVJG5XLRE4cvSqfusBLNvg
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 15 Aug 2022 16:16:47 GMT
via
1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
VIE50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4Bl66tNDjtySyxfch3cbQt6OJrOdYPteJLJyqaqRJ_hlXlKnrV4mH5gU5WxHcL1WNp_8MaAgNLpaVJG5XLRE4cvSqfusBLNvg
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
mcUeSUvIhuZOwPr_v3ITLky4SUlYIcfmKG7GxVIeY6UIWK15R7-t2A==
pixel
cm.g.doubleclick.net/ Frame EFFA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIEb3E51b3VDO9otVbGrW0M&google_cver=1&google_push=AehlK4DjzexI2cD0E_ZLY-3kboEbVnl7yTFHY9ZhRiPJSa4P_JIn20snAxa_K-sd0GVue52B_z...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uVGxoQ0xWRTJ1RXc4aWVvYjg0Y2Zta0pXYmhDb1BjT35B&google_push=AehlK4DjzexI2cD0E_ZLY-3kboEbVnl7yTFHY9ZhRiPJSa4P_JIn20snA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uVGxoQ0xWRTJ1RXc4aWVvYjg0Y2Zta0pXYmhDb1BjT35B&google_push=AehlK4DjzexI2cD0E_ZLY-3kboEbVnl7yTFHY9ZhRiPJSa4P_JIn20snAxa_K-sd0GVue52B_zQmQjRv7Nvl3_3EVScY78_dnXyIvD4
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1uVGxoQ0xWRTJ1RXc4aWVvYjg0Y2Zta0pXYmhDb1BjT35B&google_push=AehlK4DjzexI2cD0E_ZLY-3kboEbVnl7yTFHY9ZhRiPJSa4P_JIn20snAxa_K-sd0GVue52B_zQmQjRv7Nvl3_3EVScY78_dnXyIvD4
date
Mon, 15 Aug 2022 16:16:47 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame EFFA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LcaXCvh0jVXlQT1JvGaZyr_GHauliVLQPHsYbrCGAQ2fgR4oVaUCgde8UVSkOIcqZMI-1BFg
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:16:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D1F0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
341861
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Aug 2022 17:19:06 GMT
expires
Fri, 11 Aug 2023 17:19:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
VisaDialect-Bold.woff
s0.2mdn.net/creatives/assets/3932360/ Frame 3203 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3932360/VisaDialect-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdd18201a6cb60ab66f00b5be90de59e0b835fc14e373fb3131016f7cd96b828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/styles/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:03:18 GMT
x-content-type-options
nosniff
age
809
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68000
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 16:24:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:18:18 GMT
VisaDialect-Semibold.woff
s0.2mdn.net/creatives/assets/3932360/ Frame 3203 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3932360/VisaDialect-Semibold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3708803198342480291/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ae6f1d9a918fb412bcbed79d9d2c6a2b0321b2864b0253b637ce5c8833edbe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/styles/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:13:39 GMT
x-content-type-options
nosniff
age
188
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73576
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 09:26:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Aug 2022 16:28:39 GMT
skeleton.js
static.adsafeprotected.com/ Frame 88AE
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1007518/62065264/skeleton.js?ias_dspID=3&ias_campId=28353527&ias_pubId=pub-4903453974745530&ias_chanId=1&ias_placementId=17197673205&bidurl=https://kooora4live...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
age
15646725
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
PTikt0EVIrhCQG1oJj8kSKcvOiL38kojw6ekdW2QeXwiUZ1sYsBBmA==

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:47 GMT
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 0DD1 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
7890134
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
Soa0oxE5z_nJMLacDILQDsrqkHqOT1xNxoDOOy_RbB8U38Vl2xsvAA==
dt
dt.adsafeprotected.com/ Frame 88AE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007518&asId=cedb9eef-94d9-cf5d-2488-92d0611d9038&tv=%7Bc:lnqHfv,pingTime:-3,time:109,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:79%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:109,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB3jZS+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C15121%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b1%7C1b2%7C1b31%7C1b4%7C1b5%7C1c%7C1d*.1007518-62065264%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:48 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 88AE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007518&asId=cedb9eef-94d9-cf5d-2488-92d0611d9038&tv=%7Bc:lnqHfw,pingTime:-6,time:110,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB3jZS+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C15121%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b1%7C1b2%7C1b31%7C1b4%7C1b5%7C1c%7C1d*.1007518-62065264%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:kooora4lives.net*&br=c
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:48 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 88AE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007518&asId=cedb9eef-94d9-cf5d-2488-92d0611d9038&tv=%7Bc:lnqHfH,pingTime:-2,time:121,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:276,beZ:277,mfA:337,cmA:338,inA:338,inZ:342,prA:342,prZ:351,si:356,poA:357,poZ:370,cmZ:370,mfZ:370,loA:387,loZ:389,ltA:397,ltZ:397,mdA:277,mdZ:292%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:79%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:121,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C15121%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a.886862-62195781%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b.886862-62195778%7C1b1%7C1b2%7C1b31%7C1b4%7C1b5%7C1c%7C1d*.1007518-62065264%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:40,readyFired:false%7D&br=c
