urlscan.io logo urlscan.io
SecurityTrails logo

kooora4lives.com Open in urlscan Pro
2606:4700:20::ac43:4740  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.kooora4live.com/
Effective URL: https://kooora4lives.com:2096/m2/
Submission: On January 20 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 56 IPs in 8 countries across 55 domains to perform 327 HTTP transactions. The main IP is 2606:4700:20::ac43:4740, located in United States and belongs to CLOUDFLARENET, US. The main domain is kooora4lives.com. The Cisco Umbrella rank of the primary domain is 744737.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 19th 2021. Valid for: a year.
This is the only time kooora4lives.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 25 2606:4700:20:... 13335 (CLOUDFLAR...)
25 25 2606:4700:20:... 13335 (CLOUDFLAR...)
3 37 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
11 142.250.181.226 15169 (GOOGLE)
2 205.185.216.42 20446 (HIGHWINDS3)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 45.133.44.3 39572 (ADVANCEDH...)
10 2a00:1450:400... 15169 (GOOGLE)
4 2a0c:5c81:514... 55081 (24SHELLS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 51.89.9.251 16276 (OVH)
2 147.75.61.140 54825 (PACKET)
2 4 216.52.2.39 30282 (AS-INAPCD...)
2 178.250.2.131 44788 (ASN-CRITE...)
10 34.149.20.76 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
51 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.251.5.157 15169 (GOOGLE)
1 108.157.4.26 16509 (AMAZON-02)
7 32 142.250.185.66 15169 (GOOGLE)
2 4 184.30.24.241 16625 (AKAMAI-AS)
2 3 185.33.221.11 29990 (ASN-APPNEX)
2 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
8 172.217.16.130 15169 (GOOGLE)
3 4 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2620:116:800d... 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 151.101.194.49 54113 (FASTLY)
1 1 35.190.0.66 15169 (GOOGLE)
4 4 3.126.9.108 16509 (AMAZON-02)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 213.155.156.183 1299 (TWELVE99 ...)
2 2 18.196.197.61 16509 (AMAZON-02)
2 35.227.252.103 15169 (GOOGLE)
2 185.86.137.121 201081 (SMARTADSE...)
3 4 18.156.0.31 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 15.197.193.217 16509 (AMAZON-02)
1 66.155.71.150 13768 (COGECO-PEER1)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 2600:9000:223... 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
3 3 13.248.245.213 16509 (AMAZON-02)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
3 13.32.121.66 16509 (AMAZON-02)
4 4 35.156.69.231 16509 (AMAZON-02)
1 142.250.185.70 15169 (GOOGLE)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 5.135.141.80 16276 (OVH)
3 13.37.12.217 16509 (AMAZON-02)
1 51.89.42.88 16276 (OVH)
327 56
25    2606:4700:20::681b:4171 (United States)

ASN13335 (CLOUDFLARENET, US)
www.kooora4live.com
25    2606:4700:20::681a:d53 (United States)

ASN13335 (CLOUDFLARENET, US)
plus.kooora4live.net
37    2606:4700:20::ac43:4740 (United States)

ASN13335 (CLOUDFLARENET, US)
kooora4lives.com
www.kooora4lives.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
42    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
jscdn.greeter.me
8    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700:3033::6815:2de (United States)

ASN13335 (CLOUDFLARENET, US)
adipolo.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
10    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.ae
4    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
adservice.google.ae
3    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
32    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
2    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
10    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
51    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    142.251.5.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f157.1e100.net
bid.g.doubleclick.net
1    108.157.4.26 (United States)

ASN16509 (AMAZON-02, US)
choices.truste.com
32    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
4    184.30.24.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
8    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
googleads4.g.doubleclick.net
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    2607:f8b0:400e:c08::78 (The Dalles, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
3    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
4    3.126.9.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-9-108.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2a05:d018:d29:3605:f8ff:4e61:fc04:1ff8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
2    18.196.197.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-197-61.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    185.86.137.121 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:4007:2d::a (Ireland)

ASN15169 (GOOGLE, US)
r5---sn-25glene6.c.2mdn.net
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2600:9000:223f:ac00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    13.32.121.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-66.fra60.r.cloudfront.net
choices.trustarc.com
4    35.156.69.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-69-231.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
2    2a05:d018:24:b002:6973:f435:affb:5901 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    5.135.141.80 (France)

ASN16276 (OVH, FR)
PTR: hap2.adventori.com
adventori.com
3    13.37.12.217 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-12-217.eu-west-3.compute.amazonaws.com
tk.airfrance.fr
1    51.89.42.88 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p27.id5-sync.com
id5-sync.com
Apex Domain
Subdomains		 Transfer
80 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
624 KB
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
bid.g.doubleclick.net — Cisco Umbrella Rank: 452
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
ad.doubleclick.net — Cisco Umbrella Rank: 195
429 KB
54 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
gcdn.2mdn.net — Cisco Umbrella Rank: 957
r5---sn-25glene6.c.2mdn.net
823 KB
37 kooora4lives.com
kooora4lives.com — Cisco Umbrella Rank: 744737
www.kooora4lives.com
374 KB
25 kooora4live.net
plus.kooora4live.net
8 KB
25 kooora4live.com
www.kooora4live.com — Cisco Umbrella Rank: 940094
9 KB
10 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1648
2 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 369
mug.criteo.com — Cisco Umbrella Rank: 2864
9 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
234 KB
7 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 913
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ups.analytics.yahoo.com — Cisco Umbrella Rank: 283
4 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
2 KB
7 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5710
ghb.adtelligent.com — Cisco Umbrella Rank: 5988
129 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com — Cisco Umbrella Rank: 418
129 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 327
1 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
3 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 483
2 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 359
rtb.openx.net — Cisco Umbrella Rank: 1548
852 B
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
4 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
29 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 690
2 KB
3 airfrance.fr
tk.airfrance.fr — Cisco Umbrella Rank: 20234
6 KB
3 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 695
15 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
1 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1255
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 241
3 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1197
827 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
55 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
1 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372
150 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 876
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 560
892 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2859
207 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 868
344 B
2 google.ae
adservice.google.ae — Cisco Umbrella Rank: 59836
914 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1204
218 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1056
736 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2366
23 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 94996
78 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 596
539 B
1 adventori.com
adventori.com — Cisco Umbrella Rank: 4549
17 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 702
781 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 39962
511 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 707
442 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 626
191 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
265 B
1 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5889
125 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 19998
521 B
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 679
10 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 27839
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
421 B
1 adipolo.com
adipolo.com — Cisco Umbrella Rank: 88330
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
0 atdmt.com Failed
ad.atdmt.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
327 55
Domain Requested by
51 s0.2mdn.net kooora4lives.com
s0.2mdn.net
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
42 pagead2.googlesyndication.com kooora4lives.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
bid.g.doubleclick.net
www.googletagservices.com
ad.doubleclick.net
s0.2mdn.net
35 kooora4lives.com 1 redirects kooora4lives.com
32 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
32 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
kooora4lives.com
imasdk.googleapis.com
s0.2mdn.net
25 plus.kooora4live.net 25 redirects
25 www.kooora4live.com 25 redirects
10 ssc.33across.com player.adtelligent.com
10 securepubads.g.doubleclick.net kooora4lives.com
securepubads.g.doubleclick.net
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
kooora4lives.com
8 googleads4.g.doubleclick.net kooora4lives.com
8 www.googletagservices.com jscdn.greeter.me
googleads.g.doubleclick.net
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
kooora4lives.com
www.googletagservices.com
6 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 pixel.advertising.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 ups.analytics.yahoo.com 3 redirects googleads.g.doubleclick.net
4 x.bidswitch.net 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.google.com tpc.googlesyndication.com
kooora4lives.com
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
4 ap.lijit.com 2 redirects player.adtelligent.com
4 ghb.adtelligent.com jscdn.greeter.me
3 tk.airfrance.fr s0.2mdn.net
tk.airfrance.fr
3 choices.trustarc.com choices.truste.com
3 mug.criteo.com
3 eb2.3lift.com 3 redirects
3 cms.quantserve.com 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 player.adtelligent.com jscdn.greeter.me
player.adtelligent.com
2 sync.tidaltv.com 2 redirects
2 static.criteo.net player.adtelligent.com
static.criteo.net
2 image6.pubmatic.com 2 redirects
2 r5---sn-25glene6.c.2mdn.net 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
2 ssbsync.smartadserver.com 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
2 rtb.openx.net 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 dclk-match.dotomi.com 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
2 csi.gstatic.com imasdk.googleapis.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 bid.g.doubleclick.net kooora4lives.com
imasdk.googleapis.com
2 imasdk.googleapis.com 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
2 adservice.google.ae securepubads.g.doubleclick.net
2 bidder.criteo.com player.adtelligent.com
2 prebid.a-mo.net player.adtelligent.com
2 onetag-sys.com player.adtelligent.com
2 script.4dex.io player.adtelligent.com
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 jscdn.greeter.me kooora4lives.com
2 www.kooora4lives.com 2 redirects
1 id5-sync.com player.adtelligent.com
1 adventori.com s0.2mdn.net
1 p.rfihub.com 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 gcm.ctnsnet.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 pixel-sync.sitescout.com 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
1 match.adsrvr.org 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 d5p.de17a.com 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 ads.yahoo.com googleads.g.doubleclick.net
1 choices.truste.com kooora4lives.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 adservice.google.fr pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 adipolo.com
1 www.googletagmanager.com kooora4lives.com
0 ad.atdmt.com Failed 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
0 google2waycm.netmng.com Failed 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
327 75

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
t.me
www.kooora4lives.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-19 -
2022-09-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
greeter.me
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
player.adtelligent.com
R3		 2022-01-18 -
2022-04-18		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.a-mo.net
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2021-11-26 -
2022-02-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google.ae
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-07 -
2022-02-23		 2 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2021-12-20 -
2022-12-20		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-01-11 -
2022-03-22		 2 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
*.adventori.com
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
tk.airfrance.fr
R3		 2022-01-08 -
2022-04-08		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh

This page contains 37 frames:

Primary Page: https://kooora4lives.com:2096/m2/
Frame ID: 4EC17842DFDEEFFCD875778E95700C3F
Requests: 100 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/zrt_lookup.html
Frame ID: F2F124BAEA8615AA981087C59FD46A14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8605854106910601&output=html&adk=1812271804&adf=3025194257&lmt=1642690633&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886754&bpp=4&bdt=405&idt=162&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=203
Frame ID: 383CAAC52AA89E809593FC458317C0B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Frame ID: 870DCFA2AD109D64D339DBAECEC05897
Requests: 13 HTTP requests in this frame

Frame: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2C288B5AC32738DE4C0EA3401B10C8AC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 423731C1C14962A76D2A7BAAA9A5DADC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 091D9B543836A410D65E26685A7558FF
Requests: 2 HTTP requests in this frame

Frame: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7A2820FFDBA022F8E536BFD044A57F3D
Requests: 12 HTTP requests in this frame

Frame: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8209D8D6982A5A4F2619EF2F71A5238C
Requests: 1 HTTP requests in this frame

Frame: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB27ACF43B49377C15A9FD8E7BC9A349
Requests: 3 HTTP requests in this frame

Frame: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 56D6067862EC25683E38FD33579890AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNVbsMwcVNMoqKSz1hvAM6xcDhUWG-wnZM0kQ8xfwebvX6uF77gcOUDMQlTgY1QATcWf7oArBs8PBEV34L-nU2MwfKPqVrciSEDB8qUAM8AExkDSCvnPAlw-9Cevs4gMvjsJ9vHGapPRJZnoha06QkrzFBNtloqTCz1dUf-nAnkbibq1q9Q
Frame ID: 74B41B190386F33DD45B4688048201BB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNUUUOOnQ5j0vLvw6dBoJbq3RbLO2Wc6iGgBFd8U1B6T3F_yFBY0-Hu5w4W2kbO0VJ2O-3Z3c8z0tL_TQyhHOEv2znJARSdKKkX37-_GjYEOdjcrz4ylXqYGrfJWgNeb5ApPndVBF6tfZmWTP1nzYXlu081KYs-GS1Ez9axnQSInOg9Stm8
Frame ID: 74B8EAAEBD1A24A654B485A3FEB6DA8F
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Frame ID: 5414B0CD61793C44B6E4CC890E8CD205
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/abg_lite_fy2019.js
Frame ID: F1F6D63282DC7178D89803A771D000DE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxCciKT-AhjvoMS5ATAB&v=APEucNUABlBdn97bJmZ8k3tj7mI5DrQwEtdA2WaJ6WiPkGGkUu7PSfGyEa6EO-rSUwFGenCvKoPLx0EaQ4XyiFjv6QrAY9N1pWnEtPdC_Q2DCJaBhQyicXRsxeRsSMTEToeswBWwTJD1LKxEXmYm5-kXEByZD-5DJMMo4e6i1lc3UsvYFCz7F8k
Frame ID: C0E050A2295BDCCF39A8C35C97F140A2
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7eoOoYcVDtvptDUw_-e1OH6hxl6qgvkfjLhnaBfNo-VB724wEfgOk5TtVINmyrBBJw4AnmxKd_9CIy6a7yTYGqzQpRH1MNqyNEdpRhcRcDm6u2LcilrSPjeZjspoVb4V8ZRLbxV83qh8N060DoVBpc4Nu2A&dbm_d=AKAmf-ClYgm2x-mmK-lPsazUq5B6zkSPK0qZiY-6-8LJNk8hmaHOVHAGBzVbuth-_oMh7QzCrlLnyQBSLLJ-kkPDe72yrw_g-94WdfiXWCTm9suOjNQXuj9AGy0ICGdLAiONlAzKA0EBmRplwiayuJehNhW5Du8xdT6IlX3TPALCLs4UcX2bD3YA7QQsxQJQ--yzTDwj6h3HxkfOV_3LHNRVqOwIUE_sNqQBzf4ajFcrgY-dvOroyQmzfmMSxEuHE2EbE5_-IgJPThamWgrxgwyQeR-kbmPTbelsv9ZYVZBCq05OQh9CwJusnPAYb82hBa29gJcGeXeDjZyMze9xz_F2OkvsysEa0ClJbJXDL67FVShRWkPCcQXQhEiztTkree5zhFSs3ImvQHekfWPPRNYhh04HeNpWlZn5gwzvauRsJHZPvazfw0jLBXe-elyaePSL0HzZh6DvMN5PqJomhmXfsPHDZPTawVjfvctkkH27bKNKaeDcJWeFjBOZFqPeON8j7w_5-pEjW4RcmMtoxmZz4pnNwWpieNdG_lEhrtoPiwLebR_Aut_mjsmMrRIeMXQouixMGTuFCMmACsj3AHYWxDulYV1rgJynGeOTX6h8HncejKLcmCxwppaLittwtLG507-H37ehUlppjlVH8-n__8aWAOUnCsJQXwQgZo_OQdtg5KksCrwSE-b89QH5zXyShQA7xxjYgPiZrsymx5ouiwRBPbudbCUhKdDx1ZJ_khU2jEDLgPUWlBt4KZqg8xOYMyaNLulN8jET74HThB-ZACh7g4UegquEzuJm64MPgo0snR7nvdYeEXz_SHz2D_-H8hbGzJdLZlCcsW34u7z5NVfYXqP-D0cffrMpfnhJ8AcfIIrJwhZeu7XgTsmSSktRRPVULvP0y0KtMMw-sjT991d9GO_ttnc4pNN07tCJIqkEN4FGkmaea5AKttNh-uvTu7GD5S5YJTG5v9bnN3RC9u_Lx7fg2ORXSJ1vuUIiNOhjRkXENhJV5GVMd8Gf5WaHE0zpDxX31YgbSgP0RE2x0cGcqqIu9QtwTN_hdEdu9bO2OaFMR_GWEoPARGPpgOv5Nd15nf1Fy1oH3Vna41GenSNhOB3Kr9ZER0SPWKqFGD43aGcjk8fdAvQIPSWpZYe4tJM2mzWvwOW7qUEKSyKVcN41pF4hLTyaEv8Q_YDsuV_63FwW7Wxi06itXDoZ2Hdb6BGFio7NowebV23gvAV90HZ10zB3pCtkZpl0iQJKFkb06mP-bq_QNrPxUkjD0atwIvlcI8uY8W-YHZp9TUcm4-s5J63j4muzy3HM_NNCEJ-k-Q9L3Hb4-EKxIcAibB0nAZPES7HGymutm6hoOr2zwjm5UYRTJulsE-kZDGpUumXhZWVPORE6hMK7iHJE6bMj8Az7QYvILsOpY38hvhJA5IBejIM_G6txDvt4roN0iaj_DW9dUlb6tFbsyns5sUWteCCFfPYQAqwc_7m353t4rj8uz5inNyZhPkE_dXgLkA3MMfiStrTstdLQdjES_kT9wClmmTF2lF0WuZA0dGycJEUP2B-IYKccqJOmL45xO_ReDU8IhJj7DdvdihaHlDXUaElwU7hXeqHn1I_ZNqAAkCF48-h-q9IpKXQJxveoorM6iAaCtV9DS2m7rUTb1qSB38dmBVw8my4KsHuzBJpbmetCZOMBy4uRtOhLn5FK9eDkQk8bHgrBLMX3BMYPOLTFuneBhhK-xWLPZZAe_3gj1vyI5LgLnKC7CFE-EYvkzNhv3dEFORsGH7ZcTXcMzTzdI9_WDzX0B-KCFB7lZFo9WJoMclwaMa3fXz2qSjP91CCb_26hmhTzF7NXxfBrue-U8fX2N_0HAqLNIjqymLIxfNU9n05zhjmK7PTk3MmBgWzIfx4PctOpD2YKRKI42AuyC283Za6DaWHcHXFTUzSK__kWO_nT-OT8WpBkFltRfpvPECUry4iaPAP2YjEmaaoey9XtT953ORcc-eC-nnyGYTCBsJxZ7oZO0S76m17R_CseURELmVSaNK7-35wmUgdR-rHS7P8y4ZjIKIbVlyglAZM_RzzghrGPsDVtKCexbczp0pfReTV2zrVK0U0_09kyfNPuB9S6p-ReiU-ayUiy6iydnFxc6q-PptX7DXGiA67bTfRb_b7T5fUSYtCmMGefkGQzRb-773bTOb0x6D-x8fbVlMzB7eaFeL00v6DnxFFvO16hZ6eViTUjFo1DY8rk5LkOalGi900eFijfeyPnULykjmB8tnwch6XAhm-2xzO4hOMqU-knk4OCMO8f_mafXGGg_Dr8zQsNIv6nUOZZVD7F1zcMVRM5Mk8cqzv3z_X9Z9WSgX0l_OF0yOiy1J3-eGYNM45v60xobhDj6wW_Da4sS9VagcQVfCxMtWyEv2QGheInZLbsi9uGTUsTQY1kFBAQomFKm2V2n2VPtqk4J9NXGSvaqlO4qfGVpPiHH8G5QSLjsSZFl3q3RGqXdcEbrlB2WRRzS5Wr_XeogMxbJAMg0dZb3Zmy-VADN2GFK33e43-6XhMFFsQrl0Vrzb89sCozXLymzzRgA-49Ucl4gbisYOcpvA&cid=CAASEuRofnJv3bQYhMZsXqnnVzoovg&rfl=2%2Chttps%253A%252F%252Fkooora4lives.com%253A2096%252F%240
Frame ID: C6910FFEA99ECE386C2513EB582BEE1E
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Frame ID: 809637A5632FAD50A8B94C35CA9283E9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A685513633CBC234E6527A751C4655E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54B4717BFD2E9B56BC6E9D9D9B81BE11
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Frame ID: 0DEBE8D88A1F3613CFD8F171CD47EC09
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5716830714289C91C6A5F239D9AFA4D5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D7F2E447B2EB6973B667FC13AE652A31
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Frame ID: 4C5A605B81C11345C334D0C1FCDB53D8
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EB5A9BB3D24DDFE613DABFAF03E40D1E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0DDD1A15E9002F7B442EA621C7DDE84F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 097E8CE5C507704F0E640E358F63D441
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/10774078/1635793268649/index.html
Frame ID: BDE354B9F7162A4C223607A1C951ACCD
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 16EBAFF0A340A3DDB67B719A4FF03C45
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kooora4lives.com
Frame ID: 04BF0E97E8918BBAF9DD629C64CFE7FD
Requests: 2 HTTP requests in this frame

Frame: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6AD2049567839DBCF97F970D2E82B17F
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnv4gEQ04fhAhj32fu_ATAB&v=APEucNUm-pe51U8X6LDcijneM0sSH-nXtNiZTiPQd33eiiEUIT7giCdM_Q-7-Uw1tvn8CRHvecY43pKGJMp_P71nei4QbarwEdughr8tAxBPNMig8umL1iJmnaoeXKToIo_jia1G7Qh8rtK0vcsUh0dpLSi8Qx10GHA-ysLuwodxygxbrXhdrRE
Frame ID: 47E62B448BA4017FD2BCE902063EAF81
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E7BB2009A6B81031F5AC09092F54DD9E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5087C372009119EF4A61FA4ECF6AE609
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A388EAB41F792D946E3ADC877600CD81
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Frame ID: F6DD3BA059820B7430283B4484B2AAF4
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Frame ID: E6B3F5EC0582CA20E48CDB4628100D51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

كورة 4 لايف | kora4live مباريات اليوم اون لاين ، اخبار و نتائج المباريات

Page URL History Show full URLs

  1. http://www.kooora4live.com/ HTTP 301
    https://plus.kooora4live.net/ HTTP 301
    https://kooora4lives.com:2096/ HTTP 301
    https://kooora4lives.com:2096/m2/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

327
Requests

81 %
HTTPS

46 %
IPv6

55
Domains

75
Subdomains

56
IPs

8
Countries

3058 kB
Transfer

7262 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.kooora4live.com/ HTTP 301
    https://plus.kooora4live.net/ HTTP 301
    https://kooora4lives.com:2096/ HTTP 301
    https://kooora4lives.com:2096/m2/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.kooora4lives.com/wp-content/themes/AlbaKora4Live/img/logo.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/themes/AlbaKora4Live/img/logo.png
Request Chain 1
  • https://www.kooora4lives.com/wp-content/uploads/2021/09/telegram.jpg HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2021/09/telegram.jpg
Request Chain 16
  • https://www.kooora4live.com/wp-content/uploads/2019/01/1391639116.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/1391639116.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/1391639116.png
Request Chain 17
  • https://www.kooora4live.com/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
Request Chain 18
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377539691.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377539691.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377539691.png
Request Chain 19
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_cote_divoire.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_cote_divoire.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_cote_divoire.png
Request Chain 21
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540405.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540405.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540405.png
Request Chain 23
  • https://www.kooora4live.com/wp-content/uploads/2019/01/spa_real_madrid.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/spa_real_madrid.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/spa_real_madrid.png
Request Chain 24
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540371.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540371.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540371.png
Request Chain 25
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540149.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540149.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540149.png
Request Chain 26
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_mali.gif HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_mali.gif HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mali.gif
Request Chain 27
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_mauritania.gif HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_mauritania.gif HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mauritania.gif
Request Chain 28
  • https://www.kooora4live.com/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
Request Chain 29
  • https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/download-4.jpg HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/download-4.jpg
Request Chain 71
  • https://www.kooora4live.com/wp-content/uploads/2019/01/spa_real_madrid.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/spa_real_madrid.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/spa_real_madrid.png
Request Chain 72
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377539691.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377539691.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377539691.png
Request Chain 73
  • https://www.kooora4live.com/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
Request Chain 74
  • https://www.kooora4live.com/wp-content/uploads/2019/01/1391639116.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/1391639116.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/1391639116.png
Request Chain 75
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540405.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540405.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540405.png
Request Chain 76
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540371.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540371.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540371.png
Request Chain 77
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_cote_divoire.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_cote_divoire.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_cote_divoire.png
Request Chain 78
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_mali.gif HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_mali.gif HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mali.gif
Request Chain 79
  • https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/download-4.jpg HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/download-4.jpg
Request Chain 80
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_mauritania.gif HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_mauritania.gif HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mauritania.gif
Request Chain 81
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540149.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540149.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540149.png
Request Chain 82
  • https://www.kooora4live.com/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png HTTP 301
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png HTTP 301
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxbI6xDApYo_f1j6pyAwT4&google_cver=1
Request Chain 145
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yel5SDzs-pkTP1h2FcdcYwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxbI6xDApYo_f1j6pyAwT4&google_cver=1
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEInsiIrrJSTEe-MLSzIsNmw&google_cver=1
Request Chain 147
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyMTQzOTM2Mzk3NzY4MDE1Nw%3D%3D
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjjgFmbUC96692TXbbuo5w&google_cver=1
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEP4WkaEHPjI_HO4QdMP7nio&google_cver=1
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC_3pwdOSckpG8lO5K6P-Mg&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC_3pwdOSckpG8lO5K6P-Mg&google_cver=1&__user_check__=1&sync_id=d85cf7b8-7a01-11ec-8054-141922060206
Request Chain 160
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=d854db36-7a01-11ec-b1b5-1d21b9eb0506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDg1NGRiMDAtN2EwMS0xMWVjLWIxYjUtMWQyMWI5ZWIwNTA2
Request Chain 177
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEByp8IUeLfMzqCNwhc7Rzzs&google_cver=1&google_push=AYg5qPIT2ccoPrXZfL89GXzY4z19HLcmRG7rWU0akZPEFsfWYli5imunPYwcwBTj-aECGLGfQjfhQNy62uvNAfBx7MvmB_Xslpg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEByp8IUeLfMzqCNwhc7Rzzs&google_push=AYg5qPIT2ccoPrXZfL89GXzY4z19HLcmRG7rWU0akZPEFsfWYli5imunPYwcwBTj-aECGLGfQjfhQNy62uvNAfBx7MvmB_Xslpg
Request Chain 178
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMhl-TxmFCRJ5is6EWBrV20&google_cver=1&google_push=AYg5qPK4b1sI6i6yi3HpfyGbKc0dSiZIoClpWlxRM-QZdkx8ZJLM28KxPfmIXo8_Y3Ar0EUc_8-hYP2YcoQRu0-nWGdWjXGHDSTf HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1e9bE-aGRFatBsJgyzL9mQ2&google_push=AYg5qPK4b1sI6i6yi3HpfyGbKc0dSiZIoClpWlxRM-QZdkx8ZJLM28KxPfmIXo8_Y3Ar0EUc_8-hYP2YcoQRu0-nWGdWjXGHDSTf
Request Chain 179
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENIAhGMWxlm7pUompoaJRlA&google_cver=1&google_push=AYg5qPJWEJm329TzaC661aZgdDAdEcJ0W51YWotpiULKqCNxhRGWJrM5Gk46n-Oo-gAKNrI3e9-ty_z8ZSQ6op5_W9A4F3Jziqg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENIAhGMWxlm7pUompoaJRlA&google_cver=1&google_push=AYg5qPJWEJm329TzaC661aZgdDAdEcJ0W51YWotpiULKqCNxhRGWJrM5Gk46n-Oo-gAKNrI3e9-ty_z8ZSQ6op5_W9A4F3Jziqg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJWEJm329TzaC661aZgdDAdEcJ0W51YWotpiULKqCNxhRGWJrM5Gk46n-Oo-gAKNrI3e9-ty_z8ZSQ6op5_W9A4F3Jziqg&google_hm=bhyvsmGcT6eiJptdAV9aMQ==
Request Chain 180
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOQ-rfh6hrL1Gno7wRBrJwU&google_cver=1&google_push=AYg5qPIpmZaqpMWgKF-mK85n_TcImy8s_XbQdN4ZdFKL_-OKGwIhVA9tR7l-iwnyuIR-B5bU_YNrCSA5w12_SQq9eb6QAsDJInDq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIpmZaqpMWgKF-mK85n_TcImy8s_XbQdN4ZdFKL_-OKGwIhVA9tR7l-iwnyuIR-B5bU_YNrCSA5w12_SQq9eb6QAsDJInDq&google_hm=MTkzODM0MTEwODM1NjM3OTMwNQ%3D%3D
Request Chain 187
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBGG4No5B6f4JGFwTC893HI&google_cver=1&google_push=AYg5qPLTRnHT74UH9y6m85oslvXKCJD-9C5QVkKtxSf-mo6D3RGVEqr8odUC3Hjd-HzjnryrVhmJxQ5rKwn4-tGjclq89agiXLI HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBGG4No5B6f4JGFwTC893HI&google_cver=1&google_push=AYg5qPLTRnHT74UH9y6m85oslvXKCJD-9C5QVkKtxSf-mo6D3RGVEqr8odUC3Hjd-HzjnryrVhmJxQ5rKwn4-tGjclq89agiXLI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3Zzb2dkTGUxTmF5V2s1&google_gid=CAESEBGG4No5B6f4JGFwTC893HI&google_cver=1&google_push=AYg5qPLTRnHT74UH9y6m85oslvXKCJD-9C5QVkKtxSf-mo6D3RGVEqr8odUC3Hjd-HzjnryrVhmJxQ5rKwn4-tGjclq89agiXLI
Request Chain 189
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB8ll4aHXrhQx4mXv08tEW0&google_cver=1&google_push=AYg5qPKrLL_GZC2BTRoACx3UMfXqsjA-cm4a8By-PX9GxsgtPFK2lmEa592gwK9UucUbRurEkF1jYwzFLS1Owsvs7KsOaCnzSD96 HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB8ll4aHXrhQx4mXv08tEW0&google_cver=1&google_push=AYg5qPKrLL_GZC2BTRoACx3UMfXqsjA-cm4a8By-PX9GxsgtPFK2lmEa592gwK9UucUbRurEkF1jYwzFLS1Owsvs7KsOaCnzSD96&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKrLL_GZC2BTRoACx3UMfXqsjA-cm4a8By-PX9GxsgtPFK2lmEa592gwK9UucUbRurEkF1jYwzFLS1Owsvs7KsOaCnzSD96&google_hm=98fe401fac982a3268488774
Request Chain 190
  • https://match.360yield.com/match/ebda?google_gid=CAESEKQaEOZQH9kCf-TXROeNA8k&google_cver=1&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKQaEOZQH9kCf-TXROeNA8k&google_cver=1&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q
Request Chain 192
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECfioxPGoQndacYF5V9r-3o&google_cver=1&google_push=AYg5qPIJlm5bcONtVh58jru_EjionscBuC3aCfKG8y9tNyjsjvmQc-j1jug6JUABrqJGIHVr08zsxeKAf0JLch1YZjH5S7HN7GKi1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FRENvTVhWRTJ1RmdhMEpGNjNXcWF6RUQzZVo5eHlDTH5B&google_push=AYg5qPIJlm5bcONtVh58jru_EjionscBuC3aCfKG8y9tNyjsjvmQc-j1jug6JUABrqJGIHVr08zsxeKAf0JLch1YZjH5S7HN7GKi1A
Request Chain 196
  • https://gcdn.2mdn.net/videoplayback/id/8ac1338c40409a6a/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674226888/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8F78BC4C0FCB9BBCC476427FA5CE82964684AE55.102768F8D6CC29D921B2868E51A91F40D1B59A66/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-25glene6.c.2mdn.net/videoplayback/id/8ac1338c40409a6a/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674226888/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/713E396DB9D86297724747D873ED64FCFA0188F5.38FD19FEA1B962BE6179D63FFE8D2C8118DBF028/key/cms1/cms_redirect/yes/mh/KF/mip/2001:41d0:8:d154::7/mm/42/mn/sn-25glene6/ms/onc/mt/1642689994/mv/u/mvi/5/pl/52/file/file.mp4
Request Chain 206
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP_Bz81omotrf69NncowBig&google_cver=1&google_push=AYg5qPLX_xHPp7yhN6lexzAx8cXShojzTqh0bHISIuBg6Z-Wfw10X52aRYg2jZQyDeTxsqS16P3bW0aNhKHZe2s7HdDlbHJt3PU HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP_Bz81omotrf69NncowBig&google_cver=1&google_push=AYg5qPLX_xHPp7yhN6lexzAx8cXShojzTqh0bHISIuBg6Z-Wfw10X52aRYg2jZQyDeTxsqS16P3bW0aNhKHZe2s7HdDlbHJt3PU&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YZZ0_c74SJupZaxt6_HP_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLX_xHPp7yhN6lexzAx8cXShojzTqh0bHISIuBg6Z-Wfw10X52aRYg2jZQyDeTxsqS16P3bW0aNhKHZe2s7HdDlbHJt3PU
Request Chain 207
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFUS9iVUGv-kG20HX1GBph0&google_cver=1&google_push=AYg5qPLyeG2J_6xSxQmTb1BQ2TVPRH7c4IElvrXZJy7RNqpCYsdNlOrBGdrz4mB6DLF2IZMVb4tMkAF-ehY7-cS9XxnwjhujneA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLyeG2J_6xSxQmTb1BQ2TVPRH7c4IElvrXZJy7RNqpCYsdNlOrBGdrz4mB6DLF2IZMVb4tMkAF-ehY7-cS9XxnwjhujneA
Request Chain 224
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECx0YXf7uVbkvsUf36SYQx4&google_cver=1&google_push=AYg5qPLcpAEm2Drv2BEo2VdDUjvfjJBzt1qC0VGRN3GZu5GC2lGqlbxsME_CcAfNmrjDYTziWfGBTQM3MjgGQ3bJm3BYKQ5hkk8G HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECx0YXf7uVbkvsUf36SYQx4&google_push=AYg5qPLcpAEm2Drv2BEo2VdDUjvfjJBzt1qC0VGRN3GZu5GC2lGqlbxsME_CcAfNmrjDYTziWfGBTQM3MjgGQ3bJm3BYKQ5hkk8G
Request Chain 225
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG4EhmZSZJK2cbP7E7ZMBNA&google_cver=1&google_push=AYg5qPLSRf9k-DR07W3Vf8kHRMof57yeuE_cEO3yU4ttfOcsZrtTtBCVyiSywwCsrjWvq_nbWmsZjSd1GhApm53-gVCEiZOysP7Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLSRf9k-DR07W3Vf8kHRMof57yeuE_cEO3yU4ttfOcsZrtTtBCVyiSywwCsrjWvq_nbWmsZjSd1GhApm53-gVCEiZOysP7Q&google_hm=SnTGF9Q-RWCe4yfa3YkjM2c
Request Chain 226
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENNcG8xhef4aEr0SbDdw_II&google_cver=1&google_push=AYg5qPKGUgeDUZNtIsC4AvA0ZhSRV4vTIVcrvbZ21NteQXTpaLdC_ogVWx5lFqEDHqBWGQjD1WpSMbYj3l9oN9JTiNQxndDGZpR_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKGUgeDUZNtIsC4AvA0ZhSRV4vTIVcrvbZ21NteQXTpaLdC_ogVWx5lFqEDHqBWGQjD1WpSMbYj3l9oN9JTiNQxndDGZpR_&google_hm=NjY2MDU3NDIyMzgxOTcyMTkxMQ%3D%3D
Request Chain 228
  • https://match.360yield.com/match/ebda?google_gid=CAESEJ491P_0l-0VcT3iliH-b_k&google_cver=1&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJ491P_0l-0VcT3iliH-b_k&google_cver=1&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS
Request Chain 229
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB_QSrjgcOo0mNiyFAobdsY&google_cver=1&google_push=AYg5qPLpSfvpWn4UUspCKuR3CtkXUeD1gy6QU_hXWQ1SQ3dXfg1mECLc5syQw3LBS7fGmpn8nJao-vUVm7iWLekLHD1pgzT-pKFB HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLpSfvpWn4UUspCKuR3CtkXUeD1gy6QU_hXWQ1SQ3dXfg1mECLc5syQw3LBS7fGmpn8nJao-vUVm7iWLekLHD1pgzT-pKFB&google_gid=CAESEB_QSrjgcOo0mNiyFAobdsY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODU1NjUxNjU0OTQ2NzYzMDQxMg%3D%3D&google_push=AYg5qPLpSfvpWn4UUspCKuR3CtkXUeD1gy6QU_hXWQ1SQ3dXfg1mECLc5syQw3LBS7fGmpn8nJao-vUVm7iWLekLHD1pgzT-pKFB
Request Chain 267
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kooora4lives.com&sn=ChromeSyncframe&so=0&topUrl=kooora4lives.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=_ls4ZHxoMHJRa2pyd3lMYUZ6UEZxOTZzY3lwc1cyVHVNa01qS0VkMVdRRU14RU5nQ3laUzcyY3FGYjZxRVJCMVRoTE95K3dReE5oYkVRUGZTckZDRENTOEVqMTdnNXNoWGp1TXZybG5ZOHExYmxDakZadHlNK0YxTiszRVJnamRmQkYzeFVwMi9XdjJUMG12dVJRdWRzWXFxWHRTSVdRK01MZVgxMDFFMS9mWkVnUjFKREtJdlVIdkhETFRXTDJCNGNKUDFSdmVHTVc1Q2ZIU09NTThReVNmemZ4MW10RDF2bkxpZ0trN0ovYTgwN2JjWGN4N0E4OGl4OFErNVpROEVjNXp6cGw0Nk5FR2lKMElSSmZ5N0tDNndKQT09fA&cppv=2
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEHdQYGwZrwSQLL3V-2NJRN8&_origin=1&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEHdQYGwZrwSQLL3V-2NJRN8&_origin=1&google_cver=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEHdQYGwZrwSQLL3V-2NJRN8&_origin=1&google_cver=1&apid=UPd90a75d3-7a01-11ec-ab8a-0666f73737e8
Request Chain 280
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPd90964cc-7a01-11ec-a23b-062f444c7446 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBkOTA5NjRjYy03YTAxLTExZWMtYTIzYi0wNjJmNDQ0Yzc0NDY%3D
Request Chain 281
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1mb2U3VmYxRTJ1R3h4NTN1Z1RZTWo4RFJwRTZGaXZZb35B
Request Chain 301
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEIy-nqlklwvfnJTjJhYdLWg&google_cver=1&google_push=AYg5qPI5dfjc_Qo3hfh9ThNQkNNaratoaf4WbfBVjwjz_0Dqj_mgOVzx2ru1o2jPhBylir0BWZDcGEHYdUPcGfBusO510qWgTfs HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEIy-nqlklwvfnJTjJhYdLWg&google_cver=1&google_push=AYg5qPI5dfjc_Qo3hfh9ThNQkNNaratoaf4WbfBVjwjz_0Dqj_mgOVzx2ru1o2jPhBylir0BWZDcGEHYdUPcGfBusO510qWgTfs&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=Tz3qDdCpSSiR_61m11UWRw&gdpr=1&gdpr_consent=
Request Chain 302
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAuJnyWFwR2-odeAazTQX1A&google_cver=1&google_push=AYg5qPLNDVPZbeY3-jSymtJuxJ9ycPYpwL1GE0igGQPCMor5XlFP6goOPMqqNUW_XHCKkVspuMhlTPSVT2IRXDZzKN_RTruhjGE HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077720425435877&expires=30&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLNDVPZbeY3-jSymtJuxJ9ycPYpwL1GE0igGQPCMor5XlFP6goOPMqqNUW_XHCKkVspuMhlTPSVT2IRXDZzKN_RTruhjGE&google_hm=bhyvsmGcT6eiJptdAV9aMQ==
Request Chain 303
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1
Request Chain 304
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB_QSrjgcOo0mNiyFAobdsY&google_cver=1&google_push=AYg5qPLvpeB0EjDOzx6rmoEJcS4dTwhPIHi5Wl_9j8SgbGQj5pHQp2bYT37sSfOumrZPPdaqTwb0XkNY2a1PCclyzwfW1lxZV4k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODU1NjUxNjU0OTQ2NzYzMDQxMg%3D%3D&google_push=AYg5qPLvpeB0EjDOzx6rmoEJcS4dTwhPIHi5Wl_9j8SgbGQj5pHQp2bYT37sSfOumrZPPdaqTwb0XkNY2a1PCclyzwfW1lxZV4k
Request Chain 329
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.com%3A2096%2F&domain=kooora4lives.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=_Gx303w1NDA5enhJd3ZRakpHcVIrSlY4Q09wYTdYc1pSTVpMQkh6ck9jckJHd011Y0ROS2tUTS9JYjdMVFA5S1FTK3NGSUhJL1orV0xRYUY2cS9GbVhNVGVyaU8xUU1UYjJySVordEw5ZXRTamM3S2RWMHZjUWZSalBWMWY0ZDBicTJkelFHZE40YVNmZjg3Mk1aNnRYSUxjUTFXUXh2dWNJMmthSDY0WjRlZ0NEMzR0V1hWM1ZDc1A0K1J5VFZvemlGM2YyVlJYV0dWUFVINE9XSFp6b2ZrNGxVZzZ4eHFGL0VYancyWjdubUtCaWZ3MmJYSDc2YWlGYnNIZXU5a2lmMmZkU1phbHlCWDVaNnI2cDRsR0Y1VTFYQT09fA&cppv=2