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:48 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
googleads4.g.doubleclick.net/pcs/ Frame 88AE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVqXosFv3iqMcwkpcN07x5o9WO4_uT7ETG02klql7gN4_cUODHjdt7rwXvnlN27_h4utnuKrl8tFFeIZJGGxmRjS_lizM8-z9HIdhOKtOP5Kq4vKuA0bqvInGBaWzxmIRsaigPyQ4M0wGxWksGV5r9yMLkcLavxMs1bz71bbQx2foi_aEhDVKS1WxJt9G9nzg778bdSKKz2PJLXwa41wAfbYvlb72yy5uJiRiavvsDWBdRTMFYb7tL72UkXvtu3E3L06kDlmcSFqRVIVdlBz13S_62l4tULujpEanKYNYWs4EqJZH5dwDlJxoTn3RerHMYo4fbIwCKQpFo05V3oyPusEgoHmIfEB14wsS3_EQPLR12PqN5Muwh_wDD5YBWy-W_EtHu8U7wyqtli5hzRTzm8_3z5VkOMfMQD9NwAvDHnF9DCMUUM2V0Asa0sCkk01Jk0tpCJq5FGnS1TNqSdQgvJQHNmI0fTiYNtAe4O2b-ZPJjyzrT-rMvsSFDjBwNIZNxPuoJ1TPIPfZNPaot-Ab7TRsVxk0BLUAdEjuAlxnJmQ8WKTFcX3K58glnIpK_bIN9qxCz6aEN8ik1wz2R_SpDg_iO2RvitT8AmX71PIumbT-TqAepzwv4RlkZq_00VtSBfOArAe4zqi0UYhnJFsvNQzuGTf1skfD6LjBK6q3GhmB9sZV9rXrl3QhIhkMZh9GxvZv_GAcx6Bxel6VowBblsXqvZfb3Wq9CuxC5WIxyYPnwVDBR1TLlmGzaa5X00zYMfsuvtmw-s8nG0tJ0JjLqpToST4TFXRj7MHH9N6WZ8D2gdxoOr9OVsq1GR2ccHBMRhj34DP279ojruSzQ4QzRCuWrfmOjkAytI9HIrTH0oHq-GE7Uqdyt7w4ZioRKOAFuTm0WfL03gKI4CprI1gchazF6-IBiY2wlyhMmEqydSjQ36wrUHaNs7wtcfebPiIQL378H4h2zwMwmlg2FOjWjAH7dCijBAhPhfmVwvaKlIjKwLJ16022qOeQ7kZbFkv62xxVQbTe4tRRBGIe5HgE1fGpCAzYMiSXqpsxnnmLTozMpS0x0y-F1TYiXDe4kmOk2uFRxGCcZJU0MjCrZ_TqXpqbdVnRJ__3HedqDM5ANwUo5hbu80YwRt5iYHs1tW732k3e4PdDi1wWRJYo9exPaWJlFYjizFMeEuv7jq4q-337gJJGlWco6cndy7C_ESVxz1y8I5q8h-Li0ah9_EBrFUAOMDpZIMZAuiFrcA8DrFBRzLKiy-7vAH3RCMWsSdd9oyVaG&sai=AMfl-YQJglwH_iDa6OMzfhDhv4PiwhkJ_qsu6b45yXgTumkG3msB8mRML7fkcOGmCrWhIveJXZeC20jQBALO2W1KINq1tpbQOUmrdDiiYM57hL2XPXyC-gmZ7rp4cRo4F_aqj0Dd2Y8vE_aKW8I1K6TcoWhmby3Z_C_4N4HAYRdv34xqdWBry9XzTy7RTsXjpjdq6goXpPxBZ1AjypPMwo7GH_l1Wmy08Z3dk-Okr6-pCDyokBs&sig=Cg0ArKJSzI1inLu0beaGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=199&vt=11&dtpt=152&dett=3&cstd=46&cisv=r20220810.39783&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: kooora4lives.net
URL: https://kooora4lives.net/home5/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Aug 2022 16:16:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
pagead2.googlesyndication.com/bg/ Frame D1F0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 12:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
13945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14125
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Aug 2023 12:24:23 GMT
dt
dt.adsafeprotected.com/ Frame 88AE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007518&asId=cedb9eef-94d9-cf5d-2488-92d0611d9038&tv=%7Bc:lnqHgU,time:196,type:e,im:%7Bpci:%7Btdr:68%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:196,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B132~0%5D,as:%5B132~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C15121%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a.886862-62195781%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b.886862-62195778%7C1b1%7C1b2%7C1b31%7C1b4%7C1b5%7C1c%7C1d*.1007518-62065264%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:48 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame D1F0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6ic_b3H6YpjTLPC79u8Pm9OHEAAAAAA4AeAEAg&bg=!EBOlE1fNAAa4hXTbmIU7ACkAdvg8WuOETfoQ_tcf_aaMe1unLjra_BnT_PqTNlX_-LojIwWuiVCDawIAAABWUgAAAAFoAQeZA0HONN4PHYBaRQi3Kw8JvXh8c9cTXINkj5k0XXDNZZ4Gn2JPXJLofxuV0aIlIJKUnJr2bfGG-Nn_n7ztFh0DV7umrG52_1XGmLBwukdcHQF31X5mI5tgo8fZX1LnNTP-T6gpdhJJe7HAi2s6A4qK7KRr0_2qV9ckVGwLMBzKWKVJveU6Uy7jEnfGzyaFljBjG3UKKYhr-GQNluSpeKySwM1_KgqkOdCiqEZXrpUNB0qEp3BBD8CTfDYfv0ETSIZh279oolUXC280igABtD6sm-97wD17m2SZUz7TsyGJe3sk577VgKjDNB-7tn8Oi4NPUnj3lZsnuiQ0MbvWqz90VjXHwoI-Lvvz5LpRK5BNSqpRNo1mYBkace3ROzIJwaDSEBMVhdmkDkRpXypXUpaTONO8k27k73fZXLVvyzthQ8fjYH4IhFDIZbXGq0NBrtEL0RD6A1XW-mpo-q59-YEWtFuTHXOk0Bk6NrCYKtBF_DELldnlqb5mdrNRVeV8j7QpalZifNqnFqUCSwf-I4NN4UupWewW_x_ouPPT_rgAP6H6it902WLWZpTtoav6vxoae-MUFjCmL-XIXbpG-WUEPI1A2dBi-JFOyKrWb1BeI4q4y1LhYoMMAg5S-M_xixdjWgx7TVyMe8cfJD3b9LskJTvPtkTQhWDEqreBN8JEEa-V5mq86pIYa9813uTP73gkeDYKhSP6jgQS4CSyV9buWJw-S_evCAs-zi4iJd8VZYVFAr7FZeXsRrr-k3ia4swyqNRN2t6FmhfecwGWJeJb-5QmtLzVr_evQR57k93GvV2JjSrW68_8DqIrQHiy48P_a3jjgAOYzf5UITFPb7y0K-1irwRablTs1xKS582YWLQVTYzWjUP6qmfH-QnNC14_uLR8hJovxOT8OP0Xh_9EBHPXzZ8OUIuciKGl3xIJePcv6ac_oM6XPAs2uHQkV6vwsCCPcM2qdxCh5ihkcpYObp6pNnzuWoZzY3Ktuy8UxSGYYojh1IYOq03vmf52nBphuuWdfr1EcL87EKttdlc22KVCt_-vy3-g-xvYfphGFr8WaZEoRQuhpb9yp97foR5D3sw5rvnfWNfK6V6umYe_B7PQbA
Requested by
Host: 505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
URL: https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.aplhb.adipolo.com/adunit/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/x461272/hbw_master_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kooora4lives.net
Date
Mon, 15 Aug 2022 16:16:48 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.net%2F&domain=kooora4lives.net&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://kooora4lives.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 15 Aug 2022 16:16:48 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1184
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.net%2F&domain=kooora4lives.net&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=PF-p_XxRRTYyVkEzbEZseEZDVnRHanF6eXlDbFFOdE96enFNN2RmYlpPTzVhbXplUVh4V3p5RlNOdHBxZ0ZXeGUrS0M4a0VmTHRDcldDVXhJeFpMK1F5QWhmclExWHd1Z25ETXQxRXh1VmRhRUNQcXREa0sxNHNueGQySG...