327 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kooora4lives.com/m2/
Redirect Chain
  • http://www.kooora4live.com/
  • https://plus.kooora4live.net/
  • https://kooora4lives.com:2096/
  • https://kooora4lives.com:2096/m2/
72 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kooora4lives.com:2096/m2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb518325df1232cf5e796eba4b3ced0fe2730533a1f109f0c48bb0112102630

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Cookie
cache-control
max-age=3, must-revalidate
last-modified
Thu, 20 Jan 2022 14:57:13 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2vzK9Plx5j3po4WcuZHTVmMfopT27E1bNKAQ%2BJ06iAD1TkY1EQ9Jbc%2FkzLstdy5%2BhTGioa5EOkVqBNEBN3dAlxQ9JEntSv%2BWQY%2Bp%2Fo1w8r6CPm3Pg1hk3mS6VpROpRtA44XH0nf1xN5PgL7ZCCnhyybVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6d092d967d4332b0-CDG
content-encoding
br

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
location
https://kooora4lives.com:2096/m2/
cache-control
max-age=3600
expires
Thu, 20 Jan 2022 16:01:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMD4HTkHC7SAdqB%2BwdCS0Z3b3pPgKU8AuU%2Fvpbw%2BW5jI3o%2FHENsZlqKR%2BZsSmiJ15rSAWz6dTluCGCwDGUPV%2FF728E2o6FO7e71i8US8V6ak39Kd7RiNIRC40Af5k78jiUYMauCe9I8nYkq%2B2mJiRzlxoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d092d964cee32b0-CDG
logo.png
kooora4lives.com/wp-content/themes/AlbaKora4Live/img/
Redirect Chain
  • https://www.kooora4lives.com/wp-content/themes/AlbaKora4Live/img/logo.png
  • https://kooora4lives.com:2096/wp-content/themes/AlbaKora4Live/img/logo.png
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/themes/AlbaKora4Live/img/logo.png
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb8aba77083d0c920f0de2ce32a6ed0d55c35516e5a48d5b03f57650f41fa6f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
12374
pragma
public
last-modified
Mon, 21 Dec 2020 21:53:15 GMT
server
cloudflare
etag
"5fe1194b-3056"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjlBJ2osS8Y2WBuEa2r5ZmKqlnIIb1ouMVHOVeeXt%2FhVqHagMviRJ%2BcfUqXAsJxTYFb9KdRodtOnl3uOxKvmhrFe%2B0eozUsCy16bRXQ91Ot9PZHUeB70gIL7PI1WRzLsr49zKL62GZVmUUD4GGJ7l%2FyJ1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d98e9ae32b0-CDG
expires
Sat, 19 Feb 2022 15:01:26 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvo0KIPQhxargRyUU9%2FIOt9iYqIS0nC8PDc4FD67i9z9Z%2FG4anzlucYBI7Y5gKh63Yvn5qBYdJ3SsMO1xudzdwoltmHw%2FGy6g7Ny%2B52R3raQU1N7fBTuDIPIOAEkDazgitSx4cpBBbtJeFHZ6ZpN60o5"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/themes/AlbaKora4Live/img/logo.png
cache-control
max-age=3600
cf-ray
6d092d98bc613ae9-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
telegram.jpg
kooora4lives.com/wp-content/uploads/2021/09/
Redirect Chain
  • https://www.kooora4lives.com/wp-content/uploads/2021/09/telegram.jpg
  • https://kooora4lives.com:2096/wp-content/uploads/2021/09/telegram.jpg
12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2021/09/telegram.jpg
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc2585466f270c5670d3365306a375ce9555236ecac32888b817a479a53e07b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
11913
pragma
public
last-modified
Thu, 23 Sep 2021 16:46:42 GMT
server
cloudflare
etag
"614caf72-2e89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yAp8pcizrCFRoiwTW73UZs6WywQVES06uggWPPhTXMwVu5xVWriZLT7pUvYvqg8VnT83P5lxPXRVsaw0uUFtEdRZuPsQVHAc%2FUrfJckhmE2yXwoCE2wZx2fp7fCufz6XJcgo%2FDyLkJJ%2BZgY1R3XiygAxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9909e932b0-CDG
expires
Sat, 19 Feb 2022 15:01:26 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZKbbrmiaCtbTNp9MSzyrg3agWpOncMYI3acoqXu8bxJuvbkUaFIhF%2FeBM90TmAYuKmzgHd%2FZWBOzVvEWZfwNVF7XyH3WOIDMuz%2FQ3sxuiEB9j1EB1sSGSUl4WwkqOexeFW56YbvJpKmbrxGU4tMl1FR"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2021/09/telegram.jpg
cache-control
max-age=3600
cf-ray
6d092d98bc673ae9-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		944 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		500 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
kooora4lives.com/wp-content/themes/AlbaKora4Live/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kooora4lives.com:2096/wp-content/themes/AlbaKora4Live/fonts/NeoSansArabic.woff
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer
https://kooora4lives.com:2096/m2/
Origin
https://kooora4lives.com:2096
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Dec 2020 21:53:15 GMT
server
cloudflare
etag
"5fe1194b-e014"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wK3GsTVpOUfv86eqxDYE%2BBlRU6yCAEnVCNQxlxQ%2FMsKPHAb5wZ1wFbG5R8nVtdfX62Vm%2B8l0xZPyOqyc67gVyZ9SOFwagg435eWVWmQLEWqPDbMvrBrnQ1Z5GGXcq9nVTD3lGorTvYpO24Zod72EmJ4ybw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6d092d98284232b0-CDG
content-length
57364
rocket-loader.min.js
kooora4lives.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kooora4lives.com:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/m2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Jan 2022 19:33:57 GMT
server
cloudflare
etag
W/"61e5c4a5-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VyVtFQA%2By4P6pF0JinLFAdeIwBIRLVxDQ3ryAyavB%2F%2BXAFbiL0kiGyuC1h5QST48ltiiwIy71JqwniLepcxlF9PQ0Al47BcOUpb3ql11O1NBqCvoYMXxhYARXI7FYAZdAnO%2F6xRvq6UddBGNxbkibnU5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d092d98a93b32b0-CDG
vary
Accept-Encoding
expires
Sat, 22 Jan 2022 15:01:26 GMT
lazyload.js
kooora4lives.com/wp-content/themes/AlbaKora4Live/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kooora4lives.com:2096/wp-content/themes/AlbaKora4Live/js/lazyload.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c3ceed2256e78d1d6cf8ca4405b9204e43ed8dace787060fda3e822204fdbf5

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/m2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
public
date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Dec 2020 21:53:15 GMT
server
cloudflare
etag
W/"5fe1194b-1c51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pv6JxM0H9OUBwALMq%2Bpt0zIxqD5wXx7OdE6tQb6HcsU4qJgdIzoeVwAKW%2ByuM%2BMonkwsgK3jvOZ%2BGCoAf25zHM3GynsaJ1jJy5yPTUBFUPvHk8Wo0ebrMXiuOcQsu3Y%2FF%2FKjhIHmDxWkhLOwB3wzylyMog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d092d98f9dc32b0-CDG
expires
Sat, 19 Feb 2022 15:01:26 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-150096121-1
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61e531ec854e493c774a1f8666b5640dc0d15256a066eaad85580f878227e38a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36506
x-xss-protection
0
expires
Thu, 20 Jan 2022 15:01:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a36c2d7e1a7106395602b99eaceffb3d1e17d27cb5c1a9dec396b84896e7d65f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51981
x-xss-protection
0
server
cafe
etag
17554119108507242122
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 Jan 2022 15:01:26 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
2554231538d215e25183ebf736d042fba01900659d9e46cc267e9fc2928455d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26996
x-xss-protection
0
server
sffe
etag
"1107 / 221 of 1000 / last-modified: 1642680340"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 20 Jan 2022 15:01:26 GMT
Kooora4lives.comdynamic.js
jscdn.greeter.me/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/Kooora4lives.comdynamic.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
71895469b6ff513d909d23563b37a01f80b74341eb41acefb21d660a93d6a143
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 15:01:26 GMT
Connection
Keep-Alive
Last-Modified
Thu, 28 Oct 2021 20:27:05 GMT
x-amz-request-id
tx000000000000100896a11-0061e978b5-25a411a1-fra1b
etag
"e1acacc557b05f66336a68e0c755f97f"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1642690886.dop034.pa1.t,1642690886.cds033.pa1.shn,1642690886.dop034.pa1.t,1642690886.cds220.pa1.c
Content-Type
text/javascript
Cache-Control
max-age=3455
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
7958
kooora4lives.comhead.js
jscdn.greeter.me/ 		69 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.greeter.me/kooora4lives.comhead.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7848e8fe8acaeb11f1fa92481bce612e12d101f25030f1cbb1d9ae4f0b6a1e74
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 15:01:26 GMT
Connection
Keep-Alive
Last-Modified
Fri, 29 Oct 2021 15:04:01 GMT
x-amz-request-id
tx000000000000100882145-0061e978e0-25a456e3-fra1b
etag
"821ea7dcf3435e1ee2b92f3c9340b9b5"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1642690886.dop205.pa1.t,1642690886.cds040.pa1.shn,1642690886.dop205.pa1.t,1642690886.cds225.pa1.c
Content-Type
text/javascript
Cache-Control
max-age=3498
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
70371
1391639116.png
kooora4lives.com/wp-content/uploads/2019/01/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/01/1391639116.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/1391639116.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/1391639116.png
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/01/1391639116.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fdf6a4b7aa94a34317ec47cf2be6b143d9b72649c74f2062ad3da60a32da3e2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
8845
pragma
public
last-modified
Thu, 14 Feb 2019 04:58:39 GMT
server
cloudflare
etag
"5c64f57f-228d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwHArbNZ6oAyhXzbH90cUlbcZ%2BMhXLyDPByBRJzfOe%2F%2Fz9VhkjTCA0ZOoL%2FTZJXG9ozOeGpkUlFSP%2FhtM6lLr7Y4o%2BYu7CQ0kK46NcOVAx6Lz5URQIE8rXBmmBjj1brOr3Xysxr42ZlEJzkB%2B3Lwy8AJSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9b2e7e32b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWSBtixcNlKMMyrpDyEEF%2F4HwI8C8rWZ9knr6Emdq%2BMMWuqrAXsaudEuXyTfMtsiTL8r3MtzRVgJCnshD4CJlkhMqcW9nU%2B2k%2FXK9EQSwMaZRlskiov2Qfp5mG%2BLdrmdogU%2FH01XEV7tZGpPr3jnA6OQ"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/01/1391639116.png
cache-control
max-age=3600
cf-ray
6d092d9ac88acdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
49_14-12-2016_1393271588.png
kooora4lives.com/wp-content/uploads/2019/08/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
411af3a0cdb161d363fcae09436cc4c53d783bec45b0dade1214e071f600acbb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
4933
pragma
public
last-modified
Fri, 23 Aug 2019 23:15:46 GMT
server
cloudflare
etag
"5d6073a2-1345"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1nO0yf7wsFnGlEhgmaO2CU4yo1YuQPqSoU9NAz3xawkneZZ5E20%2FHrQTQZMyIlZvWZzMCzwgCbw3%2FGt%2BSjsDnQ547D9uLR39xyFcxVU8TmXQYQRWP%2Bf5LORRPYtyJ3fYLVKTbLtLsKXgpUwJeiBlEPa3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9b2e7d32b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2BVMy0rtyykDuhOoMuAASHm1oMfsavi41mizAS3V2fptIt3O1CKDiTo1dhrAUJwR7HEAmaY8Rvfvw5hcjg8eBP1CIOOg5TB%2FrBWO9L2oLOtIasaYkCpA%2BLbuhQ72mV0bKs5NgMp8%2BAINphOr9Z9mJYQ"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
cache-control
max-age=3600
cf-ray
6d092d9ac884cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
1377539691.png
kooora4lives.com/wp-content/uploads/2019/03/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377539691.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377539691.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377539691.png
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377539691.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ed5a56c130b285752202178c582130791187991b1da780bc8b863cd435926f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
4644
pragma
public
last-modified
Thu, 21 Mar 2019 05:29:31 GMT
server
cloudflare
etag
"5c93213b-1224"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3rE8keotWSjdfdveQacpGuqVaVyRQUcU9M6YNcCMqVCWfz%2F8Hh1rITjFj6ytUWK2D7q8HhVrZMaAf4tqGehg4pga7yfnplzf39W6HrLnSoo3LFv%2F9%2BmOnQRPnja87UayR2sHGZawScicA%2FMJxqOxA1E3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9b2e7f32b0-CDG
expires
Sat, 19 Feb 2022 15:01:26 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkF0cVNH1IBmPRD9ch8Z0WOJmcG2zpXJYG3xb4BDqL%2FxNEAzSfIdF27cJNpVongeKAHjasw4A%2Bz6nrx2gupeI0n07Uj12ewPJCYB0sPRpM3HrmJLIBRxhjX07lVVpl9GTaQ4fwriQumcMeHRK7HIEIBW"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377539691.png
cache-control
max-age=3600
cf-ray
6d092d9ac87fcdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
flag_cote_divoire.png
kooora4lives.com/wp-content/uploads/2019/05/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_cote_divoire.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_cote_divoire.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_cote_divoire.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_cote_divoire.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876744a14c03d98eac7ef9f8a669805bda6e49c10102acddef6d11261244fea9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
3256
pragma
public
last-modified
Sat, 18 May 2019 13:26:25 GMT
server
cloudflare
etag
"5ce00801-cb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XA7lsdPCbnw0kzU2v%2BLZYu7kIrdeRskIw2%2BcNfuo4o0Lm2QWdemP8Ju4A3V7cRtCXmmIazlf1xK%2Bucq1rx%2BxMt8MhZsmnSRlJxhMhUqWsdbWSPnfLMRkpAQfLfp5wrAPxJYuI%2BYmpT%2FpAPPo3k0Lv4w4Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9b9f4732b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKLO4%2FTRjIVKHweaIxCw4SH9nCyP1RR59BrJJHSfoRrrVYkYl68BBNBuL0doFhUfL1yDIG4etNdZ%2FMEwp7RpuUSJ4LMYVWvUdxVAxlCPiEFJVbE1WOxpcBKtsEZj%2FdmYcpAjTbwbtZ7kZD%2FYJQHqh%2B9K"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_cote_divoire.png
cache-control
max-age=3600
cf-ray
6d092d9b08d5cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
download-4.png
kooora4lives.com/wp-content/uploads/2022/01/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2022/01/download-4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
382f703fb24619e3eb3839a00e603b55da65dbda0870eb3bd179ebceee43799c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/m2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
1443
pragma
public
last-modified
Mon, 10 Jan 2022 05:30:06 GMT
server
cloudflare
etag
"61dbc45e-5a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W738hhMBRk66ei7v93dsLgysvQFB%2BakS2nLFfOrsiu%2FKasLjWMLee%2Bsghajo5Xx3hRDP%2FoDvKOK1GaXPjf904J7kqvhHhU8F%2F%2FeCTP11h00j4W2ZZAELuX15oXRo%2Bc9E8k9Q7I9gPwyyvDBXVG03c%2Fd9sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9a0c0232b0-CDG
expires
Sat, 19 Feb 2022 15:01:26 GMT
1377540405.png
kooora4lives.com/wp-content/uploads/2019/03/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540405.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540405.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540405.png
7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540405.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cba9a0da2b12b2dbe86f13086f1231e383dcc2b287223db94b8e3582a6ee2887

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
7458
pragma
public
last-modified
Thu, 21 Mar 2019 05:21:01 GMT
server
cloudflare
etag
"5c931f3d-1d22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAQeVO%2F1Qzp1%2FIzmIak5WAyN3MbS1%2BCgl2DIMFaBfbBe8gxz%2F98BXzsR1PjHXXinyQtOPX0kLa2B%2BV7pxSHlJP4%2BhkAsPWR58cIeuDw75UB242EBkl28d1Aa6an0U1dk%2B4Cb5um1GbGlq9IkkKr0TnPAsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9b2e7932b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebU1METpxZcd1poaxpesSWWT9jKQl%2BbseiNJIQ9YF72Cdx2HE199QajEzUukyxCPpgRMBx%2BbLjsOWCEX95qGR53tNPU9G2TuMaAOlw85D6bcdf4i2%2BPztAFTgYQ1FMQFt3WGEzddK7zORJ0XMmnRmZUN"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540405.png
cache-control
max-age=3600
cf-ray
6d092d9ac886cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
Elche_CF_logo.png
kooora4lives.com/wp-content/uploads/2021/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2021/08/Elche_CF_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996ae51c16366f266170fc08ede7364cb5696ed15e01b047301e15a5cfb37d6b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/m2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
25396
pragma
public
last-modified
Sun, 22 Aug 2021 08:34:20 GMT
server
cloudflare
etag
"61220c0c-6334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VY5a%2BCXtLsTIeI2sCZF5V3UCuK4fwgZVl10ekfZxPx8jgwDUJ7VXPe7sAz6akQCjH18vhiW8ynCKs0GUlDDI1vdYwsGP%2BlFRFWw8oKOuMHdk3%2BWyU4EiqA43mM3c9nnWxZdfoGbQbtqTI0Ixez7UU1emjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9a0c0532b0-CDG
expires
Sat, 19 Feb 2022 15:01:26 GMT
spa_real_madrid.png
kooora4lives.com/wp-content/uploads/2019/01/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/01/spa_real_madrid.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/spa_real_madrid.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/spa_real_madrid.png
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/01/spa_real_madrid.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
22271
pragma
public
last-modified
Wed, 02 Jan 2019 09:10:38 GMT
server
cloudflare
etag
"5c2c800e-56ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyWoC1vdqzIpQIMZAJJHRri6V%2B6fDEXM1qPMrjY63L%2BTbDMhO8YQQzB8P%2FY0Hlo6xa%2BcS%2B2K%2FvfNRyYOxwpHq3vHHwT1E5SOZOemFQ3tjrGKePTmhe6qpTg1hqXGEvDFURi9LKe0vWZXUEl8cuHPbqZQmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9b3e8032b0-CDG
expires
Sat, 19 Feb 2022 15:01:26 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJsACapLKFTgMILalllBwWstR1TFGaISNm9NoeWzwxlLtOlDSCZqET2NmYXt20JgWKoHoYu9Pse6eugr%2Bqh1anca%2FTqt58cjpIwBxDj%2FToNhX6HJnjMa3LmXB%2FTBpPc4anZ0xnRhX7MaswCDEvQ%2FEafN"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/01/spa_real_madrid.png
cache-control
max-age=3600
cf-ray
6d092d9ac88ccdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
1377540371.png
kooora4lives.com/wp-content/uploads/2019/03/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540371.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540371.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540371.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540371.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc452287bf60c2137af690588bd2b455b1e2a798f9dad0453ca56e7b8e336e2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
3198
pragma
public
last-modified
Thu, 21 Mar 2019 05:30:36 GMT
server
cloudflare
etag
"5c93217c-c7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DdZH5h7AnouaEERWnT3S2rYRRQOgSuaKbqcgqe20Z5V%2FlCXnoueDg85EC6J55i2mcv8z1r%2FeWhknDKDvTiKyLs2KNshS2NfaoETbs1p7PCzhLWB2p2gAifaboBmKoPTP5Qa%2BgplRTXiTHgPdWFtdhRjbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9bdfb732b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6o0%2BJ4EWahx%2FQ0A6ISoJyUIN1MnAoZ0XI16H7LMbx9nZcvbs24WWXfH2vYzeJ2mLTVr3gUtG%2BmIJ3EguTfWEWQcbZC6%2BTfKfrzJbg17qoLhNmDFqWRuIsIH3RU9F90%2B0%2FPevc5V9NNsEPiJY3D1lQHBr"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540371.png
cache-control
max-age=3600
cf-ray
6d092d9b2906cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
1377540149.png
kooora4lives.com/wp-content/uploads/2019/03/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540149.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540149.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540149.png
9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540149.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92ab3bc3d9bc6c228223f3393e594a6f05f00a85c951ff5c89957d84352fa74

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
9663
pragma
public
last-modified
Thu, 21 Mar 2019 05:24:51 GMT
server
cloudflare
etag
"5c932023-25bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8RXPT8Jf9FqnghV1uRRVBjtnBMZGeoczOaNYw3He9A1ymjCNKmCrlQEk863MwEk4xkcEHTjrSuLtROS6IwXpwiOugfoIUsWBSKtR8kfVaxecjr06Zd0aQPAeOujAYKqm2%2BdN%2B5NcnkloZmqdsNhBwiRvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9bcfb232b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tIiepBJEXrWowdwalKCLgcRB30ul5A%2BrhhkV1nywifwudG8lFK1w2ufiVxcTb1T7o4SrNzZ%2Fr7R2n0Sv75CAhawRSQGCMikXcBmLkoGiFQmMyO2jy85ZnQn4APRNtip8DxDaxlWe6fT0R7d6yLbpSA1"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540149.png
cache-control
max-age=3600
cf-ray
6d092d9b18eacdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
flag_mali.gif
kooora4lives.com/wp-content/uploads/2019/05/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_mali.gif
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_mali.gif
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mali.gif
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mali.gif
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b2999c6aacdf476178e78cd8b61b57b7a5e2249a813a1ac85ddd01cbe32703d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
2168
pragma
public
last-modified
Sat, 18 May 2019 13:29:39 GMT
server
cloudflare
etag
"5ce008c3-878"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=br55UOMy2eq8cK9bKvvkrBDzUvwFbnIgRVdahQFfrsD0ZTpWBI7fndiikbX38l7wDpp%2FdqxzY%2BqRRk22QyQ%2BzegKKEJivdzfISTCu8tF3RrzTp6%2FXZwqY%2Bas8pdptCj%2FMBwjO0yojh0lUEgOYjkOoBlIEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9bcfb332b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=je8UCjeAWdcvBfD57YDsOyWfSuK1YeSlgyx0YYzc5TvyUGyj4bF6FnvGNPzq58H22%2FSs%2FtVuqZakzCjQVTkquSWqR5tfNpRlsVvnnGt9MX%2FT%2Bz37KO50Vj2nZ6CCtKBV4hqMRY%2FN3dq41BVAOnKXbtRo"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mali.gif
cache-control
max-age=3600
cf-ray
6d092d9b18e8cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
flag_mauritania.gif
kooora4lives.com/wp-content/uploads/2019/05/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_mauritania.gif
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_mauritania.gif
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mauritania.gif
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mauritania.gif
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d70cea0d76ca385b047d6b092fc480fa521f2cf38c9d50dabfcb1c7433ec83

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
2508
pragma
public
last-modified
Sat, 18 May 2019 13:30:14 GMT
server
cloudflare
etag
"5ce008e6-9cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDzpOfvu999ScP7icLNZWtR1U7y9JBVPMvG7Y7%2Ffs%2FEoW3cz9yy5lRiuEBFK99WSUiTcMcTF%2Fa%2BS8Rf%2FIlgSqJStLjeWOomreH1S8xoPcHkns%2BIwE7%2BStQv2irNyoI3CeP7X6cwljK1xknRg%2B53YQk4e7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9bcfb532b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESxdVidIQ7sNK8oehe7Dnrb6ePA3Hz9aSI1Dak2rw3m91WZ0CYgIT3Eovyu4O1wYSzwxF46aIJsqLB285mxrFTYGXXXXyjdm59LT9wpevbM%2FtczUApx1fpSm7gG0Syqv3lr%2FT1W%2BLCQp%2B4fgTT1%2FzUuu"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mauritania.gif
cache-control
max-age=3600
cf-ray
6d092d9b18eccdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
180px-Arsenal_FC.svg_.png
kooora4lives.com/wp-content/uploads/2019/01/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e045ae784a5912fe98bb81005bbfaa36cef097b6a2bdd4ff1ce2fe915ac8ce8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
28245
pragma
public
last-modified
Fri, 04 Jan 2019 13:35:08 GMT
server
cloudflare
etag
"5c2f610c-6e55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhmFJ5hq2OcVv16BSNmWqfwTmM0VB9v4DeC3RU25VHPAdd%2Bhn4Y2HHnXPurVQVkjWzi3RBeU%2BgJofz13SXLaPqPTOrBRIOdZFII6si%2B%2B89ITqoVbeRCDp6dnn74Fb6BnMy6nstgPZ6l8IvDRwO8%2B7JtPpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9bcfb132b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmDvVZx8bH2A80V%2FRCe9UrRJdhLNudYBS2zfKjBG%2FBoJBe5IwZGwzkg8AZNWUuiGbfnWo8UvNidXYtdhotHJh6VvjOm%2FGwbVCxm3CD4%2Bd0p3Dkg4HajO2gWk5I6NFgg6Nm%2FChR0s9wafZvTv7NhLxJne"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
cache-control
max-age=3600
cf-ray
6d092d9b18eecdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
download-4.jpg
kooora4lives.com/wp-content/uploads/2019/01/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/download-4.jpg
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/download-4.jpg
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/01/download-4.jpg
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82b64ae5dd223c48e3cdc24f760779017667cd421b807854ad94fd79c5d405f8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
8472
pragma
public
last-modified
Fri, 04 Jan 2019 13:31:27 GMT
server
cloudflare
etag
"5c2f602f-2118"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hfgf1EOo1dgswr5V%2FLq8RbdODNCCNy%2BtmIHUggIJwQ0mPPwKeZPpV4lDzP5qhxMI8Ummx6wLrjM1x0mYcGX14dBkm1LuAUP9fNWj40S2hva6X7FYvoY2ToB9VumIQHsUulbqqd3JNsTlaNtMoh0Df4IAhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9bdfb632b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHta%2Fv3tW8TlDDclEA4z5e9s2WdSsuHo58%2FEuvmp08K3RtZEbtyfU3nBI1DMFN8mEiyqVFQLBcvoP%2FykJNcLvr0jocBbcU5pfn6e4z6lC5666HEOvqjNfzGFXuzNTjqxfSS%2Bwifk4u60p%2BrL656HJdtp"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/01/download-4.jpg
cache-control
max-age=3600
cf-ray
6d092d9b28ffcdc3-CDG
expires
Thu, 20 Jan 2022 16:01:26 GMT
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/Kooora4lives.comdynamic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56924929e5205947c5045129c84ea494804b2f5499bbf3e65b354d7949f1cc5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26987
x-xss-protection
0
server
sffe
etag
"1107 / 34 of 1000 / last-modified: 1642680294"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 20 Jan 2022 15:01:26 GMT
adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3995
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7068
last-modified
Tue, 02 Jun 2020 09:04:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvKQHvVb0Ld%2B0VC0DU5WURanEwxiEogIeCeHD1YUXnnG5MLwTXcyHL8wBL1TerXGJsD6ppp9HEGz488LgBGG3uZ8z6cuh58o%2FuTLOUsA0as3PQimyhg5aweJU1mhol2ciJueaTv%2BfBfMLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d092d9a7aaf3afb-CDG
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150096121-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
20
date
Thu, 20 Jan 2022 15:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 20 Jan 2022 17:01:06 GMT
hb_501006_12923.js
player.adtelligent.com/prebidlink/ex19013/ 		391 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4lives.comhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
a73b8ae00adc888a638c853eaa5ee849e50c8727abcfc869f1a50b30e1a595f0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 18:45:07 GMT
server
nginx
etag
W/"61e5b933-61cc4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 20 Jan 2022 16:01:26 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180301/ 		283 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8605854106910601&plah=kooora4lives.com%3A2096&bust=31064158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9133fe1a7630c487f6ea8394413e817da57704752528bfe55ac697912e385747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104352
x-xss-protection
0
server
cafe
etag
8349083059818332163
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 Jan 2022 15:01:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/ Frame F2F1 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220118/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Wed, 19 Jan 2022 15:36:19 GMT
expires
Wed, 02 Feb 2022 15:36:19 GMT
cache-control
public, max-age=1209600
age
84307
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ghb.adtelligent.com/geo/ 		125 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4lives.comhead.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
24b5c098ed380a6c809c5c49645d67dc3f11cf53158910a5bebb71c4949b6dae