433 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PF-p_XxRRTYyVkEzbEZseEZDVnRHanF6eXlDbFFOdE96enFNN2RmYlpPTzVhbXplUVh4V3p5RlNOdHBxZ0ZXeGUrS0M4a0VmTHRDcldDVXhJeFpMK1F5QWhmclExWHd1Z25ETXQxRXh1VmRhRUNQcXREa0sxNHNueGQySG93TnRyT2JFeFJCVjlINzF1UW93emJJWW1wOG1wcCtRR05kUUtkVEI0N2lLTkdCK2Q5L256TXo5bnVsQXZkb1JzbnR2emFSNldMUm1DRDZxOUlhRWM5NTg0TXpvWEk1dTl3R0pyeVhtSWtSdHlQNHlHSklmOUVPNkxhYlJFUUlJcHJzdzh4UmVkSHdXRTAxMnJnSUdJWW11YUpkK1REZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e9623afcb3e728bc832a4b258193e255c05ff0be3227176b2742f6b523b0d569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kooora4lives.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:48 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3673
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:48 GMT
location
https://mug.criteo.com/sid?cpp=PF-p_XxRRTYyVkEzbEZseEZDVnRHanF6eXlDbFFOdE96enFNN2RmYlpPTzVhbXplUVh4V3p5RlNOdHBxZ0ZXeGUrS0M4a0VmTHRDcldDVXhJeFpMK1F5QWhmclExWHd1Z25ETXQxRXh1VmRhRUNQcXREa0sxNHNueGQySG93TnRyT2JFeFJCVjlINzF1UW93emJJWW1wOG1wcCtRR05kUUtkVEI0N2lLTkdCK2Q5L256TXo5bnVsQXZkb1JzbnR2emFSNldMUm1DRDZxOUlhRWM5NTg0TXpvWEk1dTl3R0pyeVhtSWtSdHlQNHlHSklmOUVPNkxhYlJFUUlJcHJzdzh4UmVkSHdXRTAxMnJnSUdJWW11YUpkK1REZz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://kooora4lives.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1505
content-length
541
expires
0
692.json
id5-sync.com/g/v2/ 		213 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/461272/hb_561849_14381.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.66 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216537.ip-141-95-98.eu
Software
/
Resource Hash
7adf252d334729901b1558c68f0924f30c1f34be6791c6845cc72a838b85952b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://kooora4lives.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://kooora4lives.net
date
Mon, 15 Aug 2022 16:16:48 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=PF-p_XxRRTYyVkEzbEZseEZDVnRHanF6eXlDbFFOdE96enFNN2RmYlpPTzVhbXplUVh4V3p5RlNOdHBxZ0ZXeGUrS0M4a0VmTHRDcldDVXhJeFpMK1F5QWhmclExWHd1Z25ETXQxRXh1VmRhRUNQcXREa0sxNHNueGQySG93TnRyT2JFeFJCVjlINzF1UW93emJJWW1wOG1wcCtRR05kUUtkVEI0N2lLTkdCK2Q5L256TXo5bnVsQXZkb1JzbnR2emFSNldMUm1DRDZxOUlhRWM5NTg0TXpvWEk1dTl3R0pyeVhtSWtSdHlQNHlHSklmOUVPNkxhYlJFUUlJcHJzdzh4UmVkSHdXRTAxMnJnSUdJWW11YUpkK1REZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 15 Aug 2022 16:16:48 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1126
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 88AE 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b0934982fbf009855aaba2206fee5d3b65ef0b180d938ef4ec7816def7dc2a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 88AE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007518&asId=cedb9eef-94d9-cf5d-2488-92d0611d9038&tv=%7Bc:lnqHCF,pingTime:-10,time:1545,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNC4wLjUxMTIuNzkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1660580207790%7C%7C776759cb76c50667c64e4d95c6a8dd16%7C%7Cb4bf91f622d70e9512a166bc36c81122%7C%7Cc1f86b7a3ed4b91163f2cbb1b30c06e4%7C%7C54d9f0b9e9753e8eea35b5f665fa3cca%7C%7C694238354c66de7f06fd5839587f4b43%7C%7Cefb8a30f9a2bc541fb132b95c77458f5%7C%7Cc6c926171176942d3e32118aa236ed54%7C%7C1629390669,sca:%7Bspg:54370028-ab57-8d4f-dd18-1bb8ce7c6593%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:49 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 88AE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvM-CShnVM1PJUZRg--w_kYvP8mF8ohcdzDx4G8p6PRzFnmxUmuED1nJIrG_05a5WFA2ZKE0H4Cab9KLHOS1k_KDeGRETyVDWizli2afmX7K0PvENzTcP33APAduPR35s&sai=AMfl-YRVljgPiIgveC28inupCBFdi2ISbQEgquFQ2uYMkByO2YpKgxBvuQdPIjApmvwoWU7z0uW9z6MA8QKNP9-PRVfA6xQ9H11M6gCN88Esmy6HvvoFEH4luN9u_ZUp&sig=Cg0ArKJSzKCp6I5461fJEAE&cid=CAASJeRoxp_kUA1xV9cpxJLpygjNyzhBpyU21Hk95SpQdM9RXNEUdzk&id=lidar2&mcvt=1000&p=601,1300,1201,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220810&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=947194105&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660580207596&rpt=1631&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 88AE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1007518&asId=cedb9eef-94d9-cf5d-2488-92d0611d9038&tv=%7Bc:lnqHPX,pingTime:1,time:2369,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:79%7D,%7Bpiv:99,vs:i,r:,t:1368%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1368,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1304~0%5D,as:%5B1304~300.600%5D%7D%7D,%7Bsl:i,t:1368,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~75%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:95,fm:teB3jMV+11%7C12%7C13%7C141%7C142%7C143%7C1511%7C15121%7C1513%7C1611%7C1612%7C17%7C18%7C19%7C1a.886862-62195781%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b.886862-62195778%7C1b1%7C1b2%7C1b31%7C1b4%7C1b5%7C1c%7C1d*.1007518-62065264%7C1d1%7C1d2%7C1d3%7C1d4,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:1513:7870:1516:401d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 Aug 2022 16:16:50 GMT
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
logo.svg
s0.2mdn.net/sadbundle/3708803198342480291/images/ Frame 3203 		1 KB
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/images/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b8d9056b9112ad3d82301cafa1409a5439cd622ad7bf612752d9e458860546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
625
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 08:19:30 GMT
f1_image.png
s0.2mdn.net/sadbundle/3708803198342480291/images/ Frame 3203 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/images/f1_image.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcdbf0800dcb2ad6d63a8157f03a0f6f1c1e865de2878a6a8b35bfdaaa897131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:19:30 GMT
x-content-type-options
nosniff
age
460640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63162
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 08:19:30 GMT
f1_image.png
s0.2mdn.net/sadbundle/3708803198342480291/images/ Frame 3203 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/images/f1_image.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcdbf0800dcb2ad6d63a8157f03a0f6f1c1e865de2878a6a8b35bfdaaa897131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:19:30 GMT
x-content-type-options
nosniff
age
460640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63162
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 08:19:30 GMT
logo.svg
s0.2mdn.net/sadbundle/3708803198342480291/images/ Frame 3203 		1 KB
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/3708803198342480291/images/logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b8d9056b9112ad3d82301cafa1409a5439cd622ad7bf612752d9e458860546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3708803198342480291/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
460640
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
625
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 14:12:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 08:19:30 GMT
Tuitype-Bold.woff
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 610E 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/Tuitype-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 17:42:47 GMT
x-content-type-options
nosniff
age
426843
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33164
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 17:42:47 GMT
Tuitype-Regular.woff
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 610E 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/Tuitype-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 17:42:47 GMT
x-content-type-options
nosniff
age
426843
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32792
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 10 Aug 2023 17:42:47 GMT
Tuitype-Bold.woff
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame 419A 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/Tuitype-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/fonts.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 13 Aug 2022 08:11:11 GMT
x-content-type-options
nosniff
age
201939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33164
x-xss-protection
0
last-modified
Wed, 18 May 2022 15:39:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 13 Aug 2023 08:11:11 GMT
Tuitype-Regular.woff
s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/ Frame 419A 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/Tuitype-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5949325981360586752/728x90-Live_Happy/fonts.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 04:46:06 GMT
x-content-type-options
nosniff
age
559844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32792
x-xss-protection
0
last-modified
Wed, 18 May 2022 15:39:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 09 Aug 2023 04:46:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEJ3WqS89bMPKGS25FW3VPvs&google_cver=1&google_push=AehlK4Cj6cHfDDChLi4kKyjvKMq2ZC2Q7VaTn38oCBpdjFuok0mP5c4I3KcOIB9O4oHGsCOVilyZmEsj3UZ1OThvBCmX3effRs2kHQ

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| addthis_product string| wp_product_version object| addthis_share object| addthis_config object| addthis_plugin_info function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| __cfQR string| addthis_services_loc string| addthis_services_loc_mob object| addthis_translations boolean| __@@##MUH object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks object| _Hasync function| gtag object| dataLayer object| googletag function| rdmode object| google_tag_manager object| ggeac object| google_tag_data object| google_js_reporting_queue function| HqyLazyload boolean| __cfRLUnblockHandlers string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gptAdSlots object| interstitialSlot undefined| staticSlot object| anchorSlot object| vmpbjs object| vpb object| adipolo undefined| google_measure_js_timing object| gaplugins object| gaData function| chfh function| chfh2 string| _HST_cntval object| Histats object| vmpbjsChunk object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| Criteo object| _HistatsCounterGraphics_0_setValues object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

49 Cookies

Domain/Path Name / Value
kooora4lives.net/ Name: __atuvc
Value: 1%7C33
kooora4lives.net/ Name: __atuvs
Value: 62fa716c2aac12bb000
.addthis.com/ Name: uvc
Value: 1%7C33
.addthis.com/ Name: loc