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://kooora4lives.com:2096
Date
Thu, 20 Jan 2022 15:01:26 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
125
Content-Type
application/json
tracking
ghb.adtelligent.com/adunit/ 		43 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=501006&site_id=12923&full_page_url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&adid=n3qo95.sn&vpbv=0861&lifecycle_tte=972
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4lives.comhead.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://kooora4lives.com:2096
Date
Thu, 20 Jan 2022 15:01:26 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
pubads_impl_2022011406.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
824ac5f673120aab41919b661d3bd8d1c4344432eb125db449e776e154dd5768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 06:04:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32228
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121035
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 00:13:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 20 Jan 2023 06:04:18 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		212 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kooora4lives.com%3A2096
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
41ff90d2b5010b96788d7cb2c0715baf52735f7dc9d13d4e1b78384af4a09f85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128
x-xss-protection
0
expires
Thu, 20 Jan 2022 15:01:26 GMT
Elche_CF_logo.png
kooora4lives.com/wp-content/uploads/2021/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2021/08/Elche_CF_logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996ae51c16366f266170fc08ede7364cb5696ed15e01b047301e15a5cfb37d6b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/m2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
25396
pragma
public
last-modified
Sun, 22 Aug 2021 08:34:20 GMT
server
cloudflare
etag
"61220c0c-6334"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DJ%2FnxakpNWYypJ9IXw1FjlUjH9bzBygKVOn2CZmq%2FsimU4wmOcc4OE5Ua6U1CK1p0IbeLETol4BIQmhxYGNqQ8OiBJWs3hWZNG3vSpCtBfm3avFSK%2FhpCUMsG%2FgIYrwzYl6pYIbZhA%2BT9GRiOmZHFJ55Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9acd9d32b0-CDG
expires
Sat, 19 Feb 2022 15:01:26 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2126848952&t=pageview&_s=1&dl=https%3A%2F%2Fkooora4lives.com%2Fm2%2F&ul=en-us&de=UTF-8&dt=%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20kora4live%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20%D8%8C%20%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1010146834&gjid=1608574265&cid=1668863241.1642690887&tid=UA-150096121-1&_gid=1091771870.1642690887&_r=1&gtm=2ou1c0&z=2063361079
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		220 B
421 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=kooora4lives.com&callback=_gfp_s_&client=ca-pub-8605854106910601
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8605854106910601&plah=kooora4lives.com%3A2096&bust=31064158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
217b03a8e0836c70982d6240dea80133667a0c9fec9ee9764c9e8195293bb93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=kooora4lives.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8605854106910601&plah=kooora4lives.com%3A2096&bust=31064158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8605854106910601&plah=kooora4lives.com%3A2096&bust=31064158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 383C 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8605854106910601&output=html&adk=1812271804&adf=3025194257&lmt=1642690633&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886754&bpp=4&bdt=405&idt=162&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=203
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8605854106910601&plah=kooora4lives.com%3A2096&bust=31064158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 Jan 2022 15:01:27 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 Jan 2022 15:01:27 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8605854106910601&plah=kooora4lives.com%3A2096&bust=31064158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0920e44f96b6b9314c0ec0116527d78de9e862c73957ebaec7b283f986c26234
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9137
x-xss-protection
0
download-4.png
kooora4lives.com/wp-content/uploads/2022/01/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2022/01/download-4.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
382f703fb24619e3eb3839a00e603b55da65dbda0870eb3bd179ebceee43799c

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/m2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
1443
pragma
public
last-modified
Mon, 10 Jan 2022 05:30:06 GMT
server
cloudflare
etag
"61dbc45e-5a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqX4LPyuwqm2qN0ShXSEWSpbPNNre1va1%2B3xNvF%2Bjq3ji8rUwI8G0DLJvrT0QSQvjOV4jHLbrgGDwbo%2B5L%2Fq1twjFLIrk6TPGb4qRmX7gHGWee9O6MKVmVeD%2Fd3IKlN1n4hDBsqynNjU2pCsdyz46nfSrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9bcfaf32b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 870D 		77 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8605854106910601&plah=kooora4lives.com%3A2096&bust=31064158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f74e838046f6ce24516714dc9a6e4d0eb4b5a11cd2e908b2112848aae36d7238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 Jan 2022 15:01:27 GMT
server
cafe
content-length
26687
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 Jan 2022 15:01:27 GMT
cache-control
private
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=528015584665734&correlator=2730185589185883&output=ldjh&impl=fifs&eid=31064137%2C44757100%2C44752585&vrg=2022011406&ptt=17&sc=1&sfv=1-0-38&ecs=20220120&iu_parts=21715635079%3A22630893834%2Ckooora4lives.com%2Ckooora4lives.com_970x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250&fluid=height&prev_scp=excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1642690887115&lmt=1642690633&dlt=1642690886349&idt=679&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=100&adks=667468269&ucis=1&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&vis=1&scr_x=0&scr_y=0&psz=1100x0&msz=1100x0&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6994349fd4c8a98461fe0fcc61ede177d984f21e38e89a30ba9e1254a2692952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12131
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		92 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=528015584665734&correlator=2199570424260658&output=ldjh&impl=fifs&eid=31064137%2C44757100%2C44752585&vrg=2022011406&ptt=17&sc=1&sfv=1-0-38&ecs=20220120&iu_parts=21715635079%3A22630893834%2Ckooora4lives.com%2Ckooora4lives.com_970x250_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250&fluid=height&prev_scp=excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1642690887121&lmt=1642690633&dlt=1642690886349&idt=679&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1675&adks=8585039&ucis=2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&vis=1&scr_x=0&scr_y=0&psz=1100x0&msz=1100x0&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=true&fws=4&ohw=1100&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
af0f1373dbc18a369b4455f527dc92e8f8b38504b655ab993074cb3a8cf45d86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35431
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		83 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=528015584665734&correlator=128287387912047&output=ldjh&impl=fifs&eid=31064137%2C44757100%2C44752585&vrg=2022011406&ptt=17&sc=1&sfv=1-0-38&ecs=20220120&iu_parts=21715635079%3A22630893834%2Ckooora4lives.com%2Ckooora4lives.com_728x90_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=excl_cat%3DPREPOST&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1642690887124&lmt=1642690633&dlt=1642690886349&idt=679&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1675&adks=2308764921&ucis=3&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&vis=1&scr_x=0&scr_y=0&psz=1100x0&msz=1100x0&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=true&fws=4&ohw=1100&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e99d78b65478de19fbb451857e3bf5d513862758df1f5906537c248d6e610293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34760
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		109 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=528015584665734&correlator=1402931316148698&output=ldjh&impl=fifs&eid=31064137%2C44757100%2C44752585&vrg=2022011406&ptt=17&sc=1&sfv=1-0-38&ecs=20220120&iu_parts=21939239661%3A202189885%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1642690887127&lmt=1642690633&dlt=1642690886349&idt=679&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=239510233&ucis=4&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a79412760347f066745387d92f0db41a48c1fe0f5b9a4ffcd2c9c6269149d48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
218385
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27097
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
331306
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C28 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 20 Jan 2022 15:01:27 GMT
expires
Fri, 20 Jan 2023 15:01:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022011406.js
securepubads.g.doubleclick.net/gpt/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022011406.js?cb=31064137
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
85a48d7292aab406c9b1673ed11fb440224c01635a238b82af5081939308d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12963
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 00:13:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Jan 2023 20:33:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201180301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8605854106910601&plah=kooora4lives.com%3A2096&bust=31064158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jan 2022 15:01:27 GMT
config.json
player.adtelligent.com/exchange_rates/313490/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
722efbeed2dbfce21c71b9a813139f505316f2c37e8da88b7d6b9c217c452355

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
last-modified
Thu, 20 Jan 2022 12:01:59 GMT
server
nginx
etag
W/"61e94f37-2239"
content-type
application/json
access-control-allow-origin
https://kooora4lives.com:2096
expires
Thu, 20 Jan 2022 16:01:27 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
localstore.js
script.4dex.io/ 		483 B
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx405249188a46458ab6884-0061d5ef52
x-amz-version-id
1638788436623244
x-amz-id-2
tx405249188a46458ab6884-0061d5ef52
last-modified
Mon, 06 Dec 2021 11:00:36 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzNNBCdXWZskQi2cqA8nvkNT5%2B2RlDyvrOQF7Is30O7jOBe%2BCFYEHjsNBPFnmlcsbvMJXlTxp709T1l5lkkuheJ8U2ZJfaUjKlvK%2B9zqkEJUPBzpH0YN06cA1senbnZCIiCKfJjk1ZI7YKVf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
6d092d9e0ac40810-CDG
expires
Thu, 20 Jan 2022 15:31:27 GMT
prebid-request
onetag-sys.com/ 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 20 Jan 2022 15:01:27 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e9fd472877b5a58bcb188c57bdb556d7f080972594d1f36a37ed605cc8fdd02d

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jan 2022 15:01:27 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://kooora4lives.com:2096
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=37503802624
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:26 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
hb
ssc.33across.com/api/v1/ 		60 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2f17ef18482613d08503762b07982f005c4aa383db0ea284948028ca039ca72a

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2f17ef18482613d08503762b07982f005c4aa383db0ea284948028ca039ca72a

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2f17ef18482613d08503762b07982f005c4aa383db0ea284948028ca039ca72a

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2f17ef18482613d08503762b07982f005c4aa383db0ea284948028ca039ca72a

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2f17ef18482613d08503762b07982f005c4aa383db0ea284948028ca039ca72a

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2f17ef18482613d08503762b07982f005c4aa383db0ea284948028ca039ca72a

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2f17ef18482613d08503762b07982f005c4aa383db0ea284948028ca039ca72a

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2f17ef18482613d08503762b07982f005c4aa383db0ea284948028ca039ca72a

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		60 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
2f17ef18482613d08503762b07982f005c4aa383db0ea284948028ca039ca72a

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
spa_real_madrid.png
kooora4lives.com/wp-content/uploads/2019/01/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/01/spa_real_madrid.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/spa_real_madrid.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/spa_real_madrid.png
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/01/spa_real_madrid.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
22271
pragma
public
last-modified
Wed, 02 Jan 2019 09:10:38 GMT
server
cloudflare
etag
"5c2c800e-56ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqu6ZTRFnW6ROrHobQH4f3wr4hd8oJHl%2BhRIZMD1zJQeWx1kk175ydtEtv1axMe%2Bkl4edlf6M31Mx9147Sex4T8ty5IeVNdS%2FkZG%2FHbnpweol1a2bJwMU%2BJMbPNpm8NKbZOD%2BVeKbYXBP2YXBdnFOXDTqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9e5cd332b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q75a5fs3Zb2Bmbu2Faeq49Uh5ovCJG4Ieu%2FSZamsGfJAJxWOsVvn6U4iRA3I1%2BGS19bJrnf%2BDC7OKA%2FxqdDZmLGgdXRo4Cx4tgmMcwCirskO6Os0HAuM5AOBEvEXJK9zacc1GmoDc0DdbK5f6KDDX0JG"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/01/spa_real_madrid.png
cache-control
max-age=3600
cf-ray
6d092d9dfdd8cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
1377539691.png
kooora4lives.com/wp-content/uploads/2019/03/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377539691.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377539691.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377539691.png
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377539691.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ed5a56c130b285752202178c582130791187991b1da780bc8b863cd435926f

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
4644
pragma
public
last-modified
Thu, 21 Mar 2019 05:29:31 GMT
server
cloudflare
etag
"5c93213b-1224"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLtBxQaFQIHo6st0mIavuknjti9mERy%2Faiua%2F%2FC73FGvLaYmWAGAGzePuHDkqP30Tk6%2FGI%2FMHnbFCtJo1XeedMZKE0mjS7z9KqbgQmxmIVCB%2FFXXWuupwN14xe5CUXzY3eENt9I2eDmOuW1IKfodWn4bsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9eada432b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCgNOk90TPMRPoZzgdPYaeJtItC2a%2BScctHI0KM4HBL8YzfLMaoTLgB6EuSD0SGUt11%2BdlEc8xyCez8tyO1TKFa1CBBhrmdWQgqCoDywKMRGR%2Fma3Bh%2BPKuanUJNx5JBjdnWI3dPaxQOO2yhEWT8x9P%2B"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377539691.png
cache-control
max-age=3600
cf-ray
6d092d9e4e8fcdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
49_14-12-2016_1393271588.png
kooora4lives.com/wp-content/uploads/2019/08/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
411af3a0cdb161d363fcae09436cc4c53d783bec45b0dade1214e071f600acbb

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
4933
pragma
public
last-modified
Fri, 23 Aug 2019 23:15:46 GMT
server
cloudflare
etag
"5d6073a2-1345"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1893cTgwCTqgpgRVR95htjHGQN4C7er9p8snVof7TW0zJdI0HeSEMwgCrAhAnehNfTXJKf%2F8oxjegP%2FnX1BTqI7v0lPodZlENSt6iVWb%2FOviBM6sNMOXnVqDV8vrV6UIQMHuljnNLr4c2QOL9B9ou7RfFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9e8d7932b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7pDRjpSX0VLQRJb2%2B45myn20r4641o4HfHITZyVQDjH3Kw%2FOi3xKCusjWpiOkrfJkShCeDs0BSvS7sYK7Y6XQWlitFQqD53Ib9Yb6L4%2Bh6jbCphjPlVKwFbULA4m9JV81A99f7NKMVsvUsrrdmuzsbd"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/08/49_14-12-2016_1393271588.png
cache-control
max-age=3600
cf-ray
6d092d9e4e88cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
1391639116.png
kooora4lives.com/wp-content/uploads/2019/01/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/01/1391639116.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/1391639116.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/1391639116.png
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/01/1391639116.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fdf6a4b7aa94a34317ec47cf2be6b143d9b72649c74f2062ad3da60a32da3e2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
8845
pragma
public
last-modified
Thu, 14 Feb 2019 04:58:39 GMT
server
cloudflare
etag
"5c64f57f-228d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jB%2B%2FevqWt6zd5HKSm3c78ZCFQqKAy%2BArC7ZosNaNp66I4VIXGUrkW%2FAFTRDE%2Ba1KGCWFP8PIsDcLBU0pfQ6SpZgdJEhE2gW2aK7vRii4lopA%2Fl%2BpDlhT8wDBJzlRCmKpEb2AF0gmvPFKrTWogMhgZwMd8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9e8d7032b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9Fs3OBeq%2B5ZeJzaFzHSGT3%2F1TN6z%2BVoEYNVDaN8JDbLf1cVKd%2FPqB1NmQY%2BFJ9VPqoz5j4KcwgAn7XSfsNGPnGTInNa8%2FzHbo2zqrP4giNlRFeWACXQu2tW0n9vX9Q7j8C%2FAmKe6FeURkxktJEaYrkw"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/01/1391639116.png
cache-control
max-age=3600
cf-ray
6d092d9e3e56cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
1377540405.png
kooora4lives.com/wp-content/uploads/2019/03/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540405.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540405.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540405.png
7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540405.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cba9a0da2b12b2dbe86f13086f1231e383dcc2b287223db94b8e3582a6ee2887

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
7458
pragma
public
last-modified
Thu, 21 Mar 2019 05:21:01 GMT
server
cloudflare
etag
"5c931f3d-1d22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bweQ8hPZIQ6KrGbY%2FMiMgBVJ3%2FR232WT5YaCIQBEhNpnLo7sY5RM0RQnzVrv6i%2FASEYikGQSryw2CjWuK5YFlyruI5vKN2sN5Yxclkyxb%2F30idKKNqUjU%2FXW3rBM%2B3XyYSVs2RCiRRzxhS9FZ6KjGD7h%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9ece1032b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feA%2BvPyQu4TmOHCSkMdCBn3Ii8duaNlRmXTlGjRifGb6%2F8WQrwDEvNnxXZnigNWMAimmCi9wgzwIq3lrtsoHwTEA7x6ebiao3%2FEarxuphjmlz7%2BU11YmPK1687uYRJ2uYa4KWEASYLf9sp4LdJ40zE68"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540405.png
cache-control
max-age=3600
cf-ray
6d092d9e6ebecdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
1377540371.png
kooora4lives.com/wp-content/uploads/2019/03/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540371.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540371.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540371.png
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540371.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc452287bf60c2137af690588bd2b455b1e2a798f9dad0453ca56e7b8e336e2

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
3198
pragma
public
last-modified
Thu, 21 Mar 2019 05:30:36 GMT
server
cloudflare
etag
"5c93217c-c7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FAy6AXSa5ClKMYbJ3SWHiWQSMkqhbyjTA6rHRS9HbA46SsUiJFTmAPG%2FE1dAQ0iLXS2RNfo3AWusH6ljsYigdXM2UN4uUx5YtwKwfskYvEIDiSyISDTVpi27THyYHw00fhGLKFn0mO0UCmP0cniDWwE7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9e8d6b32b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=890A3klC5r2LLwu6mG1HIpPuLT0rLqV%2FTPNoGfm%2Bf8O3YPGuP1EwKC%2BWGMkK5XZnOMeauTpXIAXb5OwU52SsjJmi6vAIakZDcd677nYhPlfeSLitRq1jXT4FJuOtt1%2BWgc2HnEKrVZA7pZlqDjmqzgYP"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540371.png
cache-control
max-age=3600
cf-ray
6d092d9e3e5acdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
flag_cote_divoire.png
kooora4lives.com/wp-content/uploads/2019/05/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_cote_divoire.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_cote_divoire.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_cote_divoire.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_cote_divoire.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876744a14c03d98eac7ef9f8a669805bda6e49c10102acddef6d11261244fea9

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
3256
pragma
public
last-modified
Sat, 18 May 2019 13:26:25 GMT
server
cloudflare
etag
"5ce00801-cb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHdO%2F0uz464QeFGPwdRERiLqEgfdPKo7%2FXFlBSP5%2B1rbfzU95YCV45fSLQwf2MZP3TXGvHu%2FQaf3wRjDDDjkbnQ35077zwXDqqwf7T1ryWIHnMFBd9W07WVAUp78ortiki0ZKR0ey6eiMDDThjZwzgbXpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9e7d2432b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFPi5i0Ddu7Wkf0rgmHBJ2CvCeZQwvemFyfoBxMAA9bmsBwVVCe3N1%2FMrwThdTL7AK5kKfCknjBbGCLWpLrpFHSF64mHgdA8T%2FK0gM7Fba2qjjiUJQ20Bshq4jVnqHYwMnxNhOVlEWBTsS5LWraD6pYQ"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_cote_divoire.png
cache-control
max-age=3600
cf-ray
6d092d9e3e59cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
flag_mali.gif
kooora4lives.com/wp-content/uploads/2019/05/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_mali.gif
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_mali.gif
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mali.gif
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mali.gif
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b2999c6aacdf476178e78cd8b61b57b7a5e2249a813a1ac85ddd01cbe32703d

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
2168
pragma
public
last-modified
Sat, 18 May 2019 13:29:39 GMT
server
cloudflare
etag
"5ce008c3-878"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1ZDPQEEVSPKwzx1DIJq2erVZsqQ3eGjHkI%2FCBodkqLufYYLkba22VpmlZEQybeRRQVOmyIi2DHFpOOzKF6wzV8bvvhQM5CGVIxQ%2BXX8rsMvz4ZHQrsYHYgzxKaVUc8irBSuDoYK0gVBxTxUSTUvOZpLqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9e8d7632b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwyhz0BbCVYy%2BjzIIwMoiVOKk%2FhNEDWM2r%2BPar09keYTAT%2BkhZWGfo4%2BlmjbfQL09iRoync0Zz0zgMUzbk85oQAR9C7v0epYm7EC83XfLb8kIZf67tFjZ6DFNSzvPzn%2FhQhfFJDFTqjeBi69qJtcePGJ"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mali.gif
cache-control
max-age=3600
cf-ray
6d092d9e4e8dcdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
download-4.jpg
kooora4lives.com/wp-content/uploads/2019/01/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/01/download-4.jpg
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/download-4.jpg
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/download-4.jpg
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/01/download-4.jpg
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82b64ae5dd223c48e3cdc24f760779017667cd421b807854ad94fd79c5d405f8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
8472
pragma
public
last-modified
Fri, 04 Jan 2019 13:31:27 GMT
server
cloudflare
etag
"5c2f602f-2118"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaGN3KLPRtjsYdsHxnCXwtWglIRUz4gUUOc2sThoyebQDcD38ihX22w37MO8vZArGFsYwsbzXHmrBpoVpYgpxGBwYaNv1vtvIoX5hPBa4HvsXsWF1eszXgnVDAaM8RzKdmTsmZLF%2BuQHNjDfeEgiAAKAzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9eada932b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9in1JoQiLkywgHlyyuuv28OQ1LUS98NCIqQ3YQG3QtqTSnMdiU7xjC6MMOTw3Xjc6p%2BcPsPc02vk7lg7F5C1g8eUl%2FP2HFj02MrNv4IU176ER5QACd91%2FRfju7j%2BIuAW%2FhRWJjf2pK%2BuLTrBnEdFWXw"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/01/download-4.jpg
cache-control
max-age=3600
cf-ray
6d092d9e4e90cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
flag_mauritania.gif
kooora4lives.com/wp-content/uploads/2019/05/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/05/flag_mauritania.gif
  • https://plus.kooora4live.net/wp-content/uploads/2019/05/flag_mauritania.gif
  • https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mauritania.gif
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mauritania.gif
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73d70cea0d76ca385b047d6b092fc480fa521f2cf38c9d50dabfcb1c7433ec83

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
2508
pragma
public
last-modified
Sat, 18 May 2019 13:30:14 GMT
server
cloudflare
etag
"5ce008e6-9cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIyZjBmglulJSNWrQNqji13yNlZ3yr4Logyu%2FtP4L6cBH83fqb6nnrMoIZfsS7DYLXCKZIVZ8j97NyKMbvU2xkWGlV3x%2FGc7VHNqEvgiPvkoeOq89yoJ%2FF5MteLOuqxS%2FQUp3mNIzcdMZItsVvuEIkAP%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9e8d7432b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8ygS6uKhNe%2Fq0hfpznWtnvVYUPTtz8KQVTq8MHSfn%2BuD1t%2BbBGuzhF0ApaZyShDqHZ6%2FqyynuzbIy%2BCgsj%2Fs6y9pn9QU7ZaGfgUjmL8Ch7Bp%2BabxGJpz%2FXRk74uO7%2F1pcKcTNAjzR8mA87Q%2Bj%2Fo0VsU"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/05/flag_mauritania.gif
cache-control
max-age=3600
cf-ray
6d092d9e4e85cdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
1377540149.png
kooora4lives.com/wp-content/uploads/2019/03/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/03/1377540149.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/03/1377540149.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540149.png
9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540149.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92ab3bc3d9bc6c228223f3393e594a6f05f00a85c951ff5c89957d84352fa74

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
9663
pragma
public
last-modified
Thu, 21 Mar 2019 05:24:51 GMT
server
cloudflare
etag
"5c932023-25bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3BBAjQinAxwyMepC67HXOcLdMhmTEAnvqfHJkuzkEnOjUfZmu2aLOwf3kbkFecuMSVKKoZzM7yKn%2Fhziorla4eQubqovckrJYdFvQHYp5IU508A0YCzG2zhO6j%2Fvs3ALj4DNKIyM%2BYIFKlE06XrhdoFPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9ece0a32b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmVy5JEJsrGzRuIkI0JBsRIBRbUJMpLUI8gGiRlqIcsmsYp9qePi1zjIPDm659rUzHyrtTXNTN4FfUvX%2B8CJcdFcWO%2F%2BaPixeOdWFrF3sAW6dMr5rM%2FuCGxbyFO1KUmZtsIgNouvs5OxGVnog1Ab%2FUeD"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/03/1377540149.png
cache-control
max-age=3600
cf-ray
6d092d9e6ebfcdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
180px-Arsenal_FC.svg_.png
kooora4lives.com/wp-content/uploads/2019/01/
Redirect Chain
  • https://www.kooora4live.com/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
  • https://plus.kooora4live.net/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
  • https://kooora4lives.com:2096/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kooora4lives.com:2096/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
Protocol
H2
Server
2606:4700:20::ac43:4740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e045ae784a5912fe98bb81005bbfaa36cef097b6a2bdd4ff1ce2fe915ac8ce8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
28245
pragma
public
last-modified
Fri, 04 Jan 2019 13:35:08 GMT
server
cloudflare
etag
"5c2f610c-6e55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IG27%2FU7pq0CgXq9ePBkXfRgfvub%2FTbboOulOirBetGJvRCKPleLP8Qkb1SSaDWe%2FdbBoM9qSeJT%2BqNbkpQC9eeR3Bmbvn8aHEhGr3vOFiecwJiy1gnzPtfV7wTiex0XjmtuZ3qpM3HUs%2BaXaTL3dHeIYPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
6d092d9eada832b0-CDG
expires
Sat, 19 Feb 2022 15:01:27 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSa2HOBDhc%2F3%2B4eeEm7sCbD7oMa6HbMNMeyhNMkSW9aebfoTvtTUxrX%2BOp7TeiOYqLOUqMuwLD2Ql2gwXfNT6FHaQUmnRqgnhSMgJhGUVC3YI4%2Fvb4fb9RHXa4FPB%2FWeAQHb2QUmgkjZeYutl0RbiAk2"}],"group":"cf-nel","max_age":604800}
location
https://kooora4lives.com:2096/wp-content/uploads/2019/01/180px-Arsenal_FC.svg_.png
cache-control
max-age=3600
cf-ray
6d092d9e4e8ccdc3-CDG
expires
Thu, 20 Jan 2022 16:01:27 GMT
css
fonts.googleapis.com/ Frame 870D 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 14:39:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 Jan 2022 15:01:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jan 2022 15:01:27 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 870D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:56:40 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7225602784468347999/ Frame 870D 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7225602784468347999/downsize_200k_v1?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
970b650a8ccf222b9b239bcc0717130de60007c1b292167965b80f5b4c625033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 11:36:08 GMT
x-content-type-options
nosniff
age
12319
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52192
x-xss-protection
0
last-modified
Thu, 06 May 2021 09:39:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 20 Jan 2023 11:36:08 GMT
truncated
/ Frame 870D 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 870D 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/ Frame 870D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:59:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 870D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 15:01:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 870D 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jan 2022 15:01:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 870D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:55:13 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame 870D 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 19:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 18:31:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 19:13:52 GMT
adagio.js
script.4dex.io/ 		71 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1222678
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx3ac9ec52e6bc436fba1ea-0061adee81
x-amz-id-2
tx3ac9ec52e6bc436fba1ea-0061adee81
last-modified
Mon, 06 Dec 2021 11:00:35 GMT
server
cloudflare
etag
W/"d56fadf5a52703aee9982c415a17065a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VptQzKrQaM4d5zS64yd%2FNts%2FmAJYj3X3Tj17iEbk8I07JQfhDH%2FTwlGBCf3idLJ53c681NsNQ3tMruGCASQU8B5xSoyA%2Btl3gt58YqsinJSdsmhrGoM6WWqqd6P7FKSAN07lyrYpfPfjQIq1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1638788435319991
cf-ray
6d092d9efce80472-CDG
access-control-allow-headers
Authorization
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4237 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 20 Jan 2022 14:50:19 GMT
expires
Fri, 20 Jan 2023 14:50:19 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 091D 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
279aae1c2f60917f5633b97c8773832967c4ca84af15c809a525f0e726cf2928
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5v22DATXeh0mPuzXWEDQAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 20 Jan 2022 15:01:27 GMT
date
Thu, 20 Jan 2022 15:01:27 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5v22DATXeh0mPuzXWEDQAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7A28 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 20 Jan 2022 15:01:27 GMT
expires
Fri, 20 Jan 2023 15:01:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame 4237 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 10:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
103012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 10:24:35 GMT
container.html
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8209 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 20 Jan 2022 15:01:27 GMT
expires
Fri, 20 Jan 2023 15:01:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB27 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 20 Jan 2022 15:01:27 GMT
expires
Fri, 20 Jan 2023 15:01:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 870D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f37b30a99cae60beefd3f7146059f5f6d2b10ac9689d7507be429696f9ce529