Value: MDAwMDBFVURFQkUyMzI1MTkzMzAwNjAwMDBDSA==
.kooora4lives.net/ Name: _ga_6XQ0HCVXZH
Value: GS1.1.1660580204.1.0.1660580204.0
.kooora4lives.net/ Name: _ga
Value: GA1.2.1976694.1660580205
.kooora4lives.net/ Name: _gid
Value: GA1.2.1491330722.1660580205
.kooora4lives.net/ Name: _gat_gtag_UA_150096121_1
Value: 1
kooora4lives.net/ Name: HstCfa4625840
Value: 1660580204907
kooora4lives.net/ Name: HstCla4625840
Value: 1660580204907
kooora4lives.net/ Name: HstCmu4625840
Value: 1660580204907
kooora4lives.net/ Name: HstPn4625840
Value: 1
kooora4lives.net/ Name: HstPt4625840
Value: 1
kooora4lives.net/ Name: HstCnv4625840
Value: 1
kooora4lives.net/ Name: HstCns4625840
Value: 1
kooora4lives.net/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.kooora4lives.net/ Name: _pubcid
Value: 4a21c4cf-3aac-417e-98a5-3437ccc70679
.openx.net/ Name: i
Value: 4a21c4cf-3aac-417e-98a5-3437ccc70679|1660580205
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.doubleclick.net/ Name: IDE
Value: AHWqTUnF8O2N7Te2FL_6FFjDkRayHpoTsWGH96cri5y3C9eUE71l9TBY85scGzyZWJk
.kooora4lives.net/ Name: __gads
Value: ID=a2009fd45f95b087:T=1660580205:S=ALNI_Mb8RnErqyf4n6vVb8TKQuYVMwm1xg
.adnxs.com/ Name: uuid2
Value: 6548816398343430637
.rubiconproject.com/ Name: khaos
Value: L6UYKV53-15-3SV4
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpvDBJVh/8ds7JGe4Ni1ThWK2euPP2lVg3CRi4Lg8bJK+A87XDnulTR9xn+HVIwlvMpM2sIN5l8GeBxGCOXoSK1rBxTzh2elvfc6UO785F0Pw==
.casalemedia.com/ Name: CMID
Value: YvpxbTNHY8ri1u91sak5PgAA
.casalemedia.com/ Name: CMPS
Value: 1135
.casalemedia.com/ Name: CMPRO
Value: 1135
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?hpnQN#!]tbPl1M>e)ZlrFUfJ+tGXxp.Z472sKF0bO?ns5>Sf4ZtKBd#G_/$-f3?q0N3If)y3KL9D3I?+VOgoJe
.doubleclick.net/ Name: DSID
Value: NO_DATA
.spotxchange.com/ Name: audience
Value: a9006d16-1cb5-11ed-b7f8-1d7abbad0506
.yahoo.com/ Name: A3
Value: d=AQABBG5x-mICENF0pJZUwv2FvWD7RjxWD5UFEgEBAQHC-2IEYwAAAAAA_eMAAA&S=AQAAAvx1oU-QqzndGrvg6J5NKTk
.casalemedia.com/ Name: CMTS
Value: 1120
.blismedia.com/ Name: b
Value: 62FA716F7CC8DAB9A7E111EDBLIS
.ctnsnet.com/ Name: gid_CAESEOCAhI_Cz52lsQPbVMZXr6o
Value: 1
.ctnsnet.com/ Name: cid_2825f744faa04ac78ed0640c5157875c
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-73eabc84-880f-44e0-af9d-957e111354f3-003%22%7D
.adnxs.com/ Name: icu
Value: ChkItMSAARAKGAIgAigCMO_i6ZcGOAJAAkgCEO_i6ZcGGAE.
.tribalfusion.com/ Name: ANON_ID
Value: aFnseFrZcAQ8BqEr73ydwNxxomZcyuOhdkXmSVmVTTLV1uiERHvCZdrKVE050Fgl2So43qDv0Uh8FTnaGGsZbSpt
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-73eabc84-880f-44e0-af9d-957e111354f3-003%22%7D
.360yield.com/ Name: tuuid
Value: ba3172b7-bbaa-48ea-87b4-63f0edfe4604
.360yield.com/ Name: tuuid_lu
Value: 1660580207
.criteo.com/ Name: uid
Value: 0a140c59-f5a7-4d3a-8ebe-2338e5c27758
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~26ls:18yx~26ls"
.quantserve.com/ Name: d
Value: EFABCQHuJoEA
.quantserve.com/ Name: mc
Value: 62fa716f-e6aae-208ec-131d2
.kooora4lives.net/ Name: cto_bundle
Value: AXR83F9xSXRuU0RndEd0aXFlSnJvZkZjNTd1QUNyNjNYQnRDN1BiRmpyUkl2ZFF6Q1BSdmF4TzhxVVlzSGJZanRqWiUyRndlS3hYSEdRcndjcGNwUXZSTk1RM2s3cmdiZzg5bldPdnpPMDRPTVhHR2tzTVYlMkJPYzZselNOYlY0eno1ZDRYb01Lc0JNcnZlMHVxV0o4Q08yaG8lMkZjSXclM0QlM0Q
.kooora4lives.net/ Name: cto_bidid
Value: 1cXFh194THMwRWc3dDlFWjMySW5HNUlZdlFCVVRuakFEJTJCVG9WJTJGY3NFMlVmMmk0MElZcjQxcXBUUVJkJTJGNGR2dzg0YmhBTTFuSkt4VFhVVHBRNkxGcEpER1AzSGFST0NYTm1tNjZvVG94SmpHR2U2TDBtWkZBWXR0aUxUOUlMcXhnampMRQ
.mathtag.com/ Name: uuid
Value: 4b0862fa-7171-4500-a763-eb8a6394786a
.mathtag.com/ Name: mt_mop
Value: 4:1660580209

40 Console Messages

Source Level URL
Text
other warning URL: https://kooora4lives.net/home5/(Line 72)
Message:
<link rel=preload> must have a valid `as` value
network error URL: https://www.kooora4live.com/wp-content/uploads/2019/08/download.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-2.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4-3.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.kooora4live.com/wp-content/uploads/2019/09/HellasVerona2018_7_29_15_11.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.kooora4live.com/wp-content/uploads/2019/01/1378025755.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.kooora4live.com/wp-content/uploads/2019/01/egy_ismaily.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-2-6.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-3-5.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.kooora4live.com/wp-content/uploads/2019/01/download-4-2.png
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://kooora4lives.net/home5/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://kooora4lives.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

505a3f66284cc1668cac91cbe07050c0.safeframe.googlesyndication.com
a.tribalfusion.com
adipolo.com
adipololtd-d.openx.net
adservice.google.com
adservice.google.de
ap.lijit.com
api-public.addthis.com
bidder.criteo.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
ghb.aplhb.adipolo.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
jscdn.greeter.me
kooora4lives.com
kooora4lives.net
m.addthis.com
match.360yield.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
player.adtelligent.com
player.aplhb.adipolo.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
s7.addthis.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
us-u.openx.net
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kooora4live.com
www.kooora4live.tv
www.kooora4lives.net
z.moatads.com
google2waycm.netmng.com
prebid.smilewanted.com
s7.addthis.com
103.229.205.243
104.18.18.126
104.18.19.126
141.95.98.66
142.250.185.98
142.250.186.130
142.250.186.66
147.75.85.234
178.250.0.157
178.250.0.165
18.156.0.31
185.184.8.90
185.64.189.112
185.64.190.78
185.86.139.115
185.89.211.12
185.94.180.125
192.99.8.28
2001:4860:4802:34::36
205.185.216.42
213.19.147.45
23.47.209.169
23.47.209.72
23.47.212.127
2600:1f18:1aca:4281:1513:7870:1516:401d
2600:9000:206e:9e00:1b:5138:8a40:93a1
2600:9000:223f:1000:8:48e:53c0:93a1
2602:803:c003:200::31
2606:4700:20::681a:1cc
2606:4700:20::681b:4171
2606:4700:3030::6815:4c13
2606:4700:3032::ac43:a1bf
2606:4700:4400::6812:230b
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2002
2a00:1450:4001:806::2001
2a00:1450:4001:810::2004
2a00:1450:4001:812::200a
2a00:1450:4001:827::2006
2a00:1450:4001:827::2008
2a00:1450:4001:828::2006
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a02:2638:1::3
2a02:2638::1c
2a02:fa8:8806:20::2040
2a05:d018:d29:3601:3405:9d23:f6a9:4d9c
2a06:98c1:3121::c
2a0c:5c81:5142::2
3.125.201.50
34.96.105.8
34.98.64.218
35.186.193.173
35.227.252.103
45.133.44.3
45.133.44.4
46.105.201.240
51.89.9.254
52.17.82.33
52.208.181.213
66.155.71.150
72.251.249.9
00c71abef781583241b6ff6df83c3e4f84267becf1df03c3a8bf712e14b4f0a0
03912f378f86c12ea02d7f3cf7a8e10fd6da5df7619ab63d0699c421484d8b0e
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0623400c6e473fd194940db33d25d3aa470f8b4cf0ca78cdbb57a11473fbcb05
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
09116db47352e59eca013b0eb39727769454564d8c6c962721af498921615af7
09aafcbe0b5a138c671d01616024d1b99225297c6933fba67256159f7085f5ad
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
0aebad28b5263e05a2d0144059201bcc27b764bfc2cc25543bc5e2512f9358d7
0af374f8cbcb355cb1e9761a08c2d41400bf81b7f9ad176ef22871d31bc31ee6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0caba294bb8740381a099642aa855cc91f4083c8422f450b3fb08e1f559bcfe6
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1389b54a5b3b77f6006fd94fe19d136f4f6f7ad5d6869f0566370ec3f5ce901e
148de0e06a5eb3895d0d1c671d3cc73fc6ef37f8b3f9cdcbe1ec06e06eb18d7b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
1c16bcbbcc1702c52c4fa4c374c48f111fabf012e30ba556dccabdca3129d2e1
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
1cebfb002bdd137fe890f3ac723fa39d2b3f6856b423aca145fb2da70f0063e4
1ebaeceaaabacbb7ab7fbbeab382520ce9a52f76fdb36e5f98b415d169146273
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
22f73f8a886438e89bbe9513cc07fe9fbc038b63117ac55c58c6a039fbd02ebb
22ff64cbb8c7f9fbe375621fbae4c9aae6755c6142d876199b5cd166f9381862
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
252af27dff2d714fae7aae5783d33fb6a2f5089bd387717569317188c63c2a3f
25326005a57ce31c6843057f3f91d2da94a8e61e46c734557cbd7f48b49bc8db
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2757f97bf973b84d3ad98c080ad5df8e488c2aa6fa76cd48f1536f4105d1218e
27f35250bb878747b818e2264255e07ec6d3bb732f367a76769154f072fc4af8
28a41b3753a143974fc4d4fa302d3ac388dcfb8ce3d47bf230f7d091eadbe868
29b763c86cde423f25cb897c794bc469c2c475bdf5bb4211896e6e0f47c097fe
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2c73a5b20581f204d18eeed84fb2bb4f4e955b1d9b410135ef37b29a8340a2c1
2cdfcf80dbe653df2e03e8c4b5e0acc233a229248a950a0468ecb48e96250937
2d58d46be1f35b78ccafcab30011144eeaf985c95227ab27d683fbb46cdf2ca9
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
324df5d117a1e138320b145ee863862c09b3c359086380979059daa4962f4c27
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
338cc71e3573fc434aa46c637c9d7b2706e57ee1b893417aebc91308b0254f38
3541a14008d02321f624900172778cd8ba2700ee9b3b10554564d373e346b903
36099920524d1907123967edf40d02849de4ef734e3d800599df85dd803ae786
362e1485a661dee5c278fb4810353137f67368cc96edfb0e723791e8569befa3
36b9f1d1dbd37e4d6b2dd7b9e9d7e679d655f5e6981e3f7088d6038b9e63c251
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
38d08cb91aebf6b33bb560d39265b174413c0112c64ad9a214cf9252336e266f
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3ab9eb1b5e0926e9778eadcbb34fa2718370ac32ee5be934f4557ee77e2e8390
3be04c8034b473853c28bd1dae1c3cba91c85aef00667072bb4e886469472874
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d3f8b7466479b2c40a3dfdc1a28d38195bdc4c78fff4ae5e69e7546041409e2
3f077ef0e063f281d6c40ca6ec9094f7c0606eef8be03c873d525cfda2167c41
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
40b3a46475b825182ac5d1b4f2af94645a23a5b6f7a71add8740c105135aa074
40e626a14b6e8a49477187edea06e113acb39707c4cadb38270c1aeead71632c
43b5cdf6749fa87750231c937ae08edb61910afaf11f790291192ac30e50c57d
43e08bfd6875e8d464d705bd0801528ce3b2138ddcebf2f2b969c7c7b0326f80
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45ba8cb65f35489fc6d6c2aea04344fe107f3dfda6541f112ab05db5ea939a53
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
4775bafc6404ab4de18fabb0fc0559f5c1cc744fc687e410ef5e7c25e1b8737a
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