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 870D 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
953f95177cf9d22c325e2c95b1ad88160975a71ed6ce0454f261aec4b13fe610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 18:11:45 GMT
x-content-type-options
nosniff
age
161382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17140
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:47 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 18:11:45 GMT
container.html
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 56D6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 20 Jan 2022 15:01:27 GMT
expires
Fri, 20 Jan 2023 15:01:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.ae/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ae/adsid/integrator.js?domain=kooora4lives.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		40 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=528015584665734&correlator=3479381181917460&output=ldjh&impl=fifs&eid=31064137%2C44757100%2C44752585&vrg=2022011406&ptt=17&sc=1&sfv=1-0-38&ecs=20220120&iu_parts=21939239661%3A202189885%2Capl%2Caplmcm%2Cresponsive2%2Cresponsive3%2Cresponsive4%2Cresponsive5%2Cresponsive6%2Cresponsive7%2Cresponsive%2Csky2%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9%2C%2F0%2F1%2F2%2F10%2C%2F0%2F1%2F2%2F11&prev_iu_szs=970x250%2C970x250%2C970x250%2C970x250%2C970x250%2C970x250%2C970x250%2C120x600%7C160x600%7C300x600%2C970x90%7C728x90&prev_scp=hb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Chb_rfBid%3D0%26excl_cat%3DPREPOST%7Ctest%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3D021c6d3e5405527a%3AT%3D1642690887%3AS%3DALNI_MZpZxpwvqOlR3hS7dhbECY39Z89xQ&bc=31&abxe=1&dt=1642690887728&lmt=1642690633&dlt=1642690886349&idt=679&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=2236882750%2C4020262501%2C1704966600%2C2488029984%2C3604116806%2C886624018%2C3649763571%2C2695618550%2C1791824620&ucis=5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=true&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6e0870abf1eeacdc97db38723072c580b92e1709573a188d4c168e6e55a4f1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10143
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,5816136471,5504336788
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,138374459602,138326746042
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 74B4 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNVbsMwcVNMoqKSz1hvAM6xcDhUWG-wnZM0kQ8xfwebvX6uF77gcOUDMQlTgY1QATcWf7oArBs8PBEV34L-nU2MwfKPqVrciSEDB8qUAM8AExkDSCvnPAlw-9Cevs4gMvjsJ9vHGapPRJZnoha06QkrzFBNtloqTCz1dUf-nAnkbibq1q9Q
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 20 Jan 2022 15:01:27 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 7A28 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Origin
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 09:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 09:54:31 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/ Frame 7A28 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1932
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:29:15 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/ Frame 7A28 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/abg_lite_fy2019.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:52:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A28 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CMQWRjw_f3_yEEK15x1xhWBb1mTcIvK_frz_ydfOrJhOUHOFWe8_fkEyGIPHzAqM-ZeXB7haIhzO3iDG70l3z6roCZTuPpvt0e0BXHHVRmXTsbYbw
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 7A28 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/window_focus_fy2019.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 15:01:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 7A28 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:55:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7A28 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jan 2022 15:01:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 74B8 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNUUUOOnQ5j0vLvw6dBoJbq3RbLO2Wc6iGgBFd8U1B6T3F_yFBY0-Hu5w4W2kbO0VJ2O-3Z3c8z0tL_TQyhHOEv2znJARSdKKkX37-_GjYEOdjcrz4ylXqYGrfJWgNeb5ApPndVBF6tfZmWTP1nzYXlu081KYs-GS1Ez9axnQSInOg9Stm8
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 20 Jan 2022 15:01:27 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 5414 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Origin
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 09:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 09:54:31 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/ Frame 5414 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1932
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:29:15 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/ Frame 5414 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/abg_lite_fy2019.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:52:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 5414 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/window_focus_fy2019.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 15:01:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5414 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jan 2022 15:01:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 5414 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:55:13 GMT
l
www.google.com/ads/measurement/ Frame 5414 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0KYgnTMGZKYEteEDfqCIyumCilHWAxcKHbTMOrywkQ_6bKPnVx815-7cCUkV8C1SwB3KTRlDaBQ8KyI-DY70h1a4-3w
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5414 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ahjjrcyi_v-5GWQma1xU-qs83ByMpDMJuoJWPg0YCgR59nKdImSKwoJOBkV4speF8fX4hV5bMFxjY9TXK8_1PbGTS-El4OHapH662h7cxqXV_8ln4
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame EB27 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 14:26:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 Jan 2022 15:01:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jan 2022 15:01:27 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/ Frame F1F6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/abg_lite_fy2019.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:59:20 GMT
css
fonts.googleapis.com/ Frame F1F6 		8 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 14:27:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 Jan 2022 15:01:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 Jan 2022 15:01:27 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame F1F6 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
420947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Jan 2023 18:05:41 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame F1F6 		355 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 18:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
420947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125995
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 10:36:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Jan 2023 18:05:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame F1F6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:55:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F1F6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 10:49:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Jan 2023 10:49:41 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/ Frame EB27 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:36:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1520
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8104
x-xss-protection
0
server
cafe
etag
11153116566150069083
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:36:07 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C0E0 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxCciKT-AhjvoMS5ATAB&v=APEucNUABlBdn97bJmZ8k3tj7mI5DrQwEtdA2WaJ6WiPkGGkUu7PSfGyEa6EO-rSUwFGenCvKoPLx0EaQ4XyiFjv6QrAY9N1pWnEtPdC_Q2DCJaBhQyicXRsxeRsSMTEToeswBWwTJD1LKxEXmYm5-kXEByZD-5DJMMo4e6i1lc3UsvYFCz7F8k
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 20 Jan 2022 15:01:28 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C691 		12 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7eoOoYcVDtvptDUw_-e1OH6hxl6qgvkfjLhnaBfNo-VB724wEfgOk5TtVINmyrBBJw4AnmxKd_9CIy6a7yTYGqzQpRH1MNqyNEdpRhcRcDm6u2LcilrSPjeZjspoVb4V8ZRLbxV83qh8N060DoVBpc4Nu2A&dbm_d=AKAmf-ClYgm2x-mmK-lPsazUq5B6zkSPK0qZiY-6-8LJNk8hmaHOVHAGBzVbuth-_oMh7QzCrlLnyQBSLLJ-kkPDe72yrw_g-94WdfiXWCTm9suOjNQXuj9AGy0ICGdLAiONlAzKA0EBmRplwiayuJehNhW5Du8xdT6IlX3TPALCLs4UcX2bD3YA7QQsxQJQ--yzTDwj6h3HxkfOV_3LHNRVqOwIUE_sNqQBzf4ajFcrgY-dvOroyQmzfmMSxEuHE2EbE5_-IgJPThamWgrxgwyQeR-kbmPTbelsv9ZYVZBCq05OQh9CwJusnPAYb82hBa29gJcGeXeDjZyMze9xz_F2OkvsysEa0ClJbJXDL67FVShRWkPCcQXQhEiztTkree5zhFSs3ImvQHekfWPPRNYhh04HeNpWlZn5gwzvauRsJHZPvazfw0jLBXe-elyaePSL0HzZh6DvMN5PqJomhmXfsPHDZPTawVjfvctkkH27bKNKaeDcJWeFjBOZFqPeON8j7w_5-pEjW4RcmMtoxmZz4pnNwWpieNdG_lEhrtoPiwLebR_Aut_mjsmMrRIeMXQouixMGTuFCMmACsj3AHYWxDulYV1rgJynGeOTX6h8HncejKLcmCxwppaLittwtLG507-H37ehUlppjlVH8-n__8aWAOUnCsJQXwQgZo_OQdtg5KksCrwSE-b89QH5zXyShQA7xxjYgPiZrsymx5ouiwRBPbudbCUhKdDx1ZJ_khU2jEDLgPUWlBt4KZqg8xOYMyaNLulN8jET74HThB-ZACh7g4UegquEzuJm64MPgo0snR7nvdYeEXz_SHz2D_-H8hbGzJdLZlCcsW34u7z5NVfYXqP-D0cffrMpfnhJ8AcfIIrJwhZeu7XgTsmSSktRRPVULvP0y0KtMMw-sjT991d9GO_ttnc4pNN07tCJIqkEN4FGkmaea5AKttNh-uvTu7GD5S5YJTG5v9bnN3RC9u_Lx7fg2ORXSJ1vuUIiNOhjRkXENhJV5GVMd8Gf5WaHE0zpDxX31YgbSgP0RE2x0cGcqqIu9QtwTN_hdEdu9bO2OaFMR_GWEoPARGPpgOv5Nd15nf1Fy1oH3Vna41GenSNhOB3Kr9ZER0SPWKqFGD43aGcjk8fdAvQIPSWpZYe4tJM2mzWvwOW7qUEKSyKVcN41pF4hLTyaEv8Q_YDsuV_63FwW7Wxi06itXDoZ2Hdb6BGFio7NowebV23gvAV90HZ10zB3pCtkZpl0iQJKFkb06mP-bq_QNrPxUkjD0atwIvlcI8uY8W-YHZp9TUcm4-s5J63j4muzy3HM_NNCEJ-k-Q9L3Hb4-EKxIcAibB0nAZPES7HGymutm6hoOr2zwjm5UYRTJulsE-kZDGpUumXhZWVPORE6hMK7iHJE6bMj8Az7QYvILsOpY38hvhJA5IBejIM_G6txDvt4roN0iaj_DW9dUlb6tFbsyns5sUWteCCFfPYQAqwc_7m353t4rj8uz5inNyZhPkE_dXgLkA3MMfiStrTstdLQdjES_kT9wClmmTF2lF0WuZA0dGycJEUP2B-IYKccqJOmL45xO_ReDU8IhJj7DdvdihaHlDXUaElwU7hXeqHn1I_ZNqAAkCF48-h-q9IpKXQJxveoorM6iAaCtV9DS2m7rUTb1qSB38dmBVw8my4KsHuzBJpbmetCZOMBy4uRtOhLn5FK9eDkQk8bHgrBLMX3BMYPOLTFuneBhhK-xWLPZZAe_3gj1vyI5LgLnKC7CFE-EYvkzNhv3dEFORsGH7ZcTXcMzTzdI9_WDzX0B-KCFB7lZFo9WJoMclwaMa3fXz2qSjP91CCb_26hmhTzF7NXxfBrue-U8fX2N_0HAqLNIjqymLIxfNU9n05zhjmK7PTk3MmBgWzIfx4PctOpD2YKRKI42AuyC283Za6DaWHcHXFTUzSK__kWO_nT-OT8WpBkFltRfpvPECUry4iaPAP2YjEmaaoey9XtT953ORcc-eC-nnyGYTCBsJxZ7oZO0S76m17R_CseURELmVSaNK7-35wmUgdR-rHS7P8y4ZjIKIbVlyglAZM_RzzghrGPsDVtKCexbczp0pfReTV2zrVK0U0_09kyfNPuB9S6p-ReiU-ayUiy6iydnFxc6q-PptX7DXGiA67bTfRb_b7T5fUSYtCmMGefkGQzRb-773bTOb0x6D-x8fbVlMzB7eaFeL00v6DnxFFvO16hZ6eViTUjFo1DY8rk5LkOalGi900eFijfeyPnULykjmB8tnwch6XAhm-2xzO4hOMqU-knk4OCMO8f_mafXGGg_Dr8zQsNIv6nUOZZVD7F1zcMVRM5Mk8cqzv3z_X9Z9WSgX0l_OF0yOiy1J3-eGYNM45v60xobhDj6wW_Da4sS9VagcQVfCxMtWyEv2QGheInZLbsi9uGTUsTQY1kFBAQomFKm2V2n2VPtqk4J9NXGSvaqlO4qfGVpPiHH8G5QSLjsSZFl3q3RGqXdcEbrlB2WRRzS5Wr_XeogMxbJAMg0dZb3Zmy-VADN2GFK33e43-6XhMFFsQrl0Vrzb89sCozXLymzzRgA-49Ucl4gbisYOcpvA&cid=CAASEuRofnJv3bQYhMZsXqnnVzoovg&rfl=2%2Chttps%253A%252F%252Fkooora4lives.com%253A2096%252F%240
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a03487b6d86bd2f421b6008bae504b368cf68da068592288fa6156eb546bcf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9223
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame C691 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWrZQuC7a8ynEKTD0RxAbQn-v2V5ALaJ8b1SZ3wn1BFCr2SLM0&d=CnkAoCZ_4O5s6Pu1-qov1V93SH8nJcdbez81MEG2yx6_ZHTta7m3rTk_RcLUsC156sreP0Khdoc63jTC7jfoB_sYcvQH5vDcQgHElaTti-f3xfDT7bnbgNDYO5goX2aP1vvPimZMmT-Ko1ZNorlRBQUL2-F3a4dIeNeLEpkSAKAmf-A6kkFvt54gjltmQ7kaQugt9Bt9o9GYKPqjNDfqZoFVra1x-L-JKC9wbyKWF6PnujuFWuArTAOmX5yg5_mzxBbgMp50uz83wpdC8ceo9qOENv1sC8e9RjoS17w4mPXeuvqpYASK8IZqErfvrFE8DIgO6opP2VjTGZX2JIeiOtjuhY_3D5Q3786zHXcXjtT3jIhMaqHOKDZTLEhucjyTEATg5_tJU_qDGuhgWdS9QlH2yeTntjUlRauHj6MjA2-SmIOEGiA-4fATBWEAeYEHKWcnaV84XmqWx2w-YXrQR_XrMnU1HG4J8SRu0CZN3qb3BNquBlAb79r3Amq74dmVIm4oMT3PnmebYKQopNl_pn6-qZMOkYiC3bPlSk6ed4RXT8ELsE_6nlrPkUQUyqqcAN1Sp53ybLkpJ2leVBZG9_T83BEZQBINfQuIqVVf23bqPV9xUU86ZYOaiS7Db8467tgU2r75byKasiRhEIqyWgdMJXprYJ3TDVS_l1qNFs_nTaILiXxni_1a4cTZSgITg8KUsi19qtPNdgVER_T6shN7dRvRlSCg6lNGxg6v7YbW2qm_w2krKK-BvbFV-hFhn6mN_sMaMANbRLn2kJOpr5xdxxwzTdTudt_nvVJhis95VlZczAFHNkh6M113ZvGim0jKj_rcHkHk3DTzaN5M7yK6OttXKMhemSZ0U2ILkjjETE-sck4zc0qu39p7POfECKq5dgT6fJ9NRdLQMUjt_a2nH80FjWw_leKSK_83PxUqKJEKFi6q2yeW1vSS54Vl1prGxbZf4cFm8I-x77918RqD-H1VUDtF-wPOdRyzw2Jl_71H_f3j-n8gPWFH_vKjpArgQZOeNd6qmw8fBOq5nWxuvFAh5JY7CpEB2Ra4yLLkU7nS8J4VfEpwUWb65dubEPWkPQpi1EacW6GyrS7zwhU0nKfJ15-4qa76FdpmUriXqGfutU8y7Y9pk6yELsCkNrLOUQ07vxgC88CBTmcpqH2uHgr8221Pi8EpqEVlU0NIl8zVVHVGVZQEUghNtKY2urmBitkwje235Re-JITP7tAczsR6h4NQPl-USC9xiOPPLt7zH6WJi31Z5YmQhmZZBMY3sF4dfGSweW00iqOciPACLaeIVX8STrFt7eGLJqh69SfwfZjDr4CvHIkqbM-SWQuR8lGxDlhiGaIcBz5yoLSS-ly4WNaBnhTVt425ntTRUdozAxdaBANf42t89HxULKnGevy_Nx0Kbfn_FTJC4dGhdZTy816kowiIRnTkMZK_jiH7WK1DzCRaVcAoUriUMnnzgAjFT5Vj00SIDjHhjF5EHu9d9KnTgDoRrbSD9tseuSGSg-21CXaom68Ex7rAAb-uEpQpEys7-_4irq0rQ8vgUrW3230MgD9ecm2UOtRSdIeMy-1XR06wD2jsiU7Nb38lk7vCV21FCw5e3Lz3i5wUKrHkhSddPzBb2Z5xFZsHo8B94RP1FMMzad1Jyn0B91XdzITNZho5yI9cv_by54VL_eJxVWtBKYk2OWqYt8LFEKaQ1CHYyQyT2OXmc9UrEwvoe5EikTSrYpTe_J2kPURVrto7VhLVUX7mblIpF_dYGmeI3ee5dsYIU55ZELO-7dSw6229VdCAuDB4YxbtUPkHxDeuW0k42xfWi9Varm1COHyQzeQ6_zQJfkfbQWefKyQ-yuR5xpShcYk7Y71QA1YdvG09sdsd-_9MrLs79xmX9Q3SGCKY_fKqtn77aqx5-osTFG6zjP3yKKHQd3keAn-sQVW8_KWVmHkbIC-4Jyygx276vYaDVraoaRp_N5zitKQjjqDv6-JNGV9GymmNwXdHpkJwcncl6MKiSoeqOupQhyIb4f5qcoYlkzTrmHiyaID-SHn8UUtr0gqs2ioUaTwPSvIGJzVIXCiFOELadLMn2zdiHdZoeh6qBcqudXShro_L0A_R4wKuCZ4KdtjR2Du6VPyeJUYOf3ZTUMFbb2mICcjC5ge0TU6BnuO_RI3mAHYyl3QdNdWM50kET42TKQmyZHx8LwCVxK0Ap2Vyv5ehjK6uzaJ0u1xkwkTBRIFhlgJu2ub6LuG1PJwvW9QP78P2I3soLxeJsL5IZb90RZK03473lNEl1LQyqtOpLsmzjAwQnX7ntopIMTuWn7Bb2i87J-vt2D_oMPde-nFenpIUi9x2BzVuKvdE7RUSZm54pfCqwij9wLtoR7xaK025u3RPdi0lLL6vUwmQD-J6x1xsYxvIT2PLZjKPBiZdNuaY0hE6g7Hj6KOTk3MxsbVvc1VEb-Kj8W5ivGDlxnOhddcsUU2Ef8YcM0f4l9oStrLm5p0KS_5G9ZdKa_QGatOSrBpzI6nw6s9lQwqo4KoCjawnOurOklIFh8p6lmBmNCwjXZF0JciLT7hhvG4HKFdtv_gw-GY5UCsjErnG1ehNH3IYMhmjYKY5zWdKkoqfp9wmVAqNdl71oOZVsNDeLp5JwB7ztbvaOKHVD5izjJ1GIwe0DeroJ30Rwm2PEQiKgCLHOgE30KsWC4koGgXoe6272qQp3R7k9RxEMxgav-RECnoN9MF-bdM10s3hj8nmr8vv59xW5iAj9U5YUYgeNydXyFyhpJVPEAiQ6wDFy56lIPmqCJI2pwLLrNG-RtOEMAs8Yg50_fhqYwk_vE7kPnv1tEgOKJ1sH1Qx3l0E_upIhPAnCZQJlWpu7wlq5yT5tsm-MDde7S7bKiD-18YOIPXpYkZaszirL0ThlyAkOOIR0-CJj0tC178Knj0Z-MhW-lVURpKA8olJFmRFELRPIJjQOC3rA10qntXcxwuIbx_E1sC4sSi66WPynQzSEJ-cQwBH_ttSy6PmUjMeUuTRlffNFn2Ph1bYEzSfO00OOVcylMUz7MgWYIZ6nLCyUaI93-9vIHXhwCXL4R_EgQGb5tTvzlVfHB06-v9_DZ0WJ4oy3XLy6tsyRlHhx-07VLRTb2HCidUmjRxPj299sL22AzZ1uln_baPCyIydWCTFx9Ek0LEzo0-5Vi-dWFr4h1wr4C4GmdhGUWfRL3C1HoRy18WCQB_2uILBwisa1iUdHDs7QHm0wKjmbOdsCw4sBM-eXCRjzu5mkQPY5RoWCAASEuRofnJv3bQYhMZsXqnnVzoovmAB
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f157.1e100.net
Software
cafe /
Resource Hash
bf50ff33fc4beb3adef4d90e03d6b34cc1365b1a1c6beb7567f911d71293dae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20545
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
choices.truste.com/ Frame C691 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6e9b9252b60de82f3f3baf658de193f31ebfa675793f17a1a22f0ee3d1041051

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 07:05:05 GMT
content-encoding
gzip
server
nginx
age
28583
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
4dB_52bLrf-0H_gQzJsYBON7Ec5TkM791F_yAc78VKv4ZtbBoSMPjA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame C691 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/window_focus_fy2019.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 15:01:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C691 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jan 2022 15:01:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame C691 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
374
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:55:13 GMT
l
www.google.com/ads/measurement/ Frame C691 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRX2wNMq2RIFMiE33y_d8Mc610npXn5ZoEkokXg2DFuEBDQmQSJF2JuVmRT47vpzT4Ga-iky7qDMKo6gKLnxrW5jskOHQ
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame C691 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ALykjxG9wcP0V-_8AdQcArglFtb8t5JzYse-ZN4XHlp1BAm7BlHuqxqoRTTkt0S0uh-li5lOMqIX5yuf4gWD4OA7xWxlEyd_VE6dZ9AWwxyN3RDJ8
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame 8096 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4903453974745530&output=html&h=280&slotname=go4darsiapl%2Fbanners&adk=872605085&adf=3852535245&pi=t.ma~as.go4darsiapl%2Fbanners&w=1100&fwrn=4&fwrnh=100&lmt=1642690633&rafmt=1&psa=0&format=1100x280&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642690886758&bpp=3&bdt=408&idt=227&shv=r20220118&mjsv=m202201180301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6821901797134&frm=20&pv=2&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=2584&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C44753738%2C31064158&oid=2&pvsid=528015584665734&pem=41&tmod=1230012235&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JsLiwYQVOK&p=https%3A//kooora4lives.com%3A2096&dtd=247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 10:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
103012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 10:24:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 091D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220118&jk=528015584665734&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5414 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jan 2023 15:54:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5A68 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 20 Jan 2022 13:26:12 GMT
expires
Fri, 21 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
5716
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame 74B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxbI6xDApYo_f1j6pyAwT4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxbI6xDApYo_f1j6pyAwT4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNVbsMwcVNMoqKSz1hvAM6xcDhUWG-wnZM0kQ8xfwebvX6uF77gcOUDMQlTgY1QATcWf7oArBs8PBEV34L-nU2MwfKPqVrciSEDB8qUAM8AExkDSCvnPAlw-9Cevs4gMvjsJ9vHGapPRJZnoha06QkrzFBNtloqTCz1dUf-nAnkbibq1q9Q
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 15:01:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Jan 2022 15:01:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxbI6xDApYo_f1j6pyAwT4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 74B4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yel5SDzs-pkTP1h2FcdcYwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxbI6xDApYo_f1j6pyAwT4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxbI6xDApYo_f1j6pyAwT4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNVbsMwcVNMoqKSz1hvAM6xcDhUWG-wnZM0kQ8xfwebvX6uF77gcOUDMQlTgY1QATcWf7oArBs8PBEV34L-nU2MwfKPqVrciSEDB8qUAM8AExkDSCvnPAlw-9Cevs4gMvjsJ9vHGapPRJZnoha06QkrzFBNtloqTCz1dUf-nAnkbibq1q9Q
Protocol
HTTP/1.1
Server
184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 15:01:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 20 Jan 2022 15:01:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxbI6xDApYo_f1j6pyAwT4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 74B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEInsiIrrJSTEe-MLSzIsNmw&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEInsiIrrJSTEe-MLSzIsNmw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNVbsMwcVNMoqKSz1hvAM6xcDhUWG-wnZM0kQ8xfwebvX6uF77gcOUDMQlTgY1QATcWf7oArBs8PBEV34L-nU2MwfKPqVrciSEDB8qUAM8AExkDSCvnPAlw-9Cevs4gMvjsJ9vHGapPRJZnoha06QkrzFBNtloqTCz1dUf-nAnkbibq1q9Q
Protocol
HTTP/1.1
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 15:01:28 GMT
X-Proxy-Origin
37.59.164.103; 37.59.164.103; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ec2d54c8-22b2-4a67-a735-408834451782
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEInsiIrrJSTEe-MLSzIsNmw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 74B4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyMTQzOTM2Mzk3NzY4MDE1Nw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyMTQzOTM2Mzk3NzY4MDE1Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNVbsMwcVNMoqKSz1hvAM6xcDhUWG-wnZM0kQ8xfwebvX6uF77gcOUDMQlTgY1QATcWf7oArBs8PBEV34L-nU2MwfKPqVrciSEDB8qUAM8AExkDSCvnPAlw-9Cevs4gMvjsJ9vHGapPRJZnoha06QkrzFBNtloqTCz1dUf-nAnkbibq1q9Q
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 15:01:28 GMT
X-Proxy-Origin
37.59.164.103; 37.59.164.103; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
48e675f8-502a-42b7-a681-5a20b6085965
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUyMTQzOTM2Mzk3NzY4MDE1Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 5414 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
901469fa3001f7409d0d6c2f41bcda16b8bd19f8a3e0109c4fa8b7230e52e644

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 74B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjjgFmbUC96692TXbbuo5w&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjjgFmbUC96692TXbbuo5w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNUUUOOnQ5j0vLvw6dBoJbq3RbLO2Wc6iGgBFd8U1B6T3F_yFBY0-Hu5w4W2kbO0VJ2O-3Z3c8z0tL_TQyhHOEv2znJARSdKKkX37-_GjYEOdjcrz4ylXqYGrfJWgNeb5ApPndVBF6tfZmWTP1nzYXlu081KYs-GS1Ez9axnQSInOg9Stm8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjjgFmbUC96692TXbbuo5w&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 74B8 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNUUUOOnQ5j0vLvw6dBoJbq3RbLO2Wc6iGgBFd8U1B6T3F_yFBY0-Hu5w4W2kbO0VJ2O-3Z3c8z0tL_TQyhHOEv2znJARSdKKkX37-_GjYEOdjcrz4ylXqYGrfJWgNeb5ApPndVBF6tfZmWTP1nzYXlu081KYs-GS1Ez9axnQSInOg9Stm8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 74B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEP4WkaEHPjI_HO4QdMP7nio&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEP4WkaEHPjI_HO4QdMP7nio&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNUUUOOnQ5j0vLvw6dBoJbq3RbLO2Wc6iGgBFd8U1B6T3F_yFBY0-Hu5w4W2kbO0VJ2O-3Z3c8z0tL_TQyhHOEv2znJARSdKKkX37-_GjYEOdjcrz4ylXqYGrfJWgNeb5ApPndVBF6tfZmWTP1nzYXlu081KYs-GS1Ez9axnQSInOg9Stm8
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 20 Jan 2022 15:01:28 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEP4WkaEHPjI_HO4QdMP7nio&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 74B8 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPuUYRCVxHYYyPb6vwEwAQ&v=APEucNUUUOOnQ5j0vLvw6dBoJbq3RbLO2Wc6iGgBFd8U1B6T3F_yFBY0-Hu5w4W2kbO0VJ2O-3Z3c8z0tL_TQyhHOEv2znJARSdKKkX37-_GjYEOdjcrz4ylXqYGrfJWgNeb5ApPndVBF6tfZmWTP1nzYXlu081KYs-GS1Ez9axnQSInOg9Stm8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 20 Jan 2022 15:01:28 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7A28 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jan 2023 15:54:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 54B4 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 20 Jan 2022 13:26:12 GMT
expires
Fri, 21 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
5716
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7A28 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4415dcf6cea91ec87485fe7485323a3a4104a694a4c19e87f1cfaed4104fa73

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C691 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D7eoOoYcVDtvptDUw_-e1OH6hxl6qgvkfjLhnaBfNo-VB724wEfgOk5TtVINmyrBBJw4AnmxKd_9CIy6a7yTYGqzQpRH1MNqyNEdpRhcRcDm6u2LcilrSPjeZjspoVb4V8ZRLbxV83qh8N060DoVBpc4Nu2A&dbm_d=AKAmf-ClYgm2x-mmK-lPsazUq5B6zkSPK0qZiY-6-8LJNk8hmaHOVHAGBzVbuth-_oMh7QzCrlLnyQBSLLJ-kkPDe72yrw_g-94WdfiXWCTm9suOjNQXuj9AGy0ICGdLAiONlAzKA0EBmRplwiayuJehNhW5Du8xdT6IlX3TPALCLs4UcX2bD3YA7QQsxQJQ--yzTDwj6h3HxkfOV_3LHNRVqOwIUE_sNqQBzf4ajFcrgY-dvOroyQmzfmMSxEuHE2EbE5_-IgJPThamWgrxgwyQeR-kbmPTbelsv9ZYVZBCq05OQh9CwJusnPAYb82hBa29gJcGeXeDjZyMze9xz_F2OkvsysEa0ClJbJXDL67FVShRWkPCcQXQhEiztTkree5zhFSs3ImvQHekfWPPRNYhh04HeNpWlZn5gwzvauRsJHZPvazfw0jLBXe-elyaePSL0HzZh6DvMN5PqJomhmXfsPHDZPTawVjfvctkkH27bKNKaeDcJWeFjBOZFqPeON8j7w_5-pEjW4RcmMtoxmZz4pnNwWpieNdG_lEhrtoPiwLebR_Aut_mjsmMrRIeMXQouixMGTuFCMmACsj3AHYWxDulYV1rgJynGeOTX6h8HncejKLcmCxwppaLittwtLG507-H37ehUlppjlVH8-n__8aWAOUnCsJQXwQgZo_OQdtg5KksCrwSE-b89QH5zXyShQA7xxjYgPiZrsymx5ouiwRBPbudbCUhKdDx1ZJ_khU2jEDLgPUWlBt4KZqg8xOYMyaNLulN8jET74HThB-ZACh7g4UegquEzuJm64MPgo0snR7nvdYeEXz_SHz2D_-H8hbGzJdLZlCcsW34u7z5NVfYXqP-D0cffrMpfnhJ8AcfIIrJwhZeu7XgTsmSSktRRPVULvP0y0KtMMw-sjT991d9GO_ttnc4pNN07tCJIqkEN4FGkmaea5AKttNh-uvTu7GD5S5YJTG5v9bnN3RC9u_Lx7fg2ORXSJ1vuUIiNOhjRkXENhJV5GVMd8Gf5WaHE0zpDxX31YgbSgP0RE2x0cGcqqIu9QtwTN_hdEdu9bO2OaFMR_GWEoPARGPpgOv5Nd15nf1Fy1oH3Vna41GenSNhOB3Kr9ZER0SPWKqFGD43aGcjk8fdAvQIPSWpZYe4tJM2mzWvwOW7qUEKSyKVcN41pF4hLTyaEv8Q_YDsuV_63FwW7Wxi06itXDoZ2Hdb6BGFio7NowebV23gvAV90HZ10zB3pCtkZpl0iQJKFkb06mP-bq_QNrPxUkjD0atwIvlcI8uY8W-YHZp9TUcm4-s5J63j4muzy3HM_NNCEJ-k-Q9L3Hb4-EKxIcAibB0nAZPES7HGymutm6hoOr2zwjm5UYRTJulsE-kZDGpUumXhZWVPORE6hMK7iHJE6bMj8Az7QYvILsOpY38hvhJA5IBejIM_G6txDvt4roN0iaj_DW9dUlb6tFbsyns5sUWteCCFfPYQAqwc_7m353t4rj8uz5inNyZhPkE_dXgLkA3MMfiStrTstdLQdjES_kT9wClmmTF2lF0WuZA0dGycJEUP2B-IYKccqJOmL45xO_ReDU8IhJj7DdvdihaHlDXUaElwU7hXeqHn1I_ZNqAAkCF48-h-q9IpKXQJxveoorM6iAaCtV9DS2m7rUTb1qSB38dmBVw8my4KsHuzBJpbmetCZOMBy4uRtOhLn5FK9eDkQk8bHgrBLMX3BMYPOLTFuneBhhK-xWLPZZAe_3gj1vyI5LgLnKC7CFE-EYvkzNhv3dEFORsGH7ZcTXcMzTzdI9_WDzX0B-KCFB7lZFo9WJoMclwaMa3fXz2qSjP91CCb_26hmhTzF7NXxfBrue-U8fX2N_0HAqLNIjqymLIxfNU9n05zhjmK7PTk3MmBgWzIfx4PctOpD2YKRKI42AuyC283Za6DaWHcHXFTUzSK__kWO_nT-OT8WpBkFltRfpvPECUry4iaPAP2YjEmaaoey9XtT953ORcc-eC-nnyGYTCBsJxZ7oZO0S76m17R_CseURELmVSaNK7-35wmUgdR-rHS7P8y4ZjIKIbVlyglAZM_RzzghrGPsDVtKCexbczp0pfReTV2zrVK0U0_09kyfNPuB9S6p-ReiU-ayUiy6iydnFxc6q-PptX7DXGiA67bTfRb_b7T5fUSYtCmMGefkGQzRb-773bTOb0x6D-x8fbVlMzB7eaFeL00v6DnxFFvO16hZ6eViTUjFo1DY8rk5LkOalGi900eFijfeyPnULykjmB8tnwch6XAhm-2xzO4hOMqU-knk4OCMO8f_mafXGGg_Dr8zQsNIv6nUOZZVD7F1zcMVRM5Mk8cqzv3z_X9Z9WSgX0l_OF0yOiy1J3-eGYNM45v60xobhDj6wW_Da4sS9VagcQVfCxMtWyEv2QGheInZLbsi9uGTUsTQY1kFBAQomFKm2V2n2VPtqk4J9NXGSvaqlO4qfGVpPiHH8G5QSLjsSZFl3q3RGqXdcEbrlB2WRRzS5Wr_XeogMxbJAMg0dZb3Zmy-VADN2GFK33e43-6XhMFFsQrl0Vrzb89sCozXLymzzRgA-49Ucl4gbisYOcpvA&cid=CAASEuRofnJv3bQYhMZsXqnnVzoovg&rfl=2%2Chttps%253A%252F%252Fkooora4lives.com%253A2096%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jan 2023 15:54:02 GMT
index.html
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/ Frame 0DEB 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d8c3ebdce5a05ae984a44c887124849c6a65711ed0ee13c2f372b18589b7e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
3597
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 14:34:03 GMT
expires
Tue, 17 Jan 2023 14:34:03 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
content-type
text/html
age
260845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 7A28 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIpX0Vtfsmi9psAJK6wufOc5BTTkdb5wdOCiaIQlJ6j3vbN_peusKZEINkB1xu08wllIzJ74qelrB6dVFW1WOsYuKX27y3xQyMoVxjO7jHNIM2nbkxyol6dTpu66ZUDJIDruMK5jmSMIiGHTsVIegwLNTziSU0nTssFJ8Ywz7_cEv2MAMy7BGVlFjXFXH1Wpv4jGAPFI_BCfbx4xbJSX4qMt1c-OX7Qrm-LBHanbVVlP93PYZVkYqH1F1DJSFrMhQ5c7AmwjL-thXdRI7TVZgimarkow1gtP44hk3UbZA_idj3QPblqlWdmUpECoLfoxr4rXCckC8EZ7pp1CUmUdvXtRxlcoXS14WJVArJIk9ANDE1QN0E0zfhfVrFDVqggXXJzCIdGUM5j4B03tZWNxGei19lmKrBWXtc5TM2K7Rh92lbraM42INg6YYXZPTJWWLK-XfLYNpHdVwyeLzUHhhlg1SZMgS8LeuF7WCmzBsG0TBC9G_w7Sc5cnpuftSnz-0nP19DLCj6XxzCp04c0WHHVrcBgSKUHwoRsD8ahKViMqdehMvgTbOm9NxrVydkZ7MrHy3TIfDmw4nSdLqvYNT3zXV75sajWUc2xxVCXF6zKZh4esVNDVVNWyQOvaKEv_p72oaXXmvat1r1tScTu5pTw_4biTmXAzcGIfSmpH0HOaGANb5ExY7pPxihEOUvwOlMmKcNZ_nLcJW7xopzvjxphD-ByUFQNjBNNSjoIVzHjX-XAtM94zCEuOFM-89rXfLUYd6tJVhdyPJjYCD323kTUmeILiuJGbu5xSg7ZPqBSb8FLG2VTw2HBSMNfqDAaAAtL0gxSwBQfeURYgoMPGqDNTGjumMkFI6GWDkUELQhcHhwdHaGySNUlqxZrS6McCOik2KgZUuFXx6wGuC5Y9oesGuGoenic_0IHF18_brb4SijSvXd_ebW_uDe4AJhn-n6Ct_ENsD5YIqfrXH8u_xMvaTq1FNBwvEXTD60wVNsjPSy8rKx1wESKXFVTKbkwwPGMIgn3L824jLTUw7m3lWc64GgaOsyKxIfl8zOFGFJkNFB3VCf7IhTFf2RPauuA50XVumaDa3piDJM0dwjmz7DLUaqpziH0o-TuWDYBBjhIoGKfuFLFseegHtWFyahhWZNSHKGmsbpmhCTB1E&sai=AMfl-YT2A77PUEQXi0atKPiXSQXw5P1TNcMzIm6_tvUJGt-azcIeYUf3xaX0313q9SjqR7LTWSW0Ibe4wnYu9qQRmBRL8wQAI9GcQ6PJx9lRu8Sv0qa8XYCuobjzwn0ZR9L3mnADiV4V8Pc0EJa20hd52d_y5ae-jWGDQQkQtUwckORS1kYPCF3tPASYEVNqA6TT-cGeDNBXzOHpTQdK4CtvOquv1E6oKR_XDayEvrVm0THFoZWrFs-E1X-cRn7sQup9Cjp-7eS_8zBeaS-HqcwL72SfalyzhK399djmWmI&sig=Cg0ArKJSzBZGFIHMycVXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=391&cbvp=1&cstd=387&cisv=r20220118.63717&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 20 Jan 2022 15:01:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
partner
sync.search.spotxchange.com/ Frame C0E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC_3pwdOSckpG8lO5K6P-Mg&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC_3pwdOSckpG8lO5K6P-Mg&google_cver=1&__user_check__=1&sync_id=d85cf7b8-7a01-11ec-8054-141922060206
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEC_3pwdOSckpG8lO5K6P-Mg&google_cver=1&__user_check__=1&sync_id=d85cf7b8-7a01-11ec-8054-141922060206
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxCciKT-AhjvoMS5ATAB&v=APEucNUABlBdn97bJmZ8k3tj7mI5DrQwEtdA2WaJ6WiPkGGkUu7PSfGyEa6EO-rSUwFGenCvKoPLx0EaQ4XyiFjv6QrAY9N1pWnEtPdC_Q2DCJaBhQyicXRsxeRsSMTEToeswBWwTJD1LKxEXmYm5-kXEByZD-5DJMMo4e6i1lc3UsvYFCz7F8k
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 15:01:28 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
137
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 20 Jan 2022 15:01:28 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEC_3pwdOSckpG8lO5K6P-Mg&google_cver=1&__user_check__=1&sync_id=d85cf7b8-7a01-11ec-8054-141922060206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
64
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame C0E0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDg1NGRiMDAtN2EwMS0xMWVjLWIxYjUtMWQyMWI5ZWIwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDg1NGRiMDAtN2EwMS0xMWVjLWIxYjUtMWQyMWI5ZWIwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxCciKT-AhjvoMS5ATAB&v=APEucNUABlBdn97bJmZ8k3tj7mI5DrQwEtdA2WaJ6WiPkGGkUu7PSfGyEa6EO-rSUwFGenCvKoPLx0EaQ4XyiFjv6QrAY9N1pWnEtPdC_Q2DCJaBhQyicXRsxeRsSMTEToeswBWwTJD1LKxEXmYm5-kXEByZD-5DJMMo4e6i1lc3UsvYFCz7F8k
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 20 Jan 2022 15:01:28 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDg1NGRiMDAtN2EwMS0xMWVjLWIxYjUtMWQyMWI5ZWIwNTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
26
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame C0E0 		0
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxCciKT-AhjvoMS5ATAB&v=APEucNUABlBdn97bJmZ8k3tj7mI5DrQwEtdA2WaJ6WiPkGGkUu7PSfGyEa6EO-rSUwFGenCvKoPLx0EaQ4XyiFjv6QrAY9N1pWnEtPdC_Q2DCJaBhQyicXRsxeRsSMTEToeswBWwTJD1LKxEXmYm5-kXEByZD-5DJMMo4e6i1lc3UsvYFCz7F8k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5716 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 10:49:42 GMT
expires
Thu, 19 Jan 2023 10:49:42 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
101506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
generate_204
tpc.googlesyndication.com/ Frame 4237 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ke7EyQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
csi
csi.gstatic.com/ Frame F1F6 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kyn3qpge&c=1553726159306&slotId=776863079653&qqid=CLiYu7bMwPUCFVmHgwcdHuwMUg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c08::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F1F6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CiGRjR3npYfjYDNmOjuwPntizkAX-0_evXM7PvdjqAsCNtwEQASAAYPsBggEXY2EtcHViLTI5MzA4MDUxMDQ0MTgyMDTIAQXgAgCoAwHIAwKqBOwBT9D0byK6cXxVD9G7mdyCWB3P143rHwQGJKDqKckM2P3Z_aIGeo3fdUYsWjTXN4MXXasZkio-7sfyT_xz9h3TNSFyQKTia13AHWU4_QEaCByUCmcOhv84JyvX88-9n0_69SM0kT298PcWtGEYW0UbvS2iH2UURo5abnhBKQpUkY6SuG56EC3dI38ARt9YVkroRMKFNHP0FpE_ACuhHN8o1i2OWU41Wcn8FJJGITPz2REubJTEyWM-YsF6Sivgab40MzkmdBezQ2Kc9p1apkhbrraG3mAZYHsRWz8c_zYFscfH-wRa0QhdZRWghejgBAGABrSAvZ-V4YKETaAGKqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00OTA2MTM0NTMxOTUxMDE1-gsCCAGADAHQFQGAFwE&eventType=clickstring&clientTime=1642690888296&ai=CiGRjR3npYfjYDNmOjuwPntizkAX-0_evXM7PvdjqAsCNtwEQASAAYPsBggEXY2EtcHViLTI5MzA4MDUxMDQ0MTgyMDTIAQXgAgCoAwHIAwKqBOwBT9D0byK6cXxVD9G7mdyCWB3P143rHwQGJKDqKckM2P3Z_aIGeo3fdUYsWjTXN4MXXasZkio-7sfyT_xz9h3TNSFyQKTia13AHWU4_QEaCByUCmcOhv84JyvX88-9n0_69SM0kT298PcWtGEYW0UbvS2iH2UURo5abnhBKQpUkY6SuG56EC3dI38ARt9YVkroRMKFNHP0FpE_ACuhHN8o1i2OWU41Wcn8FJJGITPz2REubJTEyWM-YsF6Sivgab40MzkmdBezQ2Kc9p1apkhbrraG3mAZYHsRWz8c_zYFscfH-wRa0QhdZRWghejgBAGABrSAvZ-V4YKETaAGKqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB8ggbYWR4LXN1YnN5bi00OTA2MTM0NTMxOTUxMDE1-gsCCAGADAHQFQGAFwE
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame F1F6 		28 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BVDN2_wo_gFgXN7Wna51Haqb5Pl1rlJbwGRzgXM6HUCG0YscB2b9oBcW319MgfG9GEjt0Oog2eTdUInThWyl-8UU4dDA&cry=1&dbm_d=AKAmf-CDn3YA85NbiDWZYGuSlrHBOJ22xNaIWm0yRXD2H19c9r3dgj-37gm8CCxk5Ou6jyjzOaF0mW9FI9eSFI2ok4zPO4uT7no40PqABg3Dfees7LfyOanDrzi8tyP8tJ_wAeGwFYhnBFNpXZIEv4Pcbb5xNq5HvRdh4xyj8SY-2rw585k_Z6Mn6rolCGg_as0Q-C8yt3kXulaPM7OHiAb3_iPnzevrTFbrak6hm3Mil3kBmb9AsCFBV2qZBFXwx4H2-PFRvVixm8LqvcYqqYWscuFgywG0TVQ6xrZ4DoBzY-3LHZHJISZJn6oYX1DMMA6bMXtfa4EYCoTtY2kpq8BFEYim2OlhySxq8KbUOSVcy7QiyZ4FBAqddfqFp0E9MiHOEsKccjicRiC6obYV_QerGKrdYCk8ulhPoevgzOZDpBsMVbsDyLQpkRcJBSvxQYomhdO0XppGiLskMJA6DgmuPaTdNghoYd6yGQCpL6OupnqS0kbVzCBlCO_B5Y2wQ0FzJ05wTQ6jnSP-ts9zW55yikujbH2OihKqZK4vCDVX4m5YNVuysz8ekkBDY-lDVfeBxrpmsQfAo1RQE15GVWtH7UpWn0CDLO1xLyp6EIb-jLu0hOoDGUCbLya1x30OPqdOyszSKIzeQc1eGtyzArcTVTJN9BewR4HNJ0PdbgE_rDD9JMEIHr8xKIxVCh898vsNFxPDQEEi1_SMAPIqSgdmiLNZ9hiemSVGHRAZScAbQhLtjc_bOpjWsvxeSuP2yOrzkppvGd44rEBivPqHynKY6yJrcvffWehpTBa7JJslrNvFmidkuHX9t7tLaC8ZZZ8VcQ3EgWzpy6IZPF5oJm-yS6XttJe8uStwx2n3yOQkbVzc-hx-ZZoPPsj2PRoqiEj-uzCmqQKEgrZgEurX1kMuUi3OIE3ZAw7WobzX-5-6zhH3g7M5_IZkT7_AbJuMlUjiAOGuEKP_l0btDCaEV5OU2AqPrZdeeYrnXVe03DZoMqMLIICSkYe8wJUm5RlBYuwOvG1i9qQL3TID4RNnGhOS7DPXP6MMdxkY2Kc9PWcmsIkI5j06WKPm7uY5VMm1raAdGy5Y2Fttin4ifAb2OV7Cjf01FNaSGrDDujgQm0qx_eDwjDPb7eRXhhCBipXOoEZHBrRmdkc92rSJtTFKr_dFnVMOALL_m7zGzD9ixX2fsF2WkvP475PmBO854qqzm7_euTDDflAYSvGRkEdDmoNFFkw3p2Qz6R2gT1hnxMQPIaR7xRh1h_1y155DNKrCvWym2ghQoR4PyFcD-kxGUxQOnpnOTJ1B7NnWWO1ECSZe_LC-2r6T4O3FwXGSqfTVQN5QLjvnc749wn5_-p2z_cq2nAKb-Y1Fh3gGDkKMoGazaPHtU9wtGJEzAPTpHui-vDLga86dbIPJxLj7hoU_wFuTCQIc-Nv7p0rsH_0qBfAisFTxHYfbaXHjGrIMwvxVMlfQpfvkCYapTKkVWweOmWRIhA01NHLhI8LRT_a6rLh8AQsD6c9Gf0WFe0FIEZk7qcQFinQcSvHJbi1b12Pex2mHdp7S2pF5PlmyNeRjhFTVUFr-KXTP_ULQWRaWHkru6UjqSG5Waiv78jgzn0yL7vZh67pEbxEOwXDNMld_mOBqEeKPhryMafOAyyTtLJDO8iBnMe5vLaRYrS-o19mLSIjIWfGO5TbLUkU5u2897k_iOq4SvliZJ6Qg6blwFnRx3X0WnrmTQ6jRAfBj7uHiMeVq0GO5b1JoB_f_FNaEeoRhT8BtEjB-RTrPyTyDewCJL141FN5cnfIL7LEsmU43l3916JSNcuT87xN6MtOHxdX7VbsU29xga9I_nD0o1FcwLTtLoJz8m_S_SFYGoeQKT-rTexd9a7uTeL18n3WYF0ACMPHRnK_xBPy7o3WVTU6KUFFIn07ffrhKQSEdJConwjjXjbb0KXiqx0tXkp58j6XPWlGHnGSxAPUM8oInatV_QmICH3QkH9dRcSaicxKW0eYLPw7nPdyDCi6ajbnwjPiSnGyi82zquZlKK2N6gupm6w2jjAfiDq5SSiBS1mpjMwpt8t0CXqPvdu1HBhLaVuyJ0qTNiOMG6hUQLnjThaQSt1HPI_zTQ9_oP1TCNZv2wbnJR2U2wAXUJ2u8jPu1JfQPSXkXQAT0TYbhC4fYwcsGKUjgi6eDuj8F58PaQTU1uJvEdc-hyj_luJIT229GNfhdvdVKztHFoRj2ih5A1C0nQBjB1yrHazlHvty6vCQWkFWbKtgS11ZtKUlD4D9bxxlSalavt21SAjM4B4OzyKrE1znR-qKwNMhqsyK2YqA7we3kVctiJQE9y2xY4TghYCQ7XWZveA5X10vivRkNjUkpVYjXsKDekflV-HnSZUTawetYlDcXTwf0pzT8LBT-OQBBvG-MnNQg7l06CNV_H37UclNK1o7BKRsO4rHh32wLXz7tcfuuOOEF8f_8lnjpEwc7ri75YvWNNJ99TBwttKWYIy2qAdInVsgODDFRPYpOwY7efkdKuPLjkLlA25e67h4GlBKu337-DoprA1XF0QKN8lS9M9b8-Czr1vWk01WYkyVOaisVOfYt_5QtNKj_OtRnrjzHkpit3aB25A82P-N1z82KyUMq9qvG4U8GCl9uFmhM1qlKd1FN8tjQ5WRW7ji1BVluM7DvSzjqv3PAQ-dCwuF58-NdRY8ItMd9a6lIPagXEvMXwQmQN1vXIrgPYQGvf2vUEzYCuQHMzgIJ1cPwmrrq9lvLilVhqn81ko8RqIj92UMdloPwcWMgP0bQYmjQ_5s_p_RFeo646_68_DayJqmEdndbJppBBTqipfEkdae-W6AqR6X2iTrm8ZHD9H8YG1jC-S-Wg74qDgp0v1Em6rZCx3VFa-oV2_yRXj80hMCVr2nUx1mmZ1vHy51SFb64OouesUHEUUSdrLeGTuUuTqmlQq3wGhpWYtLAXtC-CaL5GmfrX-kVM23OBLila4TVlBnvMz5Gqs8Ull6bn9YFQFcnuUzAnFLnw29HNN1O9Dau6gjaNBWa-xCDEp_IeZvTuS_baRdgpw6mZ4dgmpyci6aBui7pJk71PPVV5h0FGkHewkzPh4IfedfEhBMWK-snaYg-5u0r3V_-XX2odUv84xgfH_taSf-i6w_l6bGb0eAZAQzfgxOMksLvunM9ygW3nFVrc2E6NbPyMl-FWQyFNC5N1DLI6c6mgGoSOSLipbdY3EFPsh2ZBg&cid=CAASBORo6JM&pr=8%3A09FE95C99175B8CE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.5.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f157.1e100.net
Software
cafe /
Resource Hash
f98ae961eab586bc99b2d15dd434b8c33e5cf8df431468a6a43a905a69996c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14105
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D7F2 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 20 Jan 2022 13:26:12 GMT
expires
Fri, 21 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
5716
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/ Frame 4C5A 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d8c3ebdce5a05ae984a44c887124849c6a65711ed0ee13c2f372b18589b7e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
3597
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Mon, 17 Jan 2022 14:34:03 GMT
expires
Tue, 17 Jan 2023 14:34:03 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
content-type
text/html
age
260845
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 5414 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWvdw0ylenwqqSNHJ3WAQBzUQJLZTbQtW-LP1kaV1LKovSs7eE05PbZu2gDVLzd5d41_sw_upKMxEmQ6eelGAaXVVjJDnKaZ8aX4YF6UZD-OU_5SjQ0mcrMsI-Vu4zuVF0QWxmhnJbv82TkHB4nEc7ko8bb_QDCQyEO1bc6J1ZcYFut7zhkpOkhIMC3ZL6-5tS2lcNb3PMmd9VlxeIf-C0myjwbtpJIbp_wZLvC2xBIBtV8ia-yDTqZbvxdnMfKcVMDuFGA3jV5slu2HE_ghXzraDJmMKwL1a79F2MvfrdfuEJgr0fH1EBpwItkPejbZSvFwnkSjSM6HwRdXYyMUG_pDQtjOfHoeNzI0Qd_mnJHaadaWBZeIanCzSSOuUBvJRbbkAKLptSZOsxCr3VzXcQ2DJOQ1YJWmxLli1NbWBkBajCOd4stbJZCmQH6P563P9vC8312WZMgGqKx-vlEoUqZS0QYV5ABVyqyHG30oH6FmxO9sZwsQTz1WzGvAmzQxBw_KG_WHMY37b8U1xLY1D_sfEKKzuNlsWgtjhyopnq9euoBErdgaasRZyC_7lKhjYFmkavbyKn4KKLoihUBYyYo6Xq-zsDuo-nF8D8XyJwNNaROHq7xUmqnep6auzTq_fyKTW8Yd4fdVWT12N2j93FFHUEeK_sUmCJheMpqYDqHa1gLl2MkqWHWDUpsJqojILv126Ee-zVSyOw29iqIEQJPiySK8JI7NKbPAYUi84KobVlrJZ-0BU5iqyWEGYVsw6ulC3vHzBC2YeKnpW2XAyGOJ26jZWV9kgxtjn9_vLSiHIcvPLtC1cEEJld7AEMRSw3lLEmE-wPlByjfa-OEQLdoQlVGc8CKHfsu6XjBlvQK_W1bCvtht994_26kVoqqvHH4T0SiVzsDkLwEuKMYObHy6Nqs-A1guIJOf6QZeRMy1-RLgchFpKw-RmqFDSLhzY26Cu4SdlN0uABCQAyzn0G9fVRNKjFrD0q3dXB-uN72fdySiMRGXcrxl3Y92dAOrW00K4u9K1ph2dCIPTperYQyTMRPt3MYfgaRnvfku3ftgUWxj4pbia0PQTOYDeMbXA0qE4ruhQwZ6uW98gNjlEVBmo4UFPqEGspasYL07TgibLxoPIkDzwcMNPHpXz-VorX0XAprJegLhTTLN3l&sai=AMfl-YTf8jcDXmjF6c0ieSrsheoOd3JjcgAakpGQpAWDeu-QvL-KGxhB0mELURj299nEMPDel1sAucr40yLJc34yJgaZzt2lleG8SsRfn868CBwHZhLNGn8o8o1j29VWSj0762BiI9DSWmQn9NedxzFrur-n869aL8S_DOabU6Q-73yMALNPmFzJcU46UUauRuaj7J0Y98_kDSp4H7PMT7vWRC0rLHZYJTWwWH8RY5R--XeeZyuz2h-LvAy732yiHsSZAOliGb9idKNrRT8HQfdlKT66BpODmHz330TOl-w&sig=Cg0ArKJSzGxVc0eBQoNnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=434&cbvp=1&cstd=432&cisv=r20220118.45969&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Thu, 20 Jan 2022 15:01:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame C691 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Origin
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 09:54:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18417
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 09:54:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/ Frame C691 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/omrhp.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWrZQuC7a8ynEKTD0RxAbQn-v2V5ALaJ8b1SZ3wn1BFCr2SLM0&d=CnkAoCZ_4O5s6Pu1-qov1V93SH8nJcdbez81MEG2yx6_ZHTta7m3rTk_RcLUsC156sreP0Khdoc63jTC7jfoB_sYcvQH5vDcQgHElaTti-f3xfDT7bnbgNDYO5goX2aP1vvPimZMmT-Ko1ZNorlRBQUL2-F3a4dIeNeLEpkSAKAmf-A6kkFvt54gjltmQ7kaQugt9Bt9o9GYKPqjNDfqZoFVra1x-L-JKC9wbyKWF6PnujuFWuArTAOmX5yg5_mzxBbgMp50uz83wpdC8ceo9qOENv1sC8e9RjoS17w4mPXeuvqpYASK8IZqErfvrFE8DIgO6opP2VjTGZX2JIeiOtjuhY_3D5Q3786zHXcXjtT3jIhMaqHOKDZTLEhucjyTEATg5_tJU_qDGuhgWdS9QlH2yeTntjUlRauHj6MjA2-SmIOEGiA-4fATBWEAeYEHKWcnaV84XmqWx2w-YXrQR_XrMnU1HG4J8SRu0CZN3qb3BNquBlAb79r3Amq74dmVIm4oMT3PnmebYKQopNl_pn6-qZMOkYiC3bPlSk6ed4RXT8ELsE_6nlrPkUQUyqqcAN1Sp53ybLkpJ2leVBZG9_T83BEZQBINfQuIqVVf23bqPV9xUU86ZYOaiS7Db8467tgU2r75byKasiRhEIqyWgdMJXprYJ3TDVS_l1qNFs_nTaILiXxni_1a4cTZSgITg8KUsi19qtPNdgVER_T6shN7dRvRlSCg6lNGxg6v7YbW2qm_w2krKK-BvbFV-hFhn6mN_sMaMANbRLn2kJOpr5xdxxwzTdTudt_nvVJhis95VlZczAFHNkh6M113ZvGim0jKj_rcHkHk3DTzaN5M7yK6OttXKMhemSZ0U2ILkjjETE-sck4zc0qu39p7POfECKq5dgT6fJ9NRdLQMUjt_a2nH80FjWw_leKSK_83PxUqKJEKFi6q2yeW1vSS54Vl1prGxbZf4cFm8I-x77918RqD-H1VUDtF-wPOdRyzw2Jl_71H_f3j-n8gPWFH_vKjpArgQZOeNd6qmw8fBOq5nWxuvFAh5JY7CpEB2Ra4yLLkU7nS8J4VfEpwUWb65dubEPWkPQpi1EacW6GyrS7zwhU0nKfJ15-4qa76FdpmUriXqGfutU8y7Y9pk6yELsCkNrLOUQ07vxgC88CBTmcpqH2uHgr8221Pi8EpqEVlU0NIl8zVVHVGVZQEUghNtKY2urmBitkwje235Re-JITP7tAczsR6h4NQPl-USC9xiOPPLt7zH6WJi31Z5YmQhmZZBMY3sF4dfGSweW00iqOciPACLaeIVX8STrFt7eGLJqh69SfwfZjDr4CvHIkqbM-SWQuR8lGxDlhiGaIcBz5yoLSS-ly4WNaBnhTVt425ntTRUdozAxdaBANf42t89HxULKnGevy_Nx0Kbfn_FTJC4dGhdZTy816kowiIRnTkMZK_jiH7WK1DzCRaVcAoUriUMnnzgAjFT5Vj00SIDjHhjF5EHu9d9KnTgDoRrbSD9tseuSGSg-21CXaom68Ex7rAAb-uEpQpEys7-_4irq0rQ8vgUrW3230MgD9ecm2UOtRSdIeMy-1XR06wD2jsiU7Nb38lk7vCV21FCw5e3Lz3i5wUKrHkhSddPzBb2Z5xFZsHo8B94RP1FMMzad1Jyn0B91XdzITNZho5yI9cv_by54VL_eJxVWtBKYk2OWqYt8LFEKaQ1CHYyQyT2OXmc9UrEwvoe5EikTSrYpTe_J2kPURVrto7VhLVUX7mblIpF_dYGmeI3ee5dsYIU55ZELO-7dSw6229VdCAuDB4YxbtUPkHxDeuW0k42xfWi9Varm1COHyQzeQ6_zQJfkfbQWefKyQ-yuR5xpShcYk7Y71QA1YdvG09sdsd-_9MrLs79xmX9Q3SGCKY_fKqtn77aqx5-osTFG6zjP3yKKHQd3keAn-sQVW8_KWVmHkbIC-4Jyygx276vYaDVraoaRp_N5zitKQjjqDv6-JNGV9GymmNwXdHpkJwcncl6MKiSoeqOupQhyIb4f5qcoYlkzTrmHiyaID-SHn8UUtr0gqs2ioUaTwPSvIGJzVIXCiFOELadLMn2zdiHdZoeh6qBcqudXShro_L0A_R4wKuCZ4KdtjR2Du6VPyeJUYOf3ZTUMFbb2mICcjC5ge0TU6BnuO_RI3mAHYyl3QdNdWM50kET42TKQmyZHx8LwCVxK0Ap2Vyv5ehjK6uzaJ0u1xkwkTBRIFhlgJu2ub6LuG1PJwvW9QP78P2I3soLxeJsL5IZb90RZK03473lNEl1LQyqtOpLsmzjAwQnX7ntopIMTuWn7Bb2i87J-vt2D_oMPde-nFenpIUi9x2BzVuKvdE7RUSZm54pfCqwij9wLtoR7xaK025u3RPdi0lLL6vUwmQD-J6x1xsYxvIT2PLZjKPBiZdNuaY0hE6g7Hj6KOTk3MxsbVvc1VEb-Kj8W5ivGDlxnOhddcsUU2Ef8YcM0f4l9oStrLm5p0KS_5G9ZdKa_QGatOSrBpzI6nw6s9lQwqo4KoCjawnOurOklIFh8p6lmBmNCwjXZF0JciLT7hhvG4HKFdtv_gw-GY5UCsjErnG1ehNH3IYMhmjYKY5zWdKkoqfp9wmVAqNdl71oOZVsNDeLp5JwB7ztbvaOKHVD5izjJ1GIwe0DeroJ30Rwm2PEQiKgCLHOgE30KsWC4koGgXoe6272qQp3R7k9RxEMxgav-RECnoN9MF-bdM10s3hj8nmr8vv59xW5iAj9U5YUYgeNydXyFyhpJVPEAiQ6wDFy56lIPmqCJI2pwLLrNG-RtOEMAs8Yg50_fhqYwk_vE7kPnv1tEgOKJ1sH1Qx3l0E_upIhPAnCZQJlWpu7wlq5yT5tsm-MDde7S7bKiD-18YOIPXpYkZaszirL0ThlyAkOOIR0-CJj0tC178Knj0Z-MhW-lVURpKA8olJFmRFELRPIJjQOC3rA10qntXcxwuIbx_E1sC4sSi66WPynQzSEJ-cQwBH_ttSy6PmUjMeUuTRlffNFn2Ph1bYEzSfO00OOVcylMUz7MgWYIZ6nLCyUaI93-9vIHXhwCXL4R_EgQGb5tTvzlVfHB06-v9_DZ0WJ4oy3XLy6tsyRlHhx-07VLRTb2HCidUmjRxPj299sL22AzZ1uln_baPCyIydWCTFx9Ek0LEzo0-5Vi-dWFr4h1wr4C4GmdhGUWfRL3C1HoRy18WCQB_2uILBwisa1iUdHDs7QHm0wKjmbOdsCw4sBM-eXCRjzu5mkQPY5RoWCAASEuRofnJv3bQYhMZsXqnnVzoovmAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 15:00:54 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/ Frame C691 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/abg_lite.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWrZQuC7a8ynEKTD0RxAbQn-v2V5ALaJ8b1SZ3wn1BFCr2SLM0&d=CnkAoCZ_4O5s6Pu1-qov1V93SH8nJcdbez81MEG2yx6_ZHTta7m3rTk_RcLUsC156sreP0Khdoc63jTC7jfoB_sYcvQH5vDcQgHElaTti-f3xfDT7bnbgNDYO5goX2aP1vvPimZMmT-Ko1ZNorlRBQUL2-F3a4dIeNeLEpkSAKAmf-A6kkFvt54gjltmQ7kaQugt9Bt9o9GYKPqjNDfqZoFVra1x-L-JKC9wbyKWF6PnujuFWuArTAOmX5yg5_mzxBbgMp50uz83wpdC8ceo9qOENv1sC8e9RjoS17w4mPXeuvqpYASK8IZqErfvrFE8DIgO6opP2VjTGZX2JIeiOtjuhY_3D5Q3786zHXcXjtT3jIhMaqHOKDZTLEhucjyTEATg5_tJU_qDGuhgWdS9QlH2yeTntjUlRauHj6MjA2-SmIOEGiA-4fATBWEAeYEHKWcnaV84XmqWx2w-YXrQR_XrMnU1HG4J8SRu0CZN3qb3BNquBlAb79r3Amq74dmVIm4oMT3PnmebYKQopNl_pn6-qZMOkYiC3bPlSk6ed4RXT8ELsE_6nlrPkUQUyqqcAN1Sp53ybLkpJ2leVBZG9_T83BEZQBINfQuIqVVf23bqPV9xUU86ZYOaiS7Db8467tgU2r75byKasiRhEIqyWgdMJXprYJ3TDVS_l1qNFs_nTaILiXxni_1a4cTZSgITg8KUsi19qtPNdgVER_T6shN7dRvRlSCg6lNGxg6v7YbW2qm_w2krKK-BvbFV-hFhn6mN_sMaMANbRLn2kJOpr5xdxxwzTdTudt_nvVJhis95VlZczAFHNkh6M113ZvGim0jKj_rcHkHk3DTzaN5M7yK6OttXKMhemSZ0U2ILkjjETE-sck4zc0qu39p7POfECKq5dgT6fJ9NRdLQMUjt_a2nH80FjWw_leKSK_83PxUqKJEKFi6q2yeW1vSS54Vl1prGxbZf4cFm8I-x77918RqD-H1VUDtF-wPOdRyzw2Jl_71H_f3j-n8gPWFH_vKjpArgQZOeNd6qmw8fBOq5nWxuvFAh5JY7CpEB2Ra4yLLkU7nS8J4VfEpwUWb65dubEPWkPQpi1EacW6GyrS7zwhU0nKfJ15-4qa76FdpmUriXqGfutU8y7Y9pk6yELsCkNrLOUQ07vxgC88CBTmcpqH2uHgr8221Pi8EpqEVlU0NIl8zVVHVGVZQEUghNtKY2urmBitkwje235Re-JITP7tAczsR6h4NQPl-USC9xiOPPLt7zH6WJi31Z5YmQhmZZBMY3sF4dfGSweW00iqOciPACLaeIVX8STrFt7eGLJqh69SfwfZjDr4CvHIkqbM-SWQuR8lGxDlhiGaIcBz5yoLSS-ly4WNaBnhTVt425ntTRUdozAxdaBANf42t89HxULKnGevy_Nx0Kbfn_FTJC4dGhdZTy816kowiIRnTkMZK_jiH7WK1DzCRaVcAoUriUMnnzgAjFT5Vj00SIDjHhjF5EHu9d9KnTgDoRrbSD9tseuSGSg-21CXaom68Ex7rAAb-uEpQpEys7-_4irq0rQ8vgUrW3230MgD9ecm2UOtRSdIeMy-1XR06wD2jsiU7Nb38lk7vCV21FCw5e3Lz3i5wUKrHkhSddPzBb2Z5xFZsHo8B94RP1FMMzad1Jyn0B91XdzITNZho5yI9cv_by54VL_eJxVWtBKYk2OWqYt8LFEKaQ1CHYyQyT2OXmc9UrEwvoe5EikTSrYpTe_J2kPURVrto7VhLVUX7mblIpF_dYGmeI3ee5dsYIU55ZELO-7dSw6229VdCAuDB4YxbtUPkHxDeuW0k42xfWi9Varm1COHyQzeQ6_zQJfkfbQWefKyQ-yuR5xpShcYk7Y71QA1YdvG09sdsd-_9MrLs79xmX9Q3SGCKY_fKqtn77aqx5-osTFG6zjP3yKKHQd3keAn-sQVW8_KWVmHkbIC-4Jyygx276vYaDVraoaRp_N5zitKQjjqDv6-JNGV9GymmNwXdHpkJwcncl6MKiSoeqOupQhyIb4f5qcoYlkzTrmHiyaID-SHn8UUtr0gqs2ioUaTwPSvIGJzVIXCiFOELadLMn2zdiHdZoeh6qBcqudXShro_L0A_R4wKuCZ4KdtjR2Du6VPyeJUYOf3ZTUMFbb2mICcjC5ge0TU6BnuO_RI3mAHYyl3QdNdWM50kET42TKQmyZHx8LwCVxK0Ap2Vyv5ehjK6uzaJ0u1xkwkTBRIFhlgJu2ub6LuG1PJwvW9QP78P2I3soLxeJsL5IZb90RZK03473lNEl1LQyqtOpLsmzjAwQnX7ntopIMTuWn7Bb2i87J-vt2D_oMPde-nFenpIUi9x2BzVuKvdE7RUSZm54pfCqwij9wLtoR7xaK025u3RPdi0lLL6vUwmQD-J6x1xsYxvIT2PLZjKPBiZdNuaY0hE6g7Hj6KOTk3MxsbVvc1VEb-Kj8W5ivGDlxnOhddcsUU2Ef8YcM0f4l9oStrLm5p0KS_5G9ZdKa_QGatOSrBpzI6nw6s9lQwqo4KoCjawnOurOklIFh8p6lmBmNCwjXZF0JciLT7hhvG4HKFdtv_gw-GY5UCsjErnG1ehNH3IYMhmjYKY5zWdKkoqfp9wmVAqNdl71oOZVsNDeLp5JwB7ztbvaOKHVD5izjJ1GIwe0DeroJ30Rwm2PEQiKgCLHOgE30KsWC4koGgXoe6272qQp3R7k9RxEMxgav-RECnoN9MF-bdM10s3hj8nmr8vv59xW5iAj9U5YUYgeNydXyFyhpJVPEAiQ6wDFy56lIPmqCJI2pwLLrNG-RtOEMAs8Yg50_fhqYwk_vE7kPnv1tEgOKJ1sH1Qx3l0E_upIhPAnCZQJlWpu7wlq5yT5tsm-MDde7S7bKiD-18YOIPXpYkZaszirL0ThlyAkOOIR0-CJj0tC178Knj0Z-MhW-lVURpKA8olJFmRFELRPIJjQOC3rA10qntXcxwuIbx_E1sC4sSi66WPynQzSEJ-cQwBH_ttSy6PmUjMeUuTRlffNFn2Ph1bYEzSfO00OOVcylMUz7MgWYIZ6nLCyUaI93-9vIHXhwCXL4R_EgQGb5tTvzlVfHB06-v9_DZ0WJ4oy3XLy6tsyRlHhx-07VLRTb2HCidUmjRxPj299sL22AzZ1uln_baPCyIydWCTFx9Ek0LEzo0-5Vi-dWFr4h1wr4C4GmdhGUWfRL3C1HoRy18WCQB_2uILBwisa1iUdHDs7QHm0wKjmbOdsCw4sBM-eXCRjzu5mkQPY5RoWCAASEuRofnJv3bQYhMZsXqnnVzoovmAB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 15:00:23 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4lives.comhead.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kooora4lives.com:2096
Date
Thu, 20 Jan 2022 15:01:27 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EB5A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 10:49:42 GMT
expires
Thu, 19 Jan 2023 10:49:42 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
101506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dpixel
cms.quantserve.com/ Frame 5A68 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELDcg00XcwWQ_NUN1OGnJU0&google_cver=1&google_push=AYg5qPIfN4AFVvcqLK_i6dpNMSlM_ohASbYXp28j56082SLbWc13l312FCbnK8BFwd80PN_vsZWNTSgQw9zp9fxjkOZL9uTskNM
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 5A68 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIDr0ZpqgjC_JbfRW5YuKh0&google_cver=1&google_push=AYg5qPLGWovGvecQ_I_nVT3r9RvEkBQIvlYf6mK3yzXW-EdzO57SXGoXeAi0twvad3t1a-zJpfV65nDkUESo2ch_Ho2n23cxOXI
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 5A68
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEByp8IUeLfMzqCNwhc7Rzzs&google_push=AYg5qPIT2ccoPrXZfL89GXzY4z19HLcmRG7rWU0akZPEFsfWYli5imunPY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEByp8IUeLfMzqCNwhc7Rzzs&google_push=AYg5qPIT2ccoPrXZfL89GXzY4z19HLcmRG7rWU0akZPEFsfWYli5imunPYwcwBTj-aECGLGfQjfhQNy62uvNAfBx7MvmB_Xslpg
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1642690889.546497,VS0,VE81
x-served-by
cache-cdg20735-CDG
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEByp8IUeLfMzqCNwhc7Rzzs&google_push=AYg5qPIT2ccoPrXZfL89GXzY4z19HLcmRG7rWU0akZPEFsfWYli5imunPYwcwBTj-aECGLGfQjfhQNy62uvNAfBx7MvmB_Xslpg
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 5A68
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEMhl-TxmFCRJ5is6EWBrV20&google_cver=1&google_push=AYg5qPK4b1sI6i6yi3HpfyGbKc0dSiZIoClpWlxRM-QZdkx8ZJLM28KxPfmIXo8_Y3Ar0EUc_8-hYP2YcoQRu0-n...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1e9bE-aGRFatBsJgyzL9mQ2&google_push=AYg5qPK4b1sI6i6yi3HpfyGbKc0dSiZIoClpWlxRM-QZdkx8ZJLM28KxPfmIXo8_Y3Ar0EUc_8-hYP2YcoQRu0-nWGdWjXGHDSTf
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1e9bE-aGRFatBsJgyzL9mQ2&google_push=AYg5qPK4b1sI6i6yi3HpfyGbKc0dSiZIoClpWlxRM-QZdkx8ZJLM28KxPfmIXo8_Y3Ar0EUc_8-hYP2YcoQRu0-nWGdWjXGHDSTf
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:28 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=1e9bE-aGRFatBsJgyzL9mQ2&google_push=AYg5qPK4b1sI6i6yi3HpfyGbKc0dSiZIoClpWlxRM-QZdkx8ZJLM28KxPfmIXo8_Y3Ar0EUc_8-hYP2YcoQRu0-nWGdWjXGHDSTf
x-host
tde-deliveryengine-production-655df8fcc8-9gksx
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5A68
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENIAhGMWxlm7pUompoaJRlA&google_cver=1&google_push=AYg5qPJWEJm329TzaC661aZgdDAdEcJ0W51YWotpiULKqCNxhRGWJrM5Gk46n-Oo-gAKNrI3e9-ty_z8ZSQ6op5_W9A4...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENIAhGMWxlm7pUompoaJRlA&google_cver=1&google_push=AYg5qPJWEJm329TzaC661aZgdDAdEcJ0W51YWotpiULKqCNxhRGWJrM5Gk46n-Oo-gAKNrI3e9-ty_z8ZSQ6op...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJWEJm329TzaC661aZgdDAdEcJ0W51YWotpiULKqCNxhRGWJrM5Gk46n-Oo-gAKNrI3e9-ty_z8ZSQ6op5_W9A4F3Jziqg&google_hm=bhyvsmGcT6eiJptdAV9aMQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJWEJm329TzaC661aZgdDAdEcJ0W51YWotpiULKqCNxhRGWJrM5Gk46n-Oo-gAKNrI3e9-ty_z8ZSQ6op5_W9A4F3Jziqg&google_hm=bhyvsmGcT6eiJptdAV9aMQ==
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJWEJm329TzaC661aZgdDAdEcJ0W51YWotpiULKqCNxhRGWJrM5Gk46n-Oo-gAKNrI3e9-ty_z8ZSQ6op5_W9A4F3Jziqg&google_hm=bhyvsmGcT6eiJptdAV9aMQ==
Date
Thu, 20 Jan 2022 15:01:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5A68
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOQ-rfh6hrL1Gno7wRBrJwU&google_cver=1&google_push=AYg5qPIpmZaqpMWgKF-mK85n_TcImy8s_XbQdN4ZdFKL_-OKGwIhVA9tR7l-iwnyuIR-B5bU_YNrCSA5w12_SQq9eb6QAsD...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIpmZaqpMWgKF-mK85n_TcImy8s_XbQdN4ZdFKL_-OKGwIhVA9tR7l-iwnyuIR-B5bU_YNrCSA5w12_SQq9eb6QAsDJInDq&google_hm=MTkzODM0MTEwODM1NjM3OT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIpmZaqpMWgKF-mK85n_TcImy8s_XbQdN4ZdFKL_-OKGwIhVA9tR7l-iwnyuIR-B5bU_YNrCSA5w12_SQq9eb6QAsDJInDq&google_hm=MTkzODM0MTEwODM1NjM3OTMwNQ%3D%3D
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIpmZaqpMWgKF-mK85n_TcImy8s_XbQdN4ZdFKL_-OKGwIhVA9tR7l-iwnyuIR-B5bU_YNrCSA5w12_SQq9eb6QAsDJInDq&google_hm=MTkzODM0MTEwODM1NjM3OTMwNQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
google
d5p.de17a.com/cookies/ Frame 5A68 		35 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d5p.de17a.com/cookies/google?google_gid=CAESEGzqjGDreCq-kiP8JVxh1Qw&google_cver=1&google_push=AYg5qPK-QNNFnGMWzL2pLMRebNomU6fy9wd7gsLGK2Jy9vO7iEWI6det_w0OrNZMp_GmF2hrLzn52wRc1RM1BbbCI07rVfKRMhsg
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.183 Uppsala, Sweden, ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE),
Reverse DNS
213-155-156-183.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-type
image/gif
content-length
35
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 5A68 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6GR1I_wRhcRVoduVpf0FdU3XQbUcMW_UlK8eLXi0ORtbRR0NlVjuWO76l3SYNm2KFjZvu
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0DDD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 10:49:42 GMT
expires
Thu, 19 Jan 2023 10:49:42 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
101506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 097E 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 20 Jan 2022 13:26:12 GMT
expires
Fri, 21 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
5716
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C691 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f3397dd5f9f9d67ca626b5bd63e2209c10f3f8305b133b30b4c0c0bfaa325b0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
google2waycm.netmng.com/cm/ Frame 54B4 		0
0
pixel
cm.g.doubleclick.net/ Frame 54B4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBGG4No5B6f4JGFwTC893HI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBGG4No5B6f4JGFwTC893HI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3Zzb2dkTGUxTmF5V2s1&google_gid=CAESEBGG4No5B6f4JGFwTC893HI&google_cver=1&google_push=AYg5qPLTRnHT74UH9y6m85oslvXKCJD-9C5QVkKtxSf-mo6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3Zzb2dkTGUxTmF5V2s1&google_gid=CAESEBGG4No5B6f4JGFwTC893HI&google_cver=1&google_push=AYg5qPLTRnHT74UH9y6m85oslvXKCJD-9C5QVkKtxSf-mo6D3RGVEqr8odUC3Hjd-HzjnryrVhmJxQ5rKwn4-tGjclq89agiXLI
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 20 Jan 2022 15:01:27 GMT
Server
PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-0e9f0e24f4a2a06c9@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=b3Zzb2dkTGUxTmF5V2s1&google_gid=CAESEBGG4No5B6f4JGFwTC893HI&google_cver=1&google_push=AYg5qPLTRnHT74UH9y6m85oslvXKCJD-9C5QVkKtxSf-mo6D3RGVEqr8odUC3Hjd-HzjnryrVhmJxQ5rKwn4-tGjclq89agiXLI
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 54B4 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPWH-4XGyd7SKXAg2iaehjo&google_cver=1&google_push=AYg5qPLw56WApJo8PFuJuzGfy-M9vw1NEpKbO7uyOO_vlLM222VQTaPUJhxdZwJ4r9bXD3jDK9VRFnRel0uywuyrPS_voF2N0CeI
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
sjun8ie85dp69br1el2vq2o8vlrspp3l
pixel
cm.g.doubleclick.net/ Frame 54B4
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB8ll4aHXrhQx4mXv08tEW0&google_cver=1&google_push=AYg5qPKrLL_GZC2BTRoACx3UMfXqsjA-cm4a8By-PX9GxsgtPFK2lmEa592gwK9UucUbRurEkF1jYwzFLS1Owsvs7...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEB8ll4aHXrhQx4mXv08tEW0&google_cver=1&google_push=AYg5qPKrLL_GZC2BTRoACx3UMfXqsjA-cm4a8By-PX9GxsgtPFK2lmEa592gwK9UucUbRurEkF1jYwzFLS1Owsvs7...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKrLL_GZC2BTRoACx3UMfXqsjA-cm4a8By-PX9GxsgtPFK2lmEa592gwK9UucUbRurEkF1jYwzFLS1Owsvs7KsOaCnzSD96&google_hm=98fe401fac982a3268488774
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKrLL_GZC2BTRoACx3UMfXqsjA-cm4a8By-PX9GxsgtPFK2lmEa592gwK9UucUbRurEkF1jYwzFLS1Owsvs7KsOaCnzSD96&google_hm=98fe401fac982a3268488774
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 20 Jan 2022 15:01:28 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKrLL_GZC2BTRoACx3UMfXqsjA-cm4a8By-PX9GxsgtPFK2lmEa592gwK9UucUbRurEkF1jYwzFLS1Owsvs7KsOaCnzSD96&google_hm=98fe401fac982a3268488774
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 54B4
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEKQaEOZQH9kCf-TXROeNA8k&google_cver=1&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrB...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKQaEOZQH9kCf-TXROeNA8k&google_cver=1&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInk...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AIn...
0
0
sync
ssbsync.smartadserver.com/api/ Frame 54B4 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECJftzn0epDHk_PUhvEwi7Y&google_cver=1&google_push=AYg5qPJjYszZ7s9U4tS3DBk39HaUDSKdGqjA3LXjhYfcLjeCk7NmhWfsFZ6NUEYcs2wWHT-OJtuqA3QfG_41bU0YqAoQ_A2CVznI
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 54B4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECfioxPGoQndacYF5V9r-3o&google_cver=1&google_push=AYg5qPIJlm5bcONtVh58jru_EjionscBuC3aCfKG8y9tNyjsjvmQc-j1jug6JUABrqJGIHVr08...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FRENvTVhWRTJ1RmdhMEpGNjNXcWF6RUQzZVo5eHlDTH5B&google_push=AYg5qPIJlm5bcONtVh58jru_EjionscBuC3aCfKG8y9tNyjsjvmQc-j1j...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FRENvTVhWRTJ1RmdhMEpGNjNXcWF6RUQzZVo5eHlDTH5B&google_push=AYg5qPIJlm5bcONtVh58jru_EjionscBuC3aCfKG8y9tNyjsjvmQc-j1jug6JUABrqJGIHVr08zsxeKAf0JLch1YZjH5S7HN7GKi1A
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1FRENvTVhWRTJ1RmdhMEpGNjNXcWF6RUQzZVo5eHlDTH5B&google_push=AYg5qPIJlm5bcONtVh58jru_EjionscBuC3aCfKG8y9tNyjsjvmQc-j1jug6JUABrqJGIHVr08zsxeKAf0JLch1YZjH5S7HN7GKi1A
date
Thu, 20 Jan 2022 15:01:28 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 54B4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IdSZOtI7KU__ch80BiJUm8Dw7Ls1iBbcXpR9tZUuKhTadKy-2-S6BCIMpoBbQf5FDmylaH0w
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/ Frame 0DEB 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01b4f51cb4adacf39e490eb0b247798243ec108fe29d41f9858ddbdd40a7452a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260845
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16328
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:03 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame F1F6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 13:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179881
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jan 2023 13:03:27 GMT
file.mp4
r5---sn-25glene6.c.2mdn.net/videoplayback/id/8ac1338c40409a6a/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674226888/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame F1F6
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/8ac1338c40409a6a/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674226888/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r5---sn-25glene6.c.2mdn.net/videoplayback/id/8ac1338c40409a6a/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674226888/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r5---sn-25glene6.c.2mdn.net/videoplayback/id/8ac1338c40409a6a/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674226888/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/713E396DB9D86297724747D873ED64FCFA0188F5.38FD19FEA1B962BE6179D63FFE8D2C8118DBF028/key/cms1/cms_redirect/yes/mh/KF/mip/2001:41d0:8:d154::7/mm/42/mn/sn-25glene6/ms/onc/mt/1642689994/mv/u/mvi/5/pl/52/file/file.mp4
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
2a00:1450:4007:2d::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 15:01:28 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4155205
Last-Modified
Sun, 19 Dec 2021 09:48:08 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 20 Jan 2022 15:01:28 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r5---sn-25glene6.c.2mdn.net/videoplayback/id/8ac1338c40409a6a/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674226888/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/713E396DB9D86297724747D873ED64FCFA0188F5.38FD19FEA1B962BE6179D63FFE8D2C8118DBF028/key/cms1/cms_redirect/yes/mh/KF/mip/2001:41d0:8:d154::7/mm/42/mn/sn-25glene6/ms/onc/mt/1642689994/mv/u/mvi/5/pl/52/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/ Frame 4C5A 		58 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01b4f51cb4adacf39e490eb0b247798243ec108fe29d41f9858ddbdd40a7452a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260845
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16328
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220118&jk=528015584665734&bg=!FhWlFVHNAAZ_DxPPfw87ACkAdvg8WixQqC9v2PNPyr8MpqU5fppM9VO1CXJMEQqhKoduHFqRzw7GGAIAAAI1UgAAAAhoAQcKAL_6ps4SBkAjXwyoYN9CF1r-QNGUu_6hP141kl9VUGrFu9F7VBS3HHh85Rc3M8mp74KdCwPG6JGv8qYcFk8mh8H4NLjSTUPNPcb-VHQZr2LYBomdJBKC7ROxOY8ju7BFXUp350u8Z-uAAJ6iT4xiQHR8X-l01SGE9d7gPiuaW6uuvgngWE4TrvdM6r6BdxFJ2TInGCXXTvzqAx2xZqFT0orCfaOy4T88eFd0AoEUZa61GxDHk7EbwiHdIC-XYUPff5kCtEraYkWEnq_tqurH2qiqVGZU2rV72Ivf3UTXDTU2vweLpvFsIIa7a3g4xoJmyzTeqO4PDzhJOV2YL8Pk00T_9uggMooSnwsWNhVw56cDJmPet5i08-_rTkXUtx8Jf6sKorWLlq3SNK_jaUViMmEhndGib4Atu0h8CKferSuDG6NXGs1TswNqg9glFok3FPjHKHUVh1yytNkm_IX_5h7sJcw1nqgTehCj2aisW8EVDUe0MGimabx7SIgJ33o6P1PqpPSwrVJZ8Tn8wE2hjk1viOuAKoBBi6OEN1wt3hwk0ewXvWo2lFIjiVqQqB9ZulMB_1U7cnT8qtdvOsmE6tW9JMVefsD91jb-dPrMlabcFi-IX52vOdp5CHwPE4Lw9iY38ueLB_n0wGm0ZR-QdbmjZitmico4JIj4g9a-OhNTDSB0BSIbYPOIsOP-AUQdx82JPfnki75JtW2xMsw7DJ6B1ly2A7GfuAO-awmgYpdw-CoGUqa6bdmKMfAYdKPlvBXYEXzUFc_Z7XQr5DGnh2hZEcvwJDuRwBjI7M0Pcn-NFrwmp0LvabsWhth7rmdsWrcLn8Axxxk9OM_gk1l8xvlXkLlXaI-F20SCF3B7WGH_IR2-VNGvdqW89kXZrkwswwsAbg6j6ucEqls4pKXiUlh5EU09rHPTD4VR1qSUB12Ixhu7Zk4Trl9wkfWnWEHr9wOucXAaYAPK1ZYRSJeCC4u0mSlReklBg3XI0QsBBiqq76FW-DWm7jCTp1wUAOn3E42LNoC8pfydN6IbTlzwF__r9pYncD7MXyHDaYt9H9hIjyVfDjokgpTwzrwh-aerzHfym_BzVfbQ1LrRBpuUkv9qc_GOZkrYjvUdaRoyveCNIhlxzP85Z_TT9SZgY5dke5YKUthghxj6DC0dni89JnOB8cjx2vB2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/10774078/1635793268649/ Frame BDE3 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10774078/1635793268649/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f41a88e6574bbd92d5f7b9dca32b8ad2ca2138fcb9d8f1097ffd678a2157fca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
4049
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 20 Jan 2022 10:04:02 GMT
expires
Fri, 21 Jan 2022 10:04:02 GMT
cache-control
public, max-age=86400
age
17846
last-modified
Mon, 01 Nov 2021 19:01:08 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C691 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSavpGVH1wPtE4iTecZ0dlwzd5EGShIU87XtBA2ZZkkurLT2KsD9zgp0bti0qvnZJ1IKWToBh2jVmJ0EqMxCfUBmQHDG7MAm_Cq8sUHBkZ1D2JV3xkAtPkh44ABuZmdSO1PQRP0Y3Kf8BCpRW8db0MVQKg&sai=AMfl-YTezG5Nje_hWsIa4f_vNh2GwV6A_eHuR-hq6gkYyQdPIFlm6a7ejObK3CZ-pT8UoEUwXiNtRDPvGG0iPnmZeBM3Hf-kBPY8N3Q&sig=Cg0ArKJSzAQlqX3Fsz3YEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=165&cbvp=1&cstd=163&cisv=r20220118.10786&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
pagead2.googlesyndication.com/bg/ Frame 5716 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 07:50:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
25881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13436
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:50:07 GMT
/
google2waycm.netmng.com/cm/ Frame D7F2 		0
0
dpixel
cms.quantserve.com/ Frame D7F2 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ3c92exm33a5TOXU83WT8I&google_cver=1&google_push=AYg5qPJVnjZshDuptwxyxFapTftNTC-hkFV6mlIpUL6_m5YFAMyhR9MHwyyGLpt-ityn6Xw_OKCgQRKmrbAGjkTrnqdbulLGWbE
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame D7F2 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDeNIEnxjuQGi6SWTIA9hZA&google_cver=1&google_push=AYg5qPLJQa6g0BeaLtOuSGYkY_qHazzm7ZbNPBu5bnQnzJhBlHe05_eZDPX8sSFSO_poESTIE1yEr7obmYPHoFoUYzlIJf0a-oA
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D7F2 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEE31o89_db06OI46wA81jdc&google_cver=1&google_push=AYg5qPIj9kduugZJ5RkoQqYB4vQ67AnpIRrcVjOpKh0JiHX_k1-f7VkszPTo7N9Rryw98DERa76p48KS5AXcw5vmADHhiShVuw
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame D7F2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YZZ0_c74SJupZaxt6_HP_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YZZ0_c74SJupZaxt6_HP_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLX_xHPp7yhN6lexzAx8cXShojzTqh0bHISIuBg6Z-Wfw10X52aRYg2jZQyDeTxsqS16P3bW0aNhKHZe2s7HdDlbHJt3PU
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YZZ0_c74SJupZaxt6_HP_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLX_xHPp7yhN6lexzAx8cXShojzTqh0bHISIuBg6Z-Wfw10X52aRYg2jZQyDeTxsqS16P3bW0aNhKHZe2s7HdDlbHJt3PU
date
Thu, 20 Jan 2022 15:01:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D7F2
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFUS9iVUGv-kG20HX1GBph0&google_cver=1&google_push=AYg5qPLyeG2J_6xSxQmTb1BQ2TVPRH7c4IElvrXZJy7RNqpCYsdNlOrBGdrz4mB6DLF2IZMVb4tMkAF-ehY7-cS9...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLyeG2J_6xSxQmTb1BQ2TVPRH7c4IElvrXZJy7RNqpCYsdNlOrBGdrz4mB6DLF2IZMVb4tMkAF-ehY7-cS9XxnwjhujneA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLyeG2J_6xSxQmTb1BQ2TVPRH7c4IElvrXZJy7RNqpCYsdNlOrBGdrz4mB6DLF2IZMVb4tMkAF-ehY7-cS9XxnwjhujneA
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:28 GMT
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLyeG2J_6xSxQmTb1BQ2TVPRH7c4IElvrXZJy7RNqpCYsdNlOrBGdrz4mB6DLF2IZMVb4tMkAF-ehY7-cS9XxnwjhujneA
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
yWv1O7hiKFVDrbMMsTykdHrITg0H9GVffnJlSkFuw1ZVRhk1jz65aw==
dot.gif
s0.2mdn.net/ Frame D7F2 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEPlTIB9zVui3HTwwKeOlerk&google_cver=1&google_push=AYg5qPJwTx_CnANDVu_9WeUMHwWS5X5AC5pfeTs8MV9gIUngbfRxDK8o463x_54cVa0kSf91tqajokaFC2Wdg838ZH95iIi4ZtEI
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 15:01:28 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D7F2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOqpA4sCAzA4P8zjXzYX7SkVFkcABJrjgr26Oxk2dVfmRvfHJ1XgUwqFb-A1gj4OWhIsatZQ
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
78c76c428a429695887c03bc2bdc054f.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 0DEB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/78c76c428a429695887c03bc2bdc054f.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef9bcfa6bc3e6d8739467a3133a3c2763ac2d871629def102fdbc1e501eb1c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12422
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
039d6895af660ebd4f1c253c6a115ef7.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 0DEB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/039d6895af660ebd4f1c253c6a115ef7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6da3648e75291a3f67cba7dd173c1557fc40b0341d5d6ec2be11d5c843708bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2573
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
9ec0b2eeadd50d1cd3e983052d42b5d7.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 0DEB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/9ec0b2eeadd50d1cd3e983052d42b5d7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f3cb8ad60c10f4c829a5bf535e6d4513578e2478be748201949f77a4ec62b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2311
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
3000a549f837e5ec271954b381509af6.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 0DEB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/3000a549f837e5ec271954b381509af6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fefd66953c82a4802fabeb99b9bb429c5fd45c57e832473d187dd133225a5d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1524
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
7c35d8205f43e6ee5796ae6bf967d936.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 0DEB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/7c35d8205f43e6ee5796ae6bf967d936.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e4c911aedbf707cff09a1987e076555a9cf9fbb456f89cfe8dbc377444b3778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1419
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
pagead2.googlesyndication.com/bg/ Frame EB5A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 07:50:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
25881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13436
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:50:07 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 16EB 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 18 Jan 2022 13:03:27 GMT
expires
Wed, 18 Jan 2023 13:03:27 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
179881
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
78c76c428a429695887c03bc2bdc054f.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 4C5A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/78c76c428a429695887c03bc2bdc054f.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef9bcfa6bc3e6d8739467a3133a3c2763ac2d871629def102fdbc1e501eb1c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12422
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
039d6895af660ebd4f1c253c6a115ef7.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 4C5A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/039d6895af660ebd4f1c253c6a115ef7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6da3648e75291a3f67cba7dd173c1557fc40b0341d5d6ec2be11d5c843708bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2573
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
9ec0b2eeadd50d1cd3e983052d42b5d7.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 4C5A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/9ec0b2eeadd50d1cd3e983052d42b5d7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f3cb8ad60c10f4c829a5bf535e6d4513578e2478be748201949f77a4ec62b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2311
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
3000a549f837e5ec271954b381509af6.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 4C5A 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/3000a549f837e5ec271954b381509af6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fefd66953c82a4802fabeb99b9bb429c5fd45c57e832473d187dd133225a5d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1524
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
7c35d8205f43e6ee5796ae6bf967d936.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 4C5A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/7c35d8205f43e6ee5796ae6bf967d936.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/c5cbe82c0ad4e8aa26b22fa10c5f7f96.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e4c911aedbf707cff09a1987e076555a9cf9fbb456f89cfe8dbc377444b3778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1419
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame 0DDD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 10:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
103013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 10:24:35 GMT
dpixel
cms.quantserve.com/ Frame 097E 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGUE_jb2ay98HTPKpUuJwdY&google_cver=1&google_push=AYg5qPJDuvKwrNNLcnqRj1pxce-3TSa8KYFyIo04o7KZFrV4bZ2rD4z2WTRBv1id97TC9xsbQ4nnxqn5g2nsWxVfFm952TBv9nI
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 097E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECx0YXf7uVbkvsUf36SYQx4&google_push=AYg5qPLcpAEm2Drv2BEo2VdDUjvfjJBzt1qC0VGRN3GZu5GC2lGqlbxsME...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECx0YXf7uVbkvsUf36SYQx4&google_push=AYg5qPLcpAEm2Drv2BEo2VdDUjvfjJBzt1qC0VGRN3GZu5GC2lGqlbxsME_CcAfNmrjDYTziWfGBTQM3MjgGQ3bJm3BYKQ5hkk8G
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1642690889.562466,VS0,VE81
x-served-by
cache-cdg20735-CDG
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECx0YXf7uVbkvsUf36SYQx4&google_push=AYg5qPLcpAEm2Drv2BEo2VdDUjvfjJBzt1qC0VGRN3GZu5GC2lGqlbxsME_CcAfNmrjDYTziWfGBTQM3MjgGQ3bJm3BYKQ5hkk8G
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 097E
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG4EhmZSZJK2cbP7E7ZMBNA&google_cver=1&google_push=AYg5qPLSRf9k-DR07W3Vf8kHRMof57yeuE_cEO3yU4ttfOcsZrtTtBCVyiSywwCsrjWvq_nbWmsZjSd1GhA...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLSRf9k-DR07W3Vf8kHRMof57yeuE_cEO3yU4ttfOcsZrtTtBCVyiSywwCsrjWvq_nbWmsZjSd1GhApm53-gVCEiZOysP7Q&google_hm=SnTGF9Q-RWCe4yfa3YkjM2c
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLSRf9k-DR07W3Vf8kHRMof57yeuE_cEO3yU4ttfOcsZrtTtBCVyiSywwCsrjWvq_nbWmsZjSd1GhApm53-gVCEiZOysP7Q&google_hm=SnTGF9Q-RWCe4yfa3YkjM2c
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPLSRf9k-DR07W3Vf8kHRMof57yeuE_cEO3yU4ttfOcsZrtTtBCVyiSywwCsrjWvq_nbWmsZjSd1GhApm53-gVCEiZOysP7Q&google_hm=SnTGF9Q-RWCe4yfa3YkjM2c
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 097E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENNcG8xhef4aEr0SbDdw_II&google_cver=1&google_push=AYg5qPKGUgeDUZNtIsC4AvA0ZhSRV4vTIVcrvbZ21NteQXTpaLdC_ogVWx5lFqEDHqBWGQjD1WpSMbYj3l9oN9JTiNQxndD...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKGUgeDUZNtIsC4AvA0ZhSRV4vTIVcrvbZ21NteQXTpaLdC_ogVWx5lFqEDHqBWGQjD1WpSMbYj3l9oN9JTiNQxndDGZpR_&google_hm=NjY2MDU3NDIyMzgxOTcyMT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKGUgeDUZNtIsC4AvA0ZhSRV4vTIVcrvbZ21NteQXTpaLdC_ogVWx5lFqEDHqBWGQjD1WpSMbYj3l9oN9JTiNQxndDGZpR_&google_hm=NjY2MDU3NDIyMzgxOTcyMTkxMQ%3D%3D
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 20 Jan 2022 15:01:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKGUgeDUZNtIsC4AvA0ZhSRV4vTIVcrvbZ21NteQXTpaLdC_ogVWx5lFqEDHqBWGQjD1WpSMbYj3l9oN9JTiNQxndDGZpR_&google_hm=NjY2MDU3NDIyMzgxOTcyMTkxMQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dds
rtb.openx.net/sync/ Frame 097E 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEM8A-xgzkfOm90gJPer1Meg&google_cver=1&google_push=AYg5qPKvCXjAydpQK5D9hJXR2BJLqHG_DKXbRiHoOeUAb56vk2kLPUxo5aHDU2JXdKcSThB247U134WqfXGS5XKRnnTpiWDr29bc
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
0m3hnv3ud3e3gh0h67bimm6u536q1stl
pixel
cm.g.doubleclick.net/ Frame 097E
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEJ491P_0l-0VcT3iliH-b_k&google_cver=1&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xw...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJ491P_0l-0VcT3iliH-b_k&google_cver=1&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uH...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7u...
0
0
pixel
cm.g.doubleclick.net/ Frame 097E
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB_QSrjgcOo0mNiyFAobdsY&google_cver=1&google_push=AYg5qPLpSfvpWn4UUspCKuR3CtkXUeD1gy6QU_hXWQ1SQ3dXfg1mECLc5syQw3LBS7fGmpn8nJao-vUVm7iWLekLHD1pgzT-pKFB
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLpSfvpWn4UUspCKuR3CtkXUeD1gy6QU_hXWQ1SQ3dXfg1mECLc5syQw3LBS7fGmpn8nJao-vUVm7iWLekLHD1pgzT-pKFB&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODU1NjUxNjU0OTQ2NzYzMDQxMg%3D%3D&google_push=AYg5qPLpSfvpWn4UUspCKuR3CtkXUeD1gy6QU_hXWQ1SQ3dXfg1mECLc5syQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODU1NjUxNjU0OTQ2NzYzMDQxMg%3D%3D&google_push=AYg5qPLpSfvpWn4UUspCKuR3CtkXUeD1gy6QU_hXWQ1SQ3dXfg1mECLc5syQw3LBS7fGmpn8nJao-vUVm7iWLekLHD1pgzT-pKFB
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODU1NjUxNjU0OTQ2NzYzMDQxMg%3D%3D&google_push=AYg5qPLpSfvpWn4UUspCKuR3CtkXUeD1gy6QU_hXWQ1SQ3dXfg1mECLc5syQw3LBS7fGmpn8nJao-vUVm7iWLekLHD1pgzT-pKFB
date
Thu, 20 Jan 2022 15:01:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 097E 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbazZU5BsQzgbJuyniHFY4Xuk-hl60_QwjLQInD-Vrgc2TxbLgLYG3VKh2WvdRGrw0orWJ
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
be68fac4543e50759c26d7a153fea00f.js
s0.2mdn.net/10774078/1635793268649/ Frame BDE3 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10774078/1635793268649/be68fac4543e50759c26d7a153fea00f.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1635793268649/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d4b9633320f23d8ce3c4dcb514f76d27c6774115c5f699917dd94c3777a6ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/10774078/1635793268649/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 10:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17238
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 19:01:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 10:04:30 GMT
78c76c428a429695887c03bc2bdc054f.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 0DEB 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/78c76c428a429695887c03bc2bdc054f.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef9bcfa6bc3e6d8739467a3133a3c2763ac2d871629def102fdbc1e501eb1c3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12422
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
039d6895af660ebd4f1c253c6a115ef7.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 0DEB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/039d6895af660ebd4f1c253c6a115ef7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6da3648e75291a3f67cba7dd173c1557fc40b0341d5d6ec2be11d5c843708bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2573
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
9ec0b2eeadd50d1cd3e983052d42b5d7.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 0DEB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/9ec0b2eeadd50d1cd3e983052d42b5d7.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f3cb8ad60c10f4c829a5bf535e6d4513578e2478be748201949f77a4ec62b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2311
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
3000a549f837e5ec271954b381509af6.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 0DEB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/3000a549f837e5ec271954b381509af6.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fefd66953c82a4802fabeb99b9bb429c5fd45c57e832473d187dd133225a5d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1524
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
7c35d8205f43e6ee5796ae6bf967d936.png
s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/ Frame 0DEB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/media/7c35d8205f43e6ee5796ae6bf967d936.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e4c911aedbf707cff09a1987e076555a9cf9fbb456f89cfe8dbc377444b3778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7187778028326859199/728_90-HTML/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 14:34:04 GMT
x-content-type-options
nosniff
age
260844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1419
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 11:55:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 17 Jan 2023 14:34:04 GMT
01d6a24891b17dcd25841d24d2c24889.png
s0.2mdn.net/10774078/1635793268649/media/ Frame BDE3 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1635793268649/media/01d6a24891b17dcd25841d24d2c24889.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1635793268649/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1388d9e37742e0bff62e541f312d861c404530e5f869aa00badfcf07b3a0aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/10774078/1635793268649/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 10:04:30 GMT
x-content-type-options
nosniff
age
17818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
172467
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 19:01:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 10:04:30 GMT
c6702dc0e82be8e9055e9416adeb67f3.svg
s0.2mdn.net/10774078/1635793268649/media/ Frame BDE3 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1635793268649/media/c6702dc0e82be8e9055e9416adeb67f3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1635793268649/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc6f706201a1c84a33b468d33b955d7320b987e22820c8ed5d23bbae11af0f35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/10774078/1635793268649/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 10:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1116
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 19:01:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 10:04:31 GMT
e52e11193b1f9ea880bd37bfe9ec8e79.svg
s0.2mdn.net/10774078/1635793268649/media/ Frame BDE3 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1635793268649/media/e52e11193b1f9ea880bd37bfe9ec8e79.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1635793268649/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56464706bc02f9f808b5ae74eba2fb1912706ba234120c40edc510e765159535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/10774078/1635793268649/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 10:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1408
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 19:01:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 10:04:30 GMT
73dd20edda161c488ce09a38564446c6.svg
s0.2mdn.net/10774078/1635793268649/media/ Frame BDE3 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1635793268649/media/73dd20edda161c488ce09a38564446c6.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1635793268649/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6820c8f8b383ca4e4997515fe6bf438468a9439d71d6ca2c16ea5e557626d13c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/10774078/1635793268649/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 10:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1342
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 19:01:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 10:04:31 GMT
6b481c2c0e4b1ea8d745d230f4743835.svg
s0.2mdn.net/10774078/1635793268649/media/ Frame BDE3 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1635793268649/media/6b481c2c0e4b1ea8d745d230f4743835.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1635793268649/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d37a1d36aad175558c9cb9fe6c01f15e09e7edbb9f2953581305ee43f64637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/10774078/1635793268649/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 10:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1140
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 19:01:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 10:04:31 GMT
3929491fc2944c6906d6a8bc9361d3e2.svg
s0.2mdn.net/10774078/1635793268649/media/ Frame BDE3 		2 KB
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1635793268649/media/3929491fc2944c6906d6a8bc9361d3e2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1635793268649/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16c037bedf4df26c2af3f5f6a118911274ce6982325d197fde4ccbad92344519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/10774078/1635793268649/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 10:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
892
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 19:01:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 10:04:30 GMT
4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg
s0.2mdn.net/10774078/1635793268649/media/ Frame BDE3 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1635793268649/media/4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1635793268649/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/10774078/1635793268649/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 10:04:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1881
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 19:01:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 10:04:31 GMT
fd86342dd9428704bf1c20fd1a2613bd.svg
s0.2mdn.net/10774078/1635793268649/media/ Frame BDE3 		2 KB
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10774078/1635793268649/media/fd86342dd9428704bf1c20fd1a2613bd.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10774078/1635793268649/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03ffaab06677ed0ab349a8b3a75edb16dbb8db0dd7b9a81bc546f08997010467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/10774078/1635793268649/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 10:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17818
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
942
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 19:01:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 10:04:30 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 7A28 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvIpX0Vtfsmi9psAJK6wufOc5BTTkdb5wdOCiaIQlJ6j3vbN_peusKZEINkB1xu08wllIzJ74qelrB6dVFW1WOsYuKX27y3xQyMoVxjO7jHNIM2nbkxyol6dTpu66ZUDJIDruMK5jmSMIiGHTsVIegwLNTziSU0nTssFJ8Ywz7_cEv2MAMy7BGVlFjXFXH1Wpv4jGAPFI_BCfbx4xbJSX4qMt1c-OX7Qrm-LBHanbVVlP93PYZVkYqH1F1DJSFrMhQ5c7AmwjL-thXdRI7TVZgimarkow1gtP44hk3UbZA_idj3QPblqlWdmUpECoLfoxr4rXCckC8EZ7pp1CUmUdvXtRxlcoXS14WJVArJIk9ANDE1QN0E0zfhfVrFDVqggXXJzCIdGUM5j4B03tZWNxGei19lmKrBWXtc5TM2K7Rh92lbraM42INg6YYXZPTJWWLK-XfLYNpHdVwyeLzUHhhlg1SZMgS8LeuF7WCmzBsG0TBC9G_w7Sc5cnpuftSnz-0nP19DLCj6XxzCp04c0WHHVrcBgSKUHwoRsD8ahKViMqdehMvgTbOm9NxrVydkZ7MrHy3TIfDmw4nSdLqvYNT3zXV75sajWUc2xxVCXF6zKZh4esVNDVVNWyQOvaKEv_p72oaXXmvat1r1tScTu5pTw_4biTmXAzcGIfSmpH0HOaGANb5ExY7pPxihEOUvwOlMmKcNZ_nLcJW7xopzvjxphD-ByUFQNjBNNSjoIVzHjX-XAtM94zCEuOFM-89rXfLUYd6tJVhdyPJjYCD323kTUmeILiuJGbu5xSg7ZPqBSb8FLG2VTw2HBSMNfqDAaAAtL0gxSwBQfeURYgoMPGqDNTGjumMkFI6GWDkUELQhcHhwdHaGySNUlqxZrS6McCOik2KgZUuFXx6wGuC5Y9oesGuGoenic_0IHF18_brb4SijSvXd_ebW_uDe4AJhn-n6Ct_ENsD5YIqfrXH8u_xMvaTq1FNBwvEXTD60wVNsjPSy8rKx1wESKXFVTKbkwwPGMIgn3L824jLTUw7m3lWc64GgaOsyKxIfl8zOFGFJkNFB3VCf7IhTFf2RPauuA50XVumaDa3piDJM0dwjmz7DLUaqpziH0o-TuWDYBBjhIoGKfuFLFseegHtWFyahhWZNSHKGmsbpmhCTB1E&sai=AMfl-YT2A77PUEQXi0atKPiXSQXw5P1TNcMzIm6_tvUJGt-azcIeYUf3xaX0313q9SjqR7LTWSW0Ibe4wnYu9qQRmBRL8wQAI9GcQ6PJx9lRu8Sv0qa8XYCuobjzwn0ZR9L3mnADiV4V8Pc0EJa20hd52d_y5ae-jWGDQQkQtUwckORS1kYPCF3tPASYEVNqA6TT-cGeDNBXzOHpTQdK4CtvOquv1E6oKR_XDayEvrVm0THFoZWrFs-E1X-cRn7sQup9Cjp-7eS_8zBeaS-HqcwL72SfalyzhK399djmWmI&sig=Cg0ArKJSzBZGFIHMycVXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=792&vt=11&dtpt=401&dett=3&cstd=387&cisv=r20220118.63717&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 5414 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvWvdw0ylenwqqSNHJ3WAQBzUQJLZTbQtW-LP1kaV1LKovSs7eE05PbZu2gDVLzd5d41_sw_upKMxEmQ6eelGAaXVVjJDnKaZ8aX4YF6UZD-OU_5SjQ0mcrMsI-Vu4zuVF0QWxmhnJbv82TkHB4nEc7ko8bb_QDCQyEO1bc6J1ZcYFut7zhkpOkhIMC3ZL6-5tS2lcNb3PMmd9VlxeIf-C0myjwbtpJIbp_wZLvC2xBIBtV8ia-yDTqZbvxdnMfKcVMDuFGA3jV5slu2HE_ghXzraDJmMKwL1a79F2MvfrdfuEJgr0fH1EBpwItkPejbZSvFwnkSjSM6HwRdXYyMUG_pDQtjOfHoeNzI0Qd_mnJHaadaWBZeIanCzSSOuUBvJRbbkAKLptSZOsxCr3VzXcQ2DJOQ1YJWmxLli1NbWBkBajCOd4stbJZCmQH6P563P9vC8312WZMgGqKx-vlEoUqZS0QYV5ABVyqyHG30oH6FmxO9sZwsQTz1WzGvAmzQxBw_KG_WHMY37b8U1xLY1D_sfEKKzuNlsWgtjhyopnq9euoBErdgaasRZyC_7lKhjYFmkavbyKn4KKLoihUBYyYo6Xq-zsDuo-nF8D8XyJwNNaROHq7xUmqnep6auzTq_fyKTW8Yd4fdVWT12N2j93FFHUEeK_sUmCJheMpqYDqHa1gLl2MkqWHWDUpsJqojILv126Ee-zVSyOw29iqIEQJPiySK8JI7NKbPAYUi84KobVlrJZ-0BU5iqyWEGYVsw6ulC3vHzBC2YeKnpW2XAyGOJ26jZWV9kgxtjn9_vLSiHIcvPLtC1cEEJld7AEMRSw3lLEmE-wPlByjfa-OEQLdoQlVGc8CKHfsu6XjBlvQK_W1bCvtht994_26kVoqqvHH4T0SiVzsDkLwEuKMYObHy6Nqs-A1guIJOf6QZeRMy1-RLgchFpKw-RmqFDSLhzY26Cu4SdlN0uABCQAyzn0G9fVRNKjFrD0q3dXB-uN72fdySiMRGXcrxl3Y92dAOrW00K4u9K1ph2dCIPTperYQyTMRPt3MYfgaRnvfku3ftgUWxj4pbia0PQTOYDeMbXA0qE4ruhQwZ6uW98gNjlEVBmo4UFPqEGspasYL07TgibLxoPIkDzwcMNPHpXz-VorX0XAprJegLhTTLN3l&sai=AMfl-YTf8jcDXmjF6c0ieSrsheoOd3JjcgAakpGQpAWDeu-QvL-KGxhB0mELURj299nEMPDel1sAucr40yLJc34yJgaZzt2lleG8SsRfn868CBwHZhLNGn8o8o1j29VWSj0762BiI9DSWmQn9NedxzFrur-n869aL8S_DOabU6Q-73yMALNPmFzJcU46UUauRuaj7J0Y98_kDSp4H7PMT7vWRC0rLHZYJTWwWH8RY5R--XeeZyuz2h-LvAy732yiHsSZAOliGb9idKNrRT8HQfdlKT66BpODmHz330TOl-w&sig=Cg0ArKJSzGxVc0eBQoNnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=809&vt=11&dtpt=375&dett=3&cstd=432&cisv=r20220118.45969&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
pagead2.googlesyndication.com/bg/ Frame 16EB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 07:50:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
25881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13436
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:50:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C691 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSavpGVH1wPtE4iTecZ0dlwzd5EGShIU87XtBA2ZZkkurLT2KsD9zgp0bti0qvnZJ1IKWToBh2jVmJ0EqMxCfUBmQHDG7MAm_Cq8sUHBkZ1D2JV3xkAtPkh44ABuZmdSO1PQRP0Y3Kf8BCpRW8db0MVQKg&sai=AMfl-YTezG5Nje_hWsIa4f_vNh2GwV6A_eHuR-hq6gkYyQdPIFlm6a7ejObK3CZ-pT8UoEUwXiNtRDPvGG0iPnmZeBM3Hf-kBPY8N3Q&sig=Cg0ArKJSzAQlqX3Fsz3YEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=457&vt=11&dtpt=292&dett=3&cstd=163&cisv=r20220118.10786&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
c
prebid.a-mo.net/a/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Thu, 20 Jan 2022 15:01:28 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
hb
ssc.33across.com/api/v1/ 		60 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f98446d452731c21af292cf5872a69786e895b9fc568db53dedef3cc850649dc

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bid
ap.lijit.com/rtb/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
1f5d5fdb76bf126c16a1689bca96a4c03b6aaa27efe67ffd5c0400cc74dfca33

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 20 Jan 2022 15:01:28 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://kooora4lives.com:2096
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid-request
onetag-sys.com/ 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=27015952302
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
file.mp4
r5---sn-25glene6.c.2mdn.net/videoplayback/id/8ac1338c40409a6a/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674226888/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame F1F6 		192 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-25glene6.c.2mdn.net/videoplayback/id/8ac1338c40409a6a/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1674226888/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/713E396DB9D86297724747D873ED64FCFA0188F5.38FD19FEA1B962BE6179D63FFE8D2C8118DBF028/key/cms1/cms_redirect/yes/mh/KF/mip/2001:41d0:8:d154::7/mm/42/mn/sn-25glene6/ms/onc/mt/1642689994/mv/u/mvi/5/pl/52/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4007:2d::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4155204/4155205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4155205
expires
Thu, 20 Jan 2022 15:01:28 GMT
last-modified
Sun, 19 Dec 2021 09:48:08 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
client-protocol
quic
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5716 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bq9x9R3npYaTtC5bl3wPaoorIDAAAAAA4AeAEAg&bg=!2Nul25_NAAZ_DxPPfw87ACkAdvg8WmJ8pS9EyGZFtNOjzJXvDrMvKODtBKF7u_lMSdjj5-OhKUPyzgIAAAELUgAAAAJoAQeZA0ec4Uqlbf2pVIxSUplDHLzlHbXUhWMgkCkG_cIhKa5q-PGEDX0gV66V-0p5iKDbBE2GGRWZtgBNuAGP389ZLgdHrxzi5FThKi1rm9LOSSarMtetRI2JdORoZxf6Z6QRBz3L5C9aIu0LN6k-ub-rTqbI4i9gX2mMd9JoNUIzgKf53aSjDuLB66U8TQpbPTVwogG-TfOpkEpbttHQmG332xeBrxnvPT41P0EaGjaRtfY_xeVji2snIOWF10yoxuBqZr-LwhsOpJ9aGw_9ggwzkbleg0NV_oq9_gn_jaRRaW3PMRAl4c_a3Vxpm5QSuQL63WW2frZVwEySE4n-Lzy7kjmdzTblkMHJRSG7TDtu5o2_9u8Vji6-2bEJenF5uFCnbsGXVU75nC6K-dpMYGmMmssghK82A76llMAWpwtd4W4RQTid4w3ADOcLr5C5DTTDi7VLvwDjSdnc-MBjXbNeNKfbY98ZHTXp_Pwhij54oJEnyK2J2PPS5VdzkkqbdFAKre_84gFI_Cmat7mYeA0zmGdfFttuFJ7eaOo72ucHJHQawdPDODSFteAbadVHJWc34kQaHqqVqnXf9vYrwdwLLDfZIMN92NH5BOcLODl6__gfFj6zaCJtfZDnty9-3N8gyYW9sd_VIOWQKHDn3xys-VjifWT36AJQojGouDGXUZIjHvelufSn9seIGQvSWyRoLSTk1hvMhike20-oj17nBxO3XOqCXCKL0k8OMNdDs3PwxHCzM2z1oWFT7ZlDbXjxq0V98l3iYFAmjZ2srVJ94TZY3oGaxeVxiD12uCa3oX3HzTKWUXyRDiWnVUvdhBupF4CBxoUg50nRC9gtfFBVhLMYHzwXaLP1UJhhqNW55WgCZ4JR-0I777olVRA4B_PqhWv5V1QFa5Amei-diEya0WB6S8Nvp9OfCFZMELYaPngzXrrEOjymgwcLsLYRrAj_b2aSOITTNCxETGxgT9a3bJ_31PmFefiCn4zESpXhTzRnt1UYXtgCrh8XZEbONoX4UWMT7PDa8iy1jqHRi6hqNWtuPEtY4Wf6rm-CxhkZRxQBdzPA5NBzrfcyFELdo5wdbV4d222n4YOFqQLlsnn2YHV6wthE_ABuVw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ae/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ae/adsid/integrator.js?domain=kooora4lives.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kooora4lives.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=528015584665734&correlator=420654324867112&output=ldjh&impl=fifs&eid=31064137%2C44757100%2C44752585&vrg=2022011406&ptt=17&sc=1&sfv=1-0-38&ecs=20220120&iu_parts=21939239661%3A202189885%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3D021c6d3e5405527a%3AT%3D1642690887%3AS%3DALNI_MZpZxpwvqOlR3hS7dhbECY39Z89xQ&bc=31&abxe=1&dt=1642690888963&lmt=1642690633&dlt=1642690886349&idt=679&frm=20&biw=1600&bih=1200&oid=2&adxs=-300&adys=601&adks=1538426229&ucis=e&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fkooora4lives.com%3A2096%2Fm2%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_xXR1ZtMgty9K60ndUWuP0x1hTw6BaGFd1hTXC5JI0u7JwtbsoeNTQxXS4RzayiaZ62n3q7Oa1BK9QtMvtIvGDVs8uEe9Aslw%2CAGkb-H8vRC9jIbwDrEaioffMrbqgHwD9hsEmIPPnqxSdqgFmV01757YtOeAPYZfn83XPvc5BvRifiS0CjMLyuwulXyPrHyeRjBTDnOw&ga_vid=1668863241.1642690887&ga_sid=1642690887&ga_hid=2126848952&ga_fc=true&fws=516&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
249e90601855c64286297bb23a25f8cbf7fb0c0ea9aca8a1e94dc0736dc6abc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10116
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DDD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bkvs8SHnpYahKiNnH8A_Cj5ngDAAAAAA4AeAEAg&bg=!0tGl0ZXNAAZ_DxPPfw87ACkAdvg8WgDFnzs77Su56QaUpO5xDz9qyyBUkuVXfrMQaiefYUL7jN9ZdAIAAAFaUgAAAAJoAQcKABhXWVxuFGADyWZ3JT9bJU0KTSGwrStalEyZA17vmiOZVLkQweKLLl7hWGWeL8UDHYtDqAsEFy9-BW6Q-X5_7gg5TpJM7-ZD5RbfDQ4M1ip-kic5ev8pNvSrvqh6jdTueZ1C8dSwfOla1TZIW6nR_VccNZgk7mIVLqseAiImPTcOai8F9dAu_eCDPZNwFg3y7F4qpmR6ZtvyPbT75NDGSiKtXhhe7lADIe4hthac9yZrsRPYoK3dHYseOWNXSdNIqd5SNUEtSQp6q5_9YCtMvZNl6E_8sLrRFOP6VA0Q_y28Dm2ExA3Xh0HqKjIkD2QpwMo-1NSiJ75fc-RHFK5T9R3g0iQjDDXNIT0MElw5ZKMliwTNwywOr-amXugUYYltIClo7hnOtocNXt8VUeO9EsekdP2NiCz6T6ZMnWi15A083rKnqgebLo1S83QpnZcVLFLujIJve_RB7qyo0XfGppiVtyw5RYc9MdLwS43bxMYhASAhAamBZpU6AHk6IanqAZLS8Io6IHEEGfU9-eu0CTcsQpZiOuBMjF9HfFdJpel3CQGE7pymiAg3dqHDtLf5jDvA-P0nqXmo0OZcqKopSRCQ5U0p5ATSwpzI40vsPJ94bec3hUOx5qiw7RQ6x2b-x8i8m1EzbX1djRBdIvX0qAlIzmJiION8Q9xU2Xu0k-6rp4_L6PniomTkPLTzjbuDJ-u0Uuwdp1Gx6F0k_92SEKbGJiTYP3CmyfrV2cFKdor4UmM0Hq84Q733Fu_WkLJTEcjEVPsv7Lvz_DGthsxzBonKLioZTHBeeBvZ45OomZO8Cb1r9AGy5cGR0lOxy5Rxbtme5Wp4gBvtfca9LENEZjNMbyihzfrl-vpy4x8fXtxNbkNDuUK4clwb17mXyprzZFTmMPX0NBY1_VRstwcFUnOdJs6jpvxUdY-clnhfUcmiLV39LVgkzPtB-xIvWUjHdjqcsmaCFjfJ-y2HjlfxRtt8e6Ho99rFIMBtYC4QpHikk9mbVBNjNcJ1yIJjAZF1vaNHHmDL_sd0tv5TWdAPRqPxzGY2ta3WvtgsgP0JxF2HjoKqzuO8o2SkGUbWyGrs_MAejnEGlkTxWLCyGyMzkxkZyAVnlD15siIfW0Kb2HOkGxr-EdaqEBX4VEZaBlX60RZdRpoY9eP6vfgchkhC_67AKQVTbCHZSfVQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB5A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bx4CNR3npYbTfC4iSrATQ5qa4CgAAAAA4AeAEAg&bg=!JSalJmLNAAZ_DxPPfw87ACkAdvg8WqH3T_dh5hk7GXSnq6w85jmg0VM8QwV32TTFp8yc8pUD4LYzXwIAAAFvUgAAAANoAQcKAGuyfWbcm_haDOaIELkaVRlne7-G7Suedq93iKlJzTYXIc6ih_Zzar5ijB-b09hTITljTJbNIxqaJ6K6Abs14tYjfs9SRXBvaLesxFWa2q0xIFf8dITJaFV457VNmwAYlcoEYgzf0Er-VjJMuZkDAyhf8pLR3CZ0mHCQosgwxHbBIUD_VnnUPSGsQiSG-a-bkbnN1ud2aZ7lQvhg16eqmqbBAi-KsRBdZzncq3DnJpczi4D_yXZOzn3bKGFcXg_X9GYbjORgwrkY21ZV9t-SFTWADyXRaAfgMc-5FkyW6Q78Gj76DznGYtfPRjW_ZdFm5Hp56MlvLRVv2WvUQf8ESgCes75Ub4mZkd_1s7uBqBTcCZk0C3PMrE06fbFRKf6NAgWVaDTv9Pl48eeNrmvgan6lBuxMRcNgBZNN-nA0t2gqax3Pi7twrLApf5ut0VzqHi4_qfdTZgN25nM_b6ZXhwh5TeYn6Rd-pHkmg6uE0T1bSIHeKuaL1i2wXSsHgKpeTM792BrmFBk2IG_ZRTiLYC1qwF6X14Z4ednhsX-3bXvZ4D04OUcVrzUXMKNiguemO4bE5QLwbDvhXKFys925rUYwKx9U9_PZFUfGF3Y9JBIihtwlj_sq0UXH-k6Kmos7iqxolzcTSgRuG04ufDAvwOrIkS5L76JBlTr1agQ-HePDmpqdA-7NqApfJSkGsWduxLi68io5_8lopGx3nJdz22FG5P07I4uX1i6D72kWo8JKfsU1hx0_ow7U1Y1eBFTTVKGPinMZCIz7L_3_pvvV_3WE19aJ5GY3vR3Z3r2Bi9OQ5OvAUA1tjzN_EG34BPRPZ-4tEChyIRtODyeMFfYE7cm0ezpnqq48sFf_NAbRj_qNBW3u2hV9oXfrxOTIkT1-5JRtmGKaqd9JGltmI1X9-eLft-PO0AhYO8jEc_1DnB8v6ISaDQUDQJuW7_v-0FzwXa4ZyYaZNVnpu1hg7sI77-TujIh7SiIsCsY-g2-Nhg6tVCIrmAMgo_B2AB5IKHcjppeW33TGHBST9K3Mv0fM8LXhzjmqVFO8RP651LREM2-rBLuQp0y64FcU-sheJfAAF2ipwxgh10XVDWxmiwXKD-Tep3UUmJ_VHwFuyut019XLfwVOH9ACGsv71QdT9ITF7TDw965P4S71J44w0qqcN6MnuQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 16EB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BMgYvSHnpYbz6Fonj1gbRiZHQDQAAAAA4AeAEAg&bg=!zM-lz4vNAAZ_DxPPfw87ACkAdvg8Ws3DwLKoQ-9DXDiUZoOk5-Y8jQNbNDIb35bys4NAFFI3UckNlAIAAACwUgAAAANoAQeZA2P9Q_SQz52Q6sqPIwVBQIasiCJyXcu_2Bb6ZLndLGc2iOhmWITTF50FABhPT5T4YJfE1NfLnCszgQyYgSmn4FOG4U6Eh5XEZcqq60q6v0QLPdkWmW2SJNpk3_b1M1K-6wOrVQbPj3NYhIBpRQ8hw4nvPCUOPwhwJ7lt5ibL5ImyvjIby6W_q6i-ltHsNfjs34uMC6ItavfrrOp0OsjrEkHa-iSvCkwWl8PcR4yANvwOIFJwJT7XYQnQaxj3XpTh5Da95dNXH2OF3a5_EJwcywSKtcna2747qqYkt9Fi9KZ8c3aCYhJ02Eef3CteIft6rNmLidJiscwQw13Z5QCf_8sIb_dN2VWIGD_ROx_54kfb0fmxDuCzbFa6wV-XAu_hr7N6LxJMZIOwlfXIRy7E_3hZXZCJRUbzxgGOADfWDv9Wz3fys9GvbJGkKSX-kp4KjkMQURGRIo6iCnjvKdwGa_4LKuA66vpm073TNhOO0_Rrm0LPSK18_M_LPxJpF9uSF70MoO6IN2wqCCWS7iIXi5Ae3zmGidKxXEd6VdGypGqBWVJQK7kWQXjRnY2HZa-7MXxVcVWgY-N52laCBaWD_z3scVLOq7iAEd9mXZ9fz3ryIq3oa5RHAzfw531elIPVURKTovTiKWLQFzXUiJf94D5uK0D07NL4GJNMIWTarGKiBFIgW3b5-0jRbuVtRJAuE2y0R8Bc-h9zMeHt9xm3KHcqgOo26Rvyt1bxtFh6u3VXnPt8m9sac8q6LON5qcQ4j_gt0QyCv81lrP1N2P1XbOF8gGS9kf0eQdumaeNIf_G4vn6WNaeynPB98agHTiBTdrvpOy7Qj0a3_TUDqvYx-p7E2O3sW6ER20frfGdJbY-5HoPfsERo1BefAQx4JQWvNLGxpAGLi6KqdS_Y6A1IMnStP178BajTA707uCPMjCGQgo2ZxZS7cGXj1ktWYHDpX3DWnGM8FQWWq-UVqYYshww0FJLaXdWeDk5rn3JaAyABQWorWRf0DYcq9BoHeDruJ-XyWhkrlOVfgleoAOVZxKgunOyel0AcYFhmqDYP3Rfxzt51V9qc2To5i7tAB5JQQ08SEHE9hSPFPfrFe0JwcJPluQ92My5BacycAfQWWBqYr3qEkcbuY2Lk2wegodWMxibVebk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Jan 2022 15:01:29 GMT
syncframe
gum.criteo.com/ Frame 04BF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kooora4lives.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2420
date
Thu, 20 Jan 2022 15:01:29 GMT
content-length
5182
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:29 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:43 GMT
server
nginx
etag
W/"61cc54f3-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Jan 2022 15:01:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C691 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm0_WtMq2TJFtFBnfV534NT4SN3J18B5ckf5bnPKjBVOIdpeIySxtPCfy3_85qb_y8Tinhtc6wJnn0Kc3OMZ7Hjkbr5P4HBw_nR6U1aUefTu9Vhr7mWA&sai=AMfl-YRw3H8I1IjFFvhJ_Mrw3WiYuhH3X8nujJfaptDFMk25CiuI8mDAnTZn0e_rX2eU2IHd0Xu_zXIi29sptd3d1Vo8USvHx9p1CMBNUp3dH6IwGHGpnYCGHDepM8U&sig=Cg0ArKJSzInvoA3niH0bEAE&cid=CAASEuRofnJv3bQYhMZsXqnnVzoovg&id=lidar2&mcvt=1000&p=100,315,190,1043&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=667468269&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642690887950&rpt=505&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6AD2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011406.js?31064137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 20 Jan 2022 15:01:27 GMT
expires
Fri, 20 Jan 2023 15:01:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sid
mug.criteo.com/ Frame 04BF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kooora4lives.com&sn=ChromeSyncframe&so=0&topUrl=kooora4lives.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=_ls4ZHxoMHJRa2pyd3lMYUZ6UEZxOTZzY3lwc1cyVHVNa01qS0VkMVdRRU14RU5nQ3laUzcyY3FGYjZxRVJCMVRoTE95K3dReE5oYkVRUGZTckZDRENTOEVqMTdnNXNoWGp1TXZybG5ZOHExYmxDakZadHlNK0YxTiszRV...
425 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_ls4ZHxoMHJRa2pyd3lMYUZ6UEZxOTZzY3lwc1cyVHVNa01qS0VkMVdRRU14RU5nQ3laUzcyY3FGYjZxRVJCMVRoTE95K3dReE5oYkVRUGZTckZDRENTOEVqMTdnNXNoWGp1TXZybG5ZOHExYmxDakZadHlNK0YxTiszRVJnamRmQkYzeFVwMi9XdjJUMG12dVJRdWRzWXFxWHRTSVdRK01MZVgxMDFFMS9mWkVnUjFKREtJdlVIdkhETFRXTDJCNGNKUDFSdmVHTVc1Q2ZIU09NTThReVNmemZ4MW10RDF2bkxpZ0trN0ovYTgwN2JjWGN4N0E4OGl4OFErNVpROEVjNXp6cGw0Nk5FR2lKMElSSmZ5N0tDNndKQT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f8564f21250a90e12a0326ab4c46db6837d6760f1f70388a8f099f32586811da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3356
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:28 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=_ls4ZHxoMHJRa2pyd3lMYUZ6UEZxOTZzY3lwc1cyVHVNa01qS0VkMVdRRU14RU5nQ3laUzcyY3FGYjZxRVJCMVRoTE95K3dReE5oYkVRUGZTckZDRENTOEVqMTdnNXNoWGp1TXZybG5ZOHExYmxDakZadHlNK0YxTiszRVJnamRmQkYzeFVwMi9XdjJUMG12dVJRdWRzWXFxWHRTSVdRK01MZVgxMDFFMS9mWkVnUjFKREtJdlVIdkhETFRXTDJCNGNKUDFSdmVHTVc1Q2ZIU09NTThReVNmemZ4MW10RDF2bkxpZ0trN0ovYTgwN2JjWGN4N0E4OGl4OFErNVpROEVjNXp6cGw0Nk5FR2lKMElSSmZ5N0tDNndKQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1815
content-length
541
expires
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 47E6 		363 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnv4gEQ04fhAhj32fu_ATAB&v=APEucNUm-pe51U8X6LDcijneM0sSH-nXtNiZTiPQd33eiiEUIT7giCdM_Q-7-Uw1tvn8CRHvecY43pKGJMp_P71nei4QbarwEdughr8tAxBPNMig8umL1iJmnaoeXKToIo_jia1G7Qh8rtK0vcsUh0dpLSi8Qx10GHA-ysLuwodxygxbrXhdrRE
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 20 Jan 2022 15:01:29 GMT
server
cafe
cache-control
private
content-length
206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 6AD2 		25 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B49hOo8v7_7ticA6QnrZHqQTN-i_HjZVuHOPYFUD710GAd4LIXPuIrki4oPDe82Q22XwLzVAq70rWuIGTThoen4qqhsfkCUI38EifWIv0G0PodgXCNt9SRYOEO8RTgFsFaSGvh5aywzF3i1y7kXA-sEphGZg&cry=1&dbm_d=AKAmf-DWQuvGkF4OtLec3bnxdLpipYpgBtNvuCEHfMfldTQRg9APci6chnX1n6MklHrewo_gou2Lg2KFyXCD7XOLMDwokl9gYzTQFGiCRUHzIhnUnBZrtMZ1xhAcd1yOnjrmhB6m1SQjz0yZ6BrkIA-g1WiHjyaZZYPBUJBNUd3e85iKwcYT435moedlEg0VNl71mYwbrMl1mvRA9WcbqTGb08GOjGusdyGHQk57zLTa5HK9db1Tj5pNPbJZq6Gt5A4aI4wYuM0r1jqvj4XaX8OiQLe6PUgckcP4C5r3kVtrcg_pDvniQ3V0NmL2ZPifCRQAFck3y-0IsnTGzpMGcZ15jM0bTu078LcYh8EH3f0QmFkY2R90MvPGDrmR8RWbs4gvYVRXeq_eXQlCe7Yja3mpQlBk9BHBjwy44V-yLyfzYTbJnNNgT2HahQYLzRQhdzNqUeNvQWcMf5pzwINptkRufvmEUsF_7F2XiL3Xfk7PChqmEtcugtP_xNetfA54JW0xZVEy_T_P7Svv5B0KpyUVdWxkrGxZoouNPs8pG_d_ehqxggrrIG65pZb6dEQdX_ymWNnsVY5gCSGks5iKWMWpI4ZxsMwcHQB--z8PS2kVJudLlx5TqJsuh4Nzi9jPSj6leOi26EtRGfXoDSfjyArA5qe7UwvRg6ZWygYRTz6HXW7c6lQGvB7hEQn6Nt6JgmxfIByd4QoSdtOoUQE4YZlcI1MjbgBmnuWY9qEMpT053IW3iDVjyFzls_01OMT66MuLe2-EGyOcEaMMgS3Qe-DvW2gidawV185YUOIXLUNXc7Z5nEcLnDCNTdGIKpjCiW_gCvl3s6UhzoBa45_E5PHvuS1f1FhT66IPCXAAva8Y8HBbInrumqR7ftaE3X0fweSxpr5h0loo1g4zB6bFdVyrYwpHlgP3O3h421fl84QqvGbbYD43ebYw5GrdfnIy334hVGtWn9oR2sAr598sWoFVhG4Kf3LK3b8PM2nuZHxANTMbmefB6Lf7aEhM_XRz7ksu5z652rmV-HAWOgk98gONk-g2Z-MgCFV20Ae9oEWydxNzvAl0q3wc_5AYVoL_mEfZAnTah726Ha_FUWr-URMQqlYae1nVnfOdTpuk6mgup9QNOqBRd7FHI8Eb1Ksxg5WyDY5jAijFr06jtIw4l4zEMN-nYr0GrcJX7ljCoPEqNsbT8a3BG6QPdo3PM5_ACHdCZi30bbzy3lVYALkfC-cKXx-OCQWnxcLunMhdV0icv3f3A9gqFs49DUpmMJ0gQet9h-BNO82Pqla1AhYRFcl8SK67bY5VWY8lGVknCGfxmZEFVCe4Hb0EjhF4nL6Z-GcbGLp-k16P7X8KS0E1AqzicBZo1Zy0ZwXUk__HZKvIuPIgwnc9j1WmPf6W272G_48atwqNgVZriNmYtX6-obKEhzDbzyzAWlFWcEmaukYRl5F6s8VuUKhKMQKAN0t1DvwFaS6jLbSJAXjqTgtvdEzH6DtBMxAUxFoI0OAj4TpcuLF9wGEYGhk84XHhD03OUkuV6fy1MTqA7i8TlHEgC3a13I3p42tuPw-VfTi1QbYZV0tTxfG10aA9z6TEWPbGy3jxD-0nwRsOtGuUVSKGH7YvK_Cnhf_qq1W3sKWqassyafWexaj89L50jomCQOOJDzu-7k0AmW4sAN5C2C-240Vf3AiMdMKh859qHrjqF8yzFI4jbyEbHaxQxXcbx53f1KOBOUmnAsjhdIzgISh_7Zw6mT8pLonMz4WYK-j4wG_w_YdiMEmap921n3IvNUfbXoUDnY-9WugZootBILI-A-KUPo5MPZ3J3DiEV9BBREZfuN4qmiChlV9RqQek2spoieokuVSqlxf1ZZ5kOu2Kk23Wz4CvzTwVRugTm61ebKBPsZyoHLWoM8I52OTkyZ7pZTPCVOu9J_KvCbN32d6Z0SKn0aTQkLqVjpAC9dxEm9c1MHVb8o9I_YqAL4x2x_Gks_WPAP1AAM88tMsrD8VNffo8PBHZl4w5BtVQGLOu9UphVzWqLH3jGTUfdsXbuFRoc9uO9u4EHNajPejFToMm6TnOxLKEitV6f1q5Mw6jAmSYWAIz19crC5KqaxaxBYCNE_F238TxhSajUynx0Sp1DKHD_L517U58D0fdgBXQTCEqKX5xZTpLrWE75ptxr9y7miavPLwT2CdSmqqvA_ozw6Ktkzez9E7tPZR5k2dqKBdwmFelIy9yy6WyFBmyeJLoWg8taoe006EVkxkL9t737ugbuHXQFz4b1wCeB6Jup1NDTeHT4ZnNVHiA4XkLAHbEmxDLOxhshId7_S5cOAbd6d6HVq2DEHtR2QlYR_I08TpqVYiZ9yz7N81sVB7vSanvThaq0v469eB1_7iCc9K_306GbZKW6RonuCbDhnSsFZhoLasoiIJxBkheQoTSM6vkxdv02m04jyok-a3FZBHi6sLEeMcMWNTsVJO_HSdq_p4EFXK_K3x623zkeT6lNqvh0U4oI7exfX1H6giUFrqKTpdClZoS8gTRW3crxT87FM2vjAQb1cln6Vhj54_-twlaUNDhn5gregMZ3Ig9zUCsopGjPmQHG8g686C8_unEjdCxvxBDP1eeeBxbmtFIBfwpV2nrlBjXf8CnnL7__MEA-WUvFZhZXfsoRaMPGBiJDHXPD0YjhO7NmCY5Kw_N6DvYKSzo8bFgJ542Gnq92zP36qRGmfXTfcicIHy04uNFFXqXGmOLzq5jwvqdKZmgByQ5vTgkDB9u__sjUIpnm6lZdMWIjhGCtsTfnO4SqHVqIL_ANof5vBbgHxWKBhnLcVIwBemlmKdiJQUZ1qvtZ2DsIvCDlXVq0xwwoPhB2GmHoqV0z6-OlVNjJPvydec_9OjwBx5DKWGkI3UFMsx1jRZkqmFoi9KjEnIz4RmsF5Yi6bwzTKpoxoGf0beqxpXhdERJuE1oQQt36er6mlXpBjJWMj1ukLiCOWyMd7E9SheZLRR7gSEK0OPKV7ZeycwJzGatPveY2HorCgC-2lgXCLp8id9nz2JGPtQpXFiNI51uaC4t7Z4Cq7EaeypVpgg9o7Bo6MQUYbhgSuwXx06C1c8U4ZfbezuoPNYtH33f4I7kbsit5mUqsmgLwgdEwkLIJrePo0eFY4MvI1286-Y-BBFLrGo0lUhrvSXlAAwr_ywxMJn3gSrXqM-jNGUJJEbPT0fLgyoDs8bfEf3GHw0nUNjHHsiqVfWrxf3SBV-TxMxx0oIVxnC0JFUn6rs&cid=CAASEuRoiyn4PNc3BxJT1Xn5Yk3flA&rfl=1%2Chttps%253A%252F%252Fkooora4lives.com%253A2096%252F%240
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e07a1577fe17c6b83938cae8d3fb382d1e0dc6f8d242b973bcde5acde14c5c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14631
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AD2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ArkNN_VD-B-lOSDRPPfwrJKgbW045yT2EoePvrPleSijmddxZYM3AkqCi0aAS5y7LDb6ohDuZ2pwJIX7LkN5rRbkfj1UBTFbP_3zgf95Oxdmjobd4
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 6AD2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7a3f0a5255ebd6567982d24f2769f81efb4e614d834c125c2a0e101478d3773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:40:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4401
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 19:56:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 20 Jan 2022 15:40:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 6AD2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/window_focus_fy2019.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 15:01:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6AD2 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jan 2022 15:01:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/ Frame 6AD2 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220118/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
376
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 14:55:13 GMT
l
www.google.com/ads/measurement/ Frame 6AD2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTSmOe_8Y37rt3B4G0_89QxikPJ0IUkr8SprhUPrQi87ho333ymoMcuoMi4IG7VR6TGslWj7TKyAaf3Q_Xyx66F9cVjQ
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ca
choices.trustarc.com/ Frame C691 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw1&base=te-clr1-74cda42f-bf3f-4bd0-9a74-af5eac34b843
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-66.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
5bf565056e3242ec213d54dc98e5eacd883747f806b166e73fa40e8d90ec0939

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 07:05:07 GMT
content-encoding
gzip
server
nginx
age
28582
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA60-P1
content-length
2411
x-amz-cf-id
N2jndH2UCh0P24ZsqWSWoWZGQDEJzcN1-EiuQwVuyeSdlQFcB0HGOw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame C691 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=digitas01cont8&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-66.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 08:35:52 GMT
content-encoding
gzip
server
nginx
age
23137
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
s9k6g0UTh_GjEnu2HW0wNA9mpRFLuOjGqtH-ijQg7QzGJnW1OdsHSw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame C691 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=728&h=90&c=d6ab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-66.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
LEhznQK46XU65HcMqeZeV1N4JaW1Y7lkZtJXhQRg7ly6JYXGksl_Xg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55946/ Frame 47E6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEHdQYGwZrwSQLL3V-2NJRN8&_origin=1&google_cver=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEHdQYGwZrwSQLL3V-2NJRN8&_origin=1&google_cver=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEHdQYGwZrwSQLL3V-2NJRN8&_origin=1&google_cver=1&apid=UPd90a75d3-7a01-11ec-ab8a-0666f73737e8
0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEHdQYGwZrwSQLL3V-2NJRN8&_origin=1&google_cver=1&apid=UPd90a75d3-7a01-11ec-ab8a-0666f73737e8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnv4gEQ04fhAhj32fu_ATAB&v=APEucNUm-pe51U8X6LDcijneM0sSH-nXtNiZTiPQd33eiiEUIT7giCdM_Q-7-Uw1tvn8CRHvecY43pKGJMp_P71nei4QbarwEdughr8tAxBPNMig8umL1iJmnaoeXKToIo_jia1G7Qh8rtK0vcsUh0dpLSi8Qx10GHA-ysLuwodxygxbrXhdrRE
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:29 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEHdQYGwZrwSQLL3V-2NJRN8&_origin=1&google_cver=1&apid=UPd90a75d3-7a01-11ec-ab8a-0666f73737e8
date
Thu, 20 Jan 2022 15:01:29 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 47E6
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UPd90964cc-7a01-11ec-a23b-062f444c7446
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBkOTA5NjRjYy03YTAxLTExZWMtYTIzYi0wNjJmNDQ0Yzc0NDY%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBkOTA5NjRjYy03YTAxLTExZWMtYTIzYi0wNjJmNDQ0Yzc0NDY%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnv4gEQ04fhAhj32fu_ATAB&v=APEucNUm-pe51U8X6LDcijneM0sSH-nXtNiZTiPQd33eiiEUIT7giCdM_Q-7-Uw1tvn8CRHvecY43pKGJMp_P71nei4QbarwEdughr8tAxBPNMig8umL1iJmnaoeXKToIo_jia1G7Qh8rtK0vcsUh0dpLSi8Qx10GHA-ysLuwodxygxbrXhdrRE
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVBkOTA5NjRjYy03YTAxLTExZWMtYTIzYi0wNjJmNDQ0Yzc0NDY%3D
date
Thu, 20 Jan 2022 15:01:29 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 47E6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1mb2U3VmYxRTJ1R3h4NTN1Z1RZTWo4RFJwRTZGaXZZb35B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1mb2U3VmYxRTJ1R3h4NTN1Z1RZTWo4RFJwRTZGaXZZb35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKnv4gEQ04fhAhj32fu_ATAB&v=APEucNUm-pe51U8X6LDcijneM0sSH-nXtNiZTiPQd33eiiEUIT7giCdM_Q-7-Uw1tvn8CRHvecY43pKGJMp_P71nei4QbarwEdughr8tAxBPNMig8umL1iJmnaoeXKToIo_jia1G7Qh8rtK0vcsUh0dpLSi8Qx10GHA-ysLuwodxygxbrXhdrRE
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1mb2U3VmYxRTJ1R3h4NTN1Z1RZTWo4RFJwRTZGaXZZb35B
date
Thu, 20 Jan 2022 15:01:29 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/ Frame 6AD2 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B49hOo8v7_7ticA6QnrZHqQTN-i_HjZVuHOPYFUD710GAd4LIXPuIrki4oPDe82Q22XwLzVAq70rWuIGTThoen4qqhsfkCUI38EifWIv0G0PodgXCNt9SRYOEO8RTgFsFaSGvh5aywzF3i1y7kXA-sEphGZg&cry=1&dbm_d=AKAmf-DWQuvGkF4OtLec3bnxdLpipYpgBtNvuCEHfMfldTQRg9APci6chnX1n6MklHrewo_gou2Lg2KFyXCD7XOLMDwokl9gYzTQFGiCRUHzIhnUnBZrtMZ1xhAcd1yOnjrmhB6m1SQjz0yZ6BrkIA-g1WiHjyaZZYPBUJBNUd3e85iKwcYT435moedlEg0VNl71mYwbrMl1mvRA9WcbqTGb08GOjGusdyGHQk57zLTa5HK9db1Tj5pNPbJZq6Gt5A4aI4wYuM0r1jqvj4XaX8OiQLe6PUgckcP4C5r3kVtrcg_pDvniQ3V0NmL2ZPifCRQAFck3y-0IsnTGzpMGcZ15jM0bTu078LcYh8EH3f0QmFkY2R90MvPGDrmR8RWbs4gvYVRXeq_eXQlCe7Yja3mpQlBk9BHBjwy44V-yLyfzYTbJnNNgT2HahQYLzRQhdzNqUeNvQWcMf5pzwINptkRufvmEUsF_7F2XiL3Xfk7PChqmEtcugtP_xNetfA54JW0xZVEy_T_P7Svv5B0KpyUVdWxkrGxZoouNPs8pG_d_ehqxggrrIG65pZb6dEQdX_ymWNnsVY5gCSGks5iKWMWpI4ZxsMwcHQB--z8PS2kVJudLlx5TqJsuh4Nzi9jPSj6leOi26EtRGfXoDSfjyArA5qe7UwvRg6ZWygYRTz6HXW7c6lQGvB7hEQn6Nt6JgmxfIByd4QoSdtOoUQE4YZlcI1MjbgBmnuWY9qEMpT053IW3iDVjyFzls_01OMT66MuLe2-EGyOcEaMMgS3Qe-DvW2gidawV185YUOIXLUNXc7Z5nEcLnDCNTdGIKpjCiW_gCvl3s6UhzoBa45_E5PHvuS1f1FhT66IPCXAAva8Y8HBbInrumqR7ftaE3X0fweSxpr5h0loo1g4zB6bFdVyrYwpHlgP3O3h421fl84QqvGbbYD43ebYw5GrdfnIy334hVGtWn9oR2sAr598sWoFVhG4Kf3LK3b8PM2nuZHxANTMbmefB6Lf7aEhM_XRz7ksu5z652rmV-HAWOgk98gONk-g2Z-MgCFV20Ae9oEWydxNzvAl0q3wc_5AYVoL_mEfZAnTah726Ha_FUWr-URMQqlYae1nVnfOdTpuk6mgup9QNOqBRd7FHI8Eb1Ksxg5WyDY5jAijFr06jtIw4l4zEMN-nYr0GrcJX7ljCoPEqNsbT8a3BG6QPdo3PM5_ACHdCZi30bbzy3lVYALkfC-cKXx-OCQWnxcLunMhdV0icv3f3A9gqFs49DUpmMJ0gQet9h-BNO82Pqla1AhYRFcl8SK67bY5VWY8lGVknCGfxmZEFVCe4Hb0EjhF4nL6Z-GcbGLp-k16P7X8KS0E1AqzicBZo1Zy0ZwXUk__HZKvIuPIgwnc9j1WmPf6W272G_48atwqNgVZriNmYtX6-obKEhzDbzyzAWlFWcEmaukYRl5F6s8VuUKhKMQKAN0t1DvwFaS6jLbSJAXjqTgtvdEzH6DtBMxAUxFoI0OAj4TpcuLF9wGEYGhk84XHhD03OUkuV6fy1MTqA7i8TlHEgC3a13I3p42tuPw-VfTi1QbYZV0tTxfG10aA9z6TEWPbGy3jxD-0nwRsOtGuUVSKGH7YvK_Cnhf_qq1W3sKWqassyafWexaj89L50jomCQOOJDzu-7k0AmW4sAN5C2C-240Vf3AiMdMKh859qHrjqF8yzFI4jbyEbHaxQxXcbx53f1KOBOUmnAsjhdIzgISh_7Zw6mT8pLonMz4WYK-j4wG_w_YdiMEmap921n3IvNUfbXoUDnY-9WugZootBILI-A-KUPo5MPZ3J3DiEV9BBREZfuN4qmiChlV9RqQek2spoieokuVSqlxf1ZZ5kOu2Kk23Wz4CvzTwVRugTm61ebKBPsZyoHLWoM8I52OTkyZ7pZTPCVOu9J_KvCbN32d6Z0SKn0aTQkLqVjpAC9dxEm9c1MHVb8o9I_YqAL4x2x_Gks_WPAP1AAM88tMsrD8VNffo8PBHZl4w5BtVQGLOu9UphVzWqLH3jGTUfdsXbuFRoc9uO9u4EHNajPejFToMm6TnOxLKEitV6f1q5Mw6jAmSYWAIz19crC5KqaxaxBYCNE_F238TxhSajUynx0Sp1DKHD_L517U58D0fdgBXQTCEqKX5xZTpLrWE75ptxr9y7miavPLwT2CdSmqqvA_ozw6Ktkzez9E7tPZR5k2dqKBdwmFelIy9yy6WyFBmyeJLoWg8taoe006EVkxkL9t737ugbuHXQFz4b1wCeB6Jup1NDTeHT4ZnNVHiA4XkLAHbEmxDLOxhshId7_S5cOAbd6d6HVq2DEHtR2QlYR_I08TpqVYiZ9yz7N81sVB7vSanvThaq0v469eB1_7iCc9K_306GbZKW6RonuCbDhnSsFZhoLasoiIJxBkheQoTSM6vkxdv02m04jyok-a3FZBHi6sLEeMcMWNTsVJO_HSdq_p4EFXK_K3x623zkeT6lNqvh0U4oI7exfX1H6giUFrqKTpdClZoS8gTRW3crxT87FM2vjAQb1cln6Vhj54_-twlaUNDhn5gregMZ3Ig9zUCsopGjPmQHG8g686C8_unEjdCxvxBDP1eeeBxbmtFIBfwpV2nrlBjXf8CnnL7__MEA-WUvFZhZXfsoRaMPGBiJDHXPD0YjhO7NmCY5Kw_N6DvYKSzo8bFgJ542Gnq92zP36qRGmfXTfcicIHy04uNFFXqXGmOLzq5jwvqdKZmgByQ5vTgkDB9u__sjUIpnm6lZdMWIjhGCtsTfnO4SqHVqIL_ANof5vBbgHxWKBhnLcVIwBemlmKdiJQUZ1qvtZ2DsIvCDlXVq0xwwoPhB2GmHoqV0z6-OlVNjJPvydec_9OjwBx5DKWGkI3UFMsx1jRZkqmFoi9KjEnIz4RmsF5Yi6bwzTKpoxoGf0beqxpXhdERJuE1oQQt36er6mlXpBjJWMj1ukLiCOWyMd7E9SheZLRR7gSEK0OPKV7ZeycwJzGatPveY2HorCgC-2lgXCLp8id9nz2JGPtQpXFiNI51uaC4t7Z4Cq7EaeypVpgg9o7Bo6MQUYbhgSuwXx06C1c8U4ZfbezuoPNYtH33f4I7kbsit5mUqsmgLwgdEwkLIJrePo0eFY4MvI1286-Y-BBFLrGo0lUhrvSXlAAwr_ywxMJn3gSrXqM-jNGUJJEbPT0fLgyoDs8bfEf3GHw0nUNjHHsiqVfWrxf3SBV-TxMxx0oIVxnC0JFUn6rs&cid=CAASEuRoiyn4PNc3BxJT1Xn5Yk3flA&rfl=1%2Chttps%253A%252F%252Fkooora4lives.com%253A2096%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
server
cafe
etag
6261108306223674270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 15:00:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6AD2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B49hOo8v7_7ticA6QnrZHqQTN-i_HjZVuHOPYFUD710GAd4LIXPuIrki4oPDe82Q22XwLzVAq70rWuIGTThoen4qqhsfkCUI38EifWIv0G0PodgXCNt9SRYOEO8RTgFsFaSGvh5aywzF3i1y7kXA-sEphGZg&cry=1&dbm_d=AKAmf-DWQuvGkF4OtLec3bnxdLpipYpgBtNvuCEHfMfldTQRg9APci6chnX1n6MklHrewo_gou2Lg2KFyXCD7XOLMDwokl9gYzTQFGiCRUHzIhnUnBZrtMZ1xhAcd1yOnjrmhB6m1SQjz0yZ6BrkIA-g1WiHjyaZZYPBUJBNUd3e85iKwcYT435moedlEg0VNl71mYwbrMl1mvRA9WcbqTGb08GOjGusdyGHQk57zLTa5HK9db1Tj5pNPbJZq6Gt5A4aI4wYuM0r1jqvj4XaX8OiQLe6PUgckcP4C5r3kVtrcg_pDvniQ3V0NmL2ZPifCRQAFck3y-0IsnTGzpMGcZ15jM0bTu078LcYh8EH3f0QmFkY2R90MvPGDrmR8RWbs4gvYVRXeq_eXQlCe7Yja3mpQlBk9BHBjwy44V-yLyfzYTbJnNNgT2HahQYLzRQhdzNqUeNvQWcMf5pzwINptkRufvmEUsF_7F2XiL3Xfk7PChqmEtcugtP_xNetfA54JW0xZVEy_T_P7Svv5B0KpyUVdWxkrGxZoouNPs8pG_d_ehqxggrrIG65pZb6dEQdX_ymWNnsVY5gCSGks5iKWMWpI4ZxsMwcHQB--z8PS2kVJudLlx5TqJsuh4Nzi9jPSj6leOi26EtRGfXoDSfjyArA5qe7UwvRg6ZWygYRTz6HXW7c6lQGvB7hEQn6Nt6JgmxfIByd4QoSdtOoUQE4YZlcI1MjbgBmnuWY9qEMpT053IW3iDVjyFzls_01OMT66MuLe2-EGyOcEaMMgS3Qe-DvW2gidawV185YUOIXLUNXc7Z5nEcLnDCNTdGIKpjCiW_gCvl3s6UhzoBa45_E5PHvuS1f1FhT66IPCXAAva8Y8HBbInrumqR7ftaE3X0fweSxpr5h0loo1g4zB6bFdVyrYwpHlgP3O3h421fl84QqvGbbYD43ebYw5GrdfnIy334hVGtWn9oR2sAr598sWoFVhG4Kf3LK3b8PM2nuZHxANTMbmefB6Lf7aEhM_XRz7ksu5z652rmV-HAWOgk98gONk-g2Z-MgCFV20Ae9oEWydxNzvAl0q3wc_5AYVoL_mEfZAnTah726Ha_FUWr-URMQqlYae1nVnfOdTpuk6mgup9QNOqBRd7FHI8Eb1Ksxg5WyDY5jAijFr06jtIw4l4zEMN-nYr0GrcJX7ljCoPEqNsbT8a3BG6QPdo3PM5_ACHdCZi30bbzy3lVYALkfC-cKXx-OCQWnxcLunMhdV0icv3f3A9gqFs49DUpmMJ0gQet9h-BNO82Pqla1AhYRFcl8SK67bY5VWY8lGVknCGfxmZEFVCe4Hb0EjhF4nL6Z-GcbGLp-k16P7X8KS0E1AqzicBZo1Zy0ZwXUk__HZKvIuPIgwnc9j1WmPf6W272G_48atwqNgVZriNmYtX6-obKEhzDbzyzAWlFWcEmaukYRl5F6s8VuUKhKMQKAN0t1DvwFaS6jLbSJAXjqTgtvdEzH6DtBMxAUxFoI0OAj4TpcuLF9wGEYGhk84XHhD03OUkuV6fy1MTqA7i8TlHEgC3a13I3p42tuPw-VfTi1QbYZV0tTxfG10aA9z6TEWPbGy3jxD-0nwRsOtGuUVSKGH7YvK_Cnhf_qq1W3sKWqassyafWexaj89L50jomCQOOJDzu-7k0AmW4sAN5C2C-240Vf3AiMdMKh859qHrjqF8yzFI4jbyEbHaxQxXcbx53f1KOBOUmnAsjhdIzgISh_7Zw6mT8pLonMz4WYK-j4wG_w_YdiMEmap921n3IvNUfbXoUDnY-9WugZootBILI-A-KUPo5MPZ3J3DiEV9BBREZfuN4qmiChlV9RqQek2spoieokuVSqlxf1ZZ5kOu2Kk23Wz4CvzTwVRugTm61ebKBPsZyoHLWoM8I52OTkyZ7pZTPCVOu9J_KvCbN32d6Z0SKn0aTQkLqVjpAC9dxEm9c1MHVb8o9I_YqAL4x2x_Gks_WPAP1AAM88tMsrD8VNffo8PBHZl4w5BtVQGLOu9UphVzWqLH3jGTUfdsXbuFRoc9uO9u4EHNajPejFToMm6TnOxLKEitV6f1q5Mw6jAmSYWAIz19crC5KqaxaxBYCNE_F238TxhSajUynx0Sp1DKHD_L517U58D0fdgBXQTCEqKX5xZTpLrWE75ptxr9y7miavPLwT2CdSmqqvA_ozw6Ktkzez9E7tPZR5k2dqKBdwmFelIy9yy6WyFBmyeJLoWg8taoe006EVkxkL9t737ugbuHXQFz4b1wCeB6Jup1NDTeHT4ZnNVHiA4XkLAHbEmxDLOxhshId7_S5cOAbd6d6HVq2DEHtR2QlYR_I08TpqVYiZ9yz7N81sVB7vSanvThaq0v469eB1_7iCc9K_306GbZKW6RonuCbDhnSsFZhoLasoiIJxBkheQoTSM6vkxdv02m04jyok-a3FZBHi6sLEeMcMWNTsVJO_HSdq_p4EFXK_K3x623zkeT6lNqvh0U4oI7exfX1H6giUFrqKTpdClZoS8gTRW3crxT87FM2vjAQb1cln6Vhj54_-twlaUNDhn5gregMZ3Ig9zUCsopGjPmQHG8g686C8_unEjdCxvxBDP1eeeBxbmtFIBfwpV2nrlBjXf8CnnL7__MEA-WUvFZhZXfsoRaMPGBiJDHXPD0YjhO7NmCY5Kw_N6DvYKSzo8bFgJ542Gnq92zP36qRGmfXTfcicIHy04uNFFXqXGmOLzq5jwvqdKZmgByQ5vTgkDB9u__sjUIpnm6lZdMWIjhGCtsTfnO4SqHVqIL_ANof5vBbgHxWKBhnLcVIwBemlmKdiJQUZ1qvtZ2DsIvCDlXVq0xwwoPhB2GmHoqV0z6-OlVNjJPvydec_9OjwBx5DKWGkI3UFMsx1jRZkqmFoi9KjEnIz4RmsF5Yi6bwzTKpoxoGf0beqxpXhdERJuE1oQQt36er6mlXpBjJWMj1ukLiCOWyMd7E9SheZLRR7gSEK0OPKV7ZeycwJzGatPveY2HorCgC-2lgXCLp8id9nz2JGPtQpXFiNI51uaC4t7Z4Cq7EaeypVpgg9o7Bo6MQUYbhgSuwXx06C1c8U4ZfbezuoPNYtH33f4I7kbsit5mUqsmgLwgdEwkLIJrePo0eFY4MvI1286-Y-BBFLrGo0lUhrvSXlAAwr_ywxMJn3gSrXqM-jNGUJJEbPT0fLgyoDs8bfEf3GHw0nUNjHHsiqVfWrxf3SBV-TxMxx0oIVxnC0JFUn6rs&cid=CAASEuRoiyn4PNc3BxJT1Xn5Yk3flA&rfl=1%2Chttps%253A%252F%252Fkooora4lives.com%253A2096%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jan 2023 15:54:02 GMT
impl_v82.js
www.googletagservices.com/dcm/ Frame 6AD2 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v82.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
922e306a6fe0ede719a7fc79f287dfabf6cd9234583d778ec544a88eed908db2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 15:56:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17197
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 15:37:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 17 Jan 2023 15:56:04 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E7BB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 10:49:42 GMT
expires
Thu, 19 Jan 2023 10:49:42 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
101507
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
v3_501006_12923.json
player.adtelligent.com/prebidlink/2737818/ 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/2737818/v3_501006_12923.json?cb=kooora4lives.com%3A2096
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4lives.comhead.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c1b32e585f73a96cc23268195ffe60f1797b66ed221aaf08fbbc433b73b9b456

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:29 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 20:07:29 GMT
server
nginx
etag
W/"61956101-2798"
content-type
application/json
access-control-allow-origin
https://kooora4lives.com:2096
expires
Thu, 20 Jan 2022 16:01:29 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
B26534172.313687820;dc_ver=82.240;dc_eid=40004000;sz=300x600;u_sd=1;af-campaign-id=15901483325;af-creative-id=402582775;country=AUTO;source=DV3;dc_adk=943508953;ord=03p6lr;click=https%3A%2F%2Fgoogl...
ad.doubleclick.net/ddm/adj/N246801.3665442DV360124/ Frame 6AD2 		306 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N246801.3665442DV360124/B26534172.313687820;dc_ver=82.240;dc_eid=40004000;sz=300x600;u_sd=1;af-campaign-id=15901483325;af-creative-id=402582775;country=AUTO;source=DV3;dc_adk=943508953;ord=03p6lr;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfbIRSXnpYY_kAYbW3gOJ2a2YDsiFxe5n_c2xh5MP99KivcABEAEgqLKFfGD7AaABmeKNvgLIAQmpAorfuLdRDbM-qAMBqgToAU_QAJYs6QhOpe0CPTmKrU7-iGlY4FRP9B33KB3W6eLUUsVkngxJNA0teIbpm2hhSoVFon3Ji9O35yDaXJlfrgWgoP3tFGMBhM_8grZmDBYg26Raipm5A7V_XXC_V3KkjZRvMxgjMsVzPoj0F5S3II_oySaaKAowXA-mmyMqdKZl-q6R4FRFlFK9UbUZAKSLal1zjmQc93ugp8ATLcv_Q2mcWlIwcmULbYFFUK8anqmydmoLp8Jd2UtCi0LzFcxICtqEUVKcLOnVLR_NF-rO7iD6TYfUe4Cn5rJV55bM_riRSN-6-rU-wx3ABOHX_f_2A-AEA5AGAaAGTYAHz53ywQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ5MDYxMzQ1MzE5NTEwMTWACgOYCwHICwGADAGwE47h-g3YEw3YFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoiyn4PNc3BxJT1Xn5Yk3flA%26sig%3DAOD64_2IOSVwI3MnLDSRcMQd8a9oFQSrTA%26client%3Dca-pub-2930805104418204%26dbm_c%3DAKAmf-BzTMp4NZmZbviAeERbcKD1tW-eseaMOYYavAWtOoJ2amK2qXvAgaCe9cRjPrz0jtrc6Jjp3uuDYZubsFOzCuTg-Jiv5HblB3EksOLdPgpA--Wbl2qcMQkDxPyndwOUKbud8-AEgnTgPGD7KwTHyAPGyMMwAQ%26cry%3D1%26dbm_d%3DAKAmf-Bd-8xGAdvCHfRLormXr_B2lroGFZN52tExcm8rm394FvzlEXR8-gV0a30WsyCirT2_Q2F60gGsQ4ylZm3-ADJyC_JOCWBRkyM5kJnokKrtzRFK5UdBBhJV11YSZEt_qfB6d4BlH9aog41qoKRLAZfoBOAith6A_Rdbbt-nhZjbLr5KLJrOpNnyqYYj6XjoRBPnnDJE2ZHa0SEE0vdJTSbjTORaffN-t5FUkvW0_B8HlAvFNBfGS0MqGt5H7xbhypr4hJoKlRo0OtL_5Px_W_21MQhhxHjiMVI3u5yaRfnwvqlNcz1DALlFeDs1Vb44BImS8n4OzX0COQRRkXHJ8vQE24nug-YSD8m68sLYhw1JuKTkN4jrMJo7j8TW7A5CZq3U6o2gIdSRqn0eR9zYWYVfzNup9AbNpJnd3NsidKpnf7HXCUUXtQFEUO7QS3IT0q84Ax8P0dZDlnDCWbfsM5wc7g1Flw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fkooora4lives.com%3A2096%2F$0;xdt=1;crlt=c!JrIcVO7_;sttr=129;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v82.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
48a0de8b3d48b1317fb55e9e92e0cdabc1f026bef3c6c5d33d693f4a5624d1a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49161
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.adtelligent.com/adunit/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/multitracking
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/kooora4lives.comhead.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://kooora4lives.com:2096
Date
Thu, 20 Jan 2022 15:01:29 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame E7BB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 10:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
103014
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 10:24:35 GMT
csi
csi.gstatic.com/ Frame F1F6 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kyn3qpgq&c=1553726159306&slotId=776863079653&qqid=CLiYu7bMwPUCFVmHgwcdHuwMUg&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=912&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=15&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400e:c08::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:30 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E7BB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvjEPSXnpYYPQItCj7_UP8KeluAkAAAAAOAHgBAI&bg=!gIOlg8fNAAZ_DxPPfw87ACkAdvg8WhEFgyEo4nCvJKm633YN3QK7XHdtF89-IXozmiWVQQlTBT7wMAIAAABwUgAAAANoAQcKAHE47oEH2PaSuOCpJKskBSIUkCUnlpMiJtdvAlxd2Pn2zD_0eXOC-6NpP681m16tELtynfpysduH68tBkq-IS0hGtBHHl23-20BVzQsNEd1lrTsZtaxeKdlFvQ6RGKYI9XQC8FjrBSruSTlnDwyYoB41lpkDGSXIuIBEvBss2pMjOFBRH7rfngc8On4CIIBx98SacbN-XiD1RAlGPITw68lpIihvb-AA4DxjxIHQyueCMYzHJn3nQCJmpJ-t7I0tWoy0eOa0C9meI3UM3FPKt2a1smKUDUqz1-nMyt6abJZ8BErgszNxZiO1cKMhVLDGm_UotVkvRNSaqP6MBw9iW5TlPYNNHUrzyn4A6Q4ofdaKrvUvQcKTf4UlidCLXPil5dyqgW2GVLsfyVeGI7IrjAsnq7qH9dSC9zq6JMsQ0pVyt_LH_YsE4Nzv3f7r7B7f7ol01XaOwGmNu-fp-gqrTsyeF2rvk8BLLckYiHyzmslHbk57oTZH9uTzBnekdmb--4MrUt-w-eREDK_-jcpaHJUwSqRX5S6hB9CV_E7XL7rmX1DppkWGQr79HrZB4SAHUDuTT6Ltd1JODrsi8rC7eVqhfKgUNgUSx5R0ukP9sZScabUV8k0fCEYewLZVrjB0MgCnqgEKQFyMc7UPmx1PIH3gS1k3gtSwWg4inI-eoftDC2z1Z0Ui-8zLB65zLpZ4vCA26vpIvxsjXW5cZ1EC9vCYtT5hz86R-YWCRccw4jRHsydp9rDe7CuzqQ2yxYqfa_0Z_kn_RgvYT86mGyJTL3lG17ZZXtoZdm1tYWMFbewZehHdkfMOQiUnv_epqBa2KYozq6ErAWtp0cQR3LUVmuupUR03zjBLfPgBFa5-OAu8gSefFvXczmhaCWcdJtY9DIYpsVWKk6GBuPr6qr_0yTvd9ilACF3gdVNuqQIQhjb2u_CggHp7FfG9ZWpgpu0o9lYTDHZZKPAl-OdDhQFv2Gl3YaKI10E-5jUg9zScXX8xHRXN3uhW7Ky_fAGriTP_zdDAzJZHIr3N9y2fcY__LZDg_baOBdUuY8yw5OmQInJw3jkHyPHi0OBQlgLaGxnw8dqkR7G1d5Khvzbsdvs64T9mmkTHdgFfaVWEg-EA47IhOen27QngqOIRYKtuOsun2VhDH8ADvTuzuT1e_X-vEdt30d3Xfpok9fRIanx2Fsls5tVVDY2PS61FDWqgigM
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 6AD2 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Origin
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jan 2022 15:54:02 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/ Frame 6AD2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220118/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N246801.3665442DV360124/B26534172.313687820;dc_ver=82.240;dc_eid=40004000;sz=300x600;u_sd=1;af-campaign-id=15901483325;af-creative-id=402582775;country=AUTO;source=DV3;dc_adk=943508953;ord=03p6lr;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfbIRSXnpYY_kAYbW3gOJ2a2YDsiFxe5n_c2xh5MP99KivcABEAEgqLKFfGD7AaABmeKNvgLIAQmpAorfuLdRDbM-qAMBqgToAU_QAJYs6QhOpe0CPTmKrU7-iGlY4FRP9B33KB3W6eLUUsVkngxJNA0teIbpm2hhSoVFon3Ji9O35yDaXJlfrgWgoP3tFGMBhM_8grZmDBYg26Raipm5A7V_XXC_V3KkjZRvMxgjMsVzPoj0F5S3II_oySaaKAowXA-mmyMqdKZl-q6R4FRFlFK9UbUZAKSLal1zjmQc93ugp8ATLcv_Q2mcWlIwcmULbYFFUK8anqmydmoLp8Jd2UtCi0LzFcxICtqEUVKcLOnVLR_NF-rO7iD6TYfUe4Cn5rJV55bM_riRSN-6-rU-wx3ABOHX_f_2A-AEA5AGAaAGTYAHz53ywQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQ5MDYxMzQ1MzE5NTEwMTWACgOYCwHICwGADAGwE47h-g3YEw3YFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoiyn4PNc3BxJT1Xn5Yk3flA%26sig%3DAOD64_2IOSVwI3MnLDSRcMQd8a9oFQSrTA%26client%3Dca-pub-2930805104418204%26dbm_c%3DAKAmf-BzTMp4NZmZbviAeERbcKD