49da9ea975537d77c8a0694d2633e11645beeeaacdc75f2947c54dba87ef3075
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf927bfe5c37fee626b3bcc1595b82a10859d654d2e6f3b0315c75bdea5575e
4c60df5e98d693ef7d48c926bf05344d394820eae128ea5d4c6dff72f00ff790
4cc51fb3fb598540ef85748a190234e98b80cdd522f4fdfafb8b18e2302abc6e
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d10740b06b07cd1827829b128d21765c7929951fc8c603f2dfa4e51bb51c696
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4df8c7b50d6971f55f7871997915028ac4c5c66d72212bd8d5ff8b8db1ed8483
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5cea11d89879256ceb7fa6b67d30d98e0357d89a171e21304ffb627aa2c6a4
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
4f38aea07cdc4bdb169d4305ac9c3219e8924a88a2a0adf8fe9ce4be1fb5fbaa
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
507add04d1c6597d1eaca7599452be07bd58c4fca04d195808df2909d610d9e3
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
51aa81faccfbbf6a4fc2bec76bb4babfd40ddc1cf741b73cbf6ee5b06a0021b5
51ec9422eecc62d3a9be404ca2035d02c21a378e7790c24e5be14f22b5660ad6
521365901c12bb2fc89e6f9c632a73f8e26657c9f7c8eea5ca0aec6db60c44a3
53b8e119aed83815ba6c2fa51e63f3760a1a6ecc0131a8b2a35b695c746ddf70
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b8d9056b9112ad3d82301cafa1409a5439cd622ad7bf612752d9e458860546
55cedd4ea3b5e768b24238b50f0747de65a142c975c017270e8ee1df3d6a3783
56621134dbdf4ed410909e14c5e2002526b45365338218797b3fc3ce729b525c
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
58d20b395498a512b296d794230b903cf34a2c6bb1f825f4acb0d25f0ab051d2
5b0934982fbf009855aaba2206fee5d3b65ef0b180d938ef4ec7816def7dc2a3
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e11c6ec3cfc264f3fe11d67495dc083c08d5e33c753f26fcf0a9fd17fca5d8e
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6650f4c535db13b6643e25c473e0ba1858fde8e5b37129ec23068fe5fb2604d2
6914756a2773260c86412e094f95cec7ca06be35b44217badc1d1d8bce201257
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b3b8399546b78434059bfb7b2a2a5146bc214022c795469c0d58e928ecb02dc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb3300ed90f4dbdc87391cf6b0bc8910c6f4e17416478e6fdcf10ebb880b485
6c3dd6689d03d2746a8f88a0b532c6017066bd0bf7f9da9c940ebb401d5cb72e
6f039a988d1611052fd690332adcf2199c47eebcc77fe9926a084a2e316216d6
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
72d2367dc35967c758f93deefb69e76a1cfed9be0dcab06fc8ae2bf8d37bc879
7361bd273038993e79464f99516b2bfe32ec15efef459c2eed74ee00d4ec0267
7503538f0f25a5032b4e9ba160febf3b3d55ef6301e8dae623f42e9c7c227c30
757c6dc6f0497810e93559029b21701920c7d217ebdd2a276fa308bc53fa7765
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
762ced6ac749175aabfbf445490de73743d8e728b094a1132efde6bc3ff41312
7897757471988b6dda805254de287e19033514ae748b13569acd29dd275c8d26
78d707e764332efe4a8d928a8726b495449073194bf4b9ca22856f08d5cafb8e
79560bb312c5dbb1cbb91575394a5b7aa0d9cfa93f9c79bb7dfa99c31c0b5ff0
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
7a2f9d442f2bdcfc85728dbe33d891a4e160d31a22e80811519cca5e4493ca00
7a7dfd2734ca75fc47845a64852c3ec5869642c6680a400baf9b2f651144d8f9
7adf252d334729901b1558c68f0924f30c1f34be6791c6845cc72a838b85952b
7ae6f1d9a918fb412bcbed79d9d2c6a2b0321b2864b0253b637ce5c8833edbe5
7b4fbd6cf87898b005b09546b1c4e82654918b11e5f64ccb8fc32ea0a04e237a
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7e4125d7ee9cc3e7fbabb6c7822a29c5221b86dc81c6e3202a7c8135c27e9c41
7e69a796c9919800ce356d77445542042a7679fcc19c74ff87731d66855415a7
80bb69741db448f3b58f43aff2b7e77c86d9a5816accebb8a7d9349f5869e007
81976775fecf2752aa0b89d19da6a7d0c318f2db7894a7202f60cf50bdab31e6
81a715a005dab92c5e151eb5760ee6a14377f38a39257e600320f8fa3d7a36cb
8282e50a4d12b5455a3883369514eccbf5e3b3d816379d50234e72d432271589
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
854519d07d155c90609264652626944b998fdf68a153e9a5b8c44173d401329e
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
8672285aac8c7b5d45db408aecd5667489593fccfce479dfed78e6ff546bec6e
86ba14a7f07211d538234cbed845fa7ab540607704f5b54218748554c036898e
86f00d426a97fe13ce9b0eb570e10126e62b7b4181ee7de1f12a1d3c1b7fa8b6
880d32dcc497aee64bd822845df3620fc8a37f6eb1e972322edd41cd1122fe4d
89030fae640e95fdeacbbf8785c8de9df17c6532eef863dda68b8be210429969
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d89a2433e7f8f1ad47940635423c18359783fd7d659822733b556e00d2bc558
8ddbf7aaf7599952a778f62b98829702e3f9e0d253947292af8c2cefb1a26006
8e4dbb1fb608ae3d59dac5806cc90aa10e1113cfbf61e07c46b2dc1564245c1d
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9336ed3d7868015a47fb34ba7c7c90c80f50d8b12225dfc4abce2cadb97bb906
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
943bffe44175fda268b40ed3fecfcf77df13d166786504fa59f30567319d9a1e
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97cdf067606c37c831a54b3ffc71cafb94ff1f4db84a1ba620b2e9e43cc1084d
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab6ab06fc61aa1d2555b475051833b26e53725e01d80ded3d03b5e9d58a2c38
9b1f6139cd11db9f41ef24575cd59d3f14cbd1c239ce23aa887ef1ad8b3756ed
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9c5c65b03ca907b7c00d725a83a860c1e4be9d1b970c43b99d025036dc34e81c
9ca835533fc4836f0ceefea006b64fdf2ff220e4af8c7f35f9feb0578ef1a963
9da24f671891e5ff2df9d55e23a7e33a8bfd30f868319676424ebfdf661af118
9f6f9937e14b476088dcf572745a8072db1eb2c1878c7c58ba8ffd715dcb22de
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0431cffe9247b5ff61fb5147852361e0188f6ffe913c1d9fe9331f8ea15193f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2041c7780dcb51eb3a3318ba9ad92f69e5dcf1ee0af75bda2b430353a2133d1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5058b99711c8d31df84c692eb21b0a93fb30a143ab3617bd9ef02bd6c3631d9
a62e9d9ac894cf125dbc3ec1a55f9e6ead5e47d27d64dc5ca96dcb936d50c009
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7376fb82a98db2648618531d9102664c07f741d3d25501ffb9d5b7103525777
abb0206f3e773a71b30b0f6990bb337cf82016a0caa37d942ab99f717d8cca56
ac67015cb3ca96f5e11d6a661c1c29879a1784fda0bd19bb6a213896fbd6b0c3
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae6d0a19bf5829c1066cfa6fd7b49f731bf2ef2e2782c7e5a4310f4613d950ac
aeb925bb204a686701ed5795fc9a381422a479fca1cacbe35de200ac65319988
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15891f6bdc27b2e7c54f1a6fecba562ea0bfc86f8ea85b63f1f54a420c30264
b1b682cb1fee45d7f80c900aba4d8ddcb18ac1016dcf38ece495801ac65eb14f
b1f959ca012d693a20ae3db7bb5588f7700bcc26cad771ab82f63a9898978da5
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b41d60face1b293297c046e0486070665b3b27a0225510b272064c31c278e628
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b6b3b484d4e929920d22052e680577b181eec29fb6dc2aef0c14dd2893d55ea5
b709afb372809319f70bc935339698a4e4ca0c460ee9dc1c909dc3011481242e
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb9b14d41c6b4f0f348a5401c40bd00361561e6712c997e561293c2d75ed115f
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc65cf6fd1de3844f8917ea965dd4b2cdd2155b339a0069237abd91bba18a607
bdae4ac450183f6d7ca50674936106de454842678c01186e9df089fe93f0caba
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf6ec42c97f86957a324a484a37dd528b568a9ff2570965be53e6ec4b0dfdae2
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
c03953fc13eb8db32714771621a082908c0944fc8bd3dca7ab0dc7734f10bd77
c09540d1e35176156b7ddad95ac7951d53aa7323bb98a2c3752a2b06de41edce
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c0fa2f21c8e1c0510b7777125ce974909bcfa976966b539844fb618c763fb1f8
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c5cdd831bbd25444ecfae13ef4db01e352c956de5463b21db8d2f2039ec4c9a8
c60e3aa73627a9fa0a352e64d12c004924052cc0fbe4b45ee08fd831447fef07
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cb607c4a02dabd7e4e7432b10b3291994b83f9c1bb00701aec6b0f64fa286d37
cc487336acb3ea5ed2cc6ca09757137d612286c0ebb00587a997ecbea9053546
cc7154e7e7fdd3d5dbc82764f1a95a5ed863553b8981324adc409172e2e90184
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd5619e0897c78252e40d1faeb490a78702d0bfed74ea0771e40fc5e1c5a4424
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d20bb381e64f0051aaddc86758c3f2142c72117d257dab44b09463ddd53b3898
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
d536311d78572132009c2371c9645d2ae080d998994484171fd0527ddfc5765f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8c034489d224966983975ac2fad51a4e90bba2e0b0519276b73455abc205f83
d96da7a2ff4125250016ce45e9c7681efb880de8491352e46a7062f86f5c41cc
d972ba62fd9b9e40319720b47746fe52a23d877bb06a017b5e0f98c8e36d7e6b
d9b3fc71cd002392e14df90c7073a171b566cb614624014f4bbb5e51cd0a76dd
daa2101a8136cc4ea1e6ebf6f6064808dd5018045a821b7061ca6e7462aa68db
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
ddf761184bc9a6142fc2a021134a7c37e1a54863fc0d3178ace17de73169d8bd
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
deb8237504c89676bea6de8c9995746c9b150c0a7ba958372aea28d3874a7358
df544db2e8b010512a5ec168d3a9b91355c7197d04a1b29325510e29405e6e0f
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e1785cd16abf8a5b653b566a70daae72ddda696445bd3b40b810d65137e23985
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30968adc87cf32a62d42eeb8fc525e25ff13213a0b398c8bd0de110c3d25d86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e85057cd586e863f939dba97e7088f658a7d5e7ecc77f3d22f5c2d4f86a12194
e8d245c20017c8ded328ee520b0253ce7d2d1743fcf1ef8dc65fed31b89d4cf2
e9623afcb3e728bc832a4b258193e255c05ff0be3227176b2742f6b523b0d569
e9d89b28ee52b9c2c406ad9b964191c6b2c67272a356743076a0a4750c91f1f1
ebb9f330ec4ad29ffa4b57c7a31a56861fd4561c1f64ca35dbc0c8ec33f0fd6f
ecdfdc69165947796c823e17809e96fd38b4b9e759555c06707661c0621c9a33
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01a9bc4e78790459c7127bd0cda22c56ed6e92744c1653fba9dc071b59a633a
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f3e946036f5c6423b17d856fa108526605170a2f5402c2e3b179a887e376c0d3
f473e2e27bdd5445f09bd1bf319e1c05f741746dc47a2a7292602eacf02d5ea7
f70e21f986e952c4c99ddbb0226df11b3de722b1050153a767451b5c3239d27a
f7e5a376db6bd81f33e6d347fa0834ef6a64ed844233f593f9b2930e071ee526
fb44b647fb1b4d0669c228bd44b21eba0120a5c6d360fe2a6d81875875918814
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fcdbf0800dcb2ad6d63a8157f03a0f6f1c1e865de2878a6a8b35bfdaaa897131
fd531f9dde4d22dfe6cdebb61d03aaaaca6ccd5ba6b8e09b8f50e9fcfa6b6314
fdd18201a6cb60ab66f00b5be90de59e0b835fc14e373fb3131016f7cd96b828
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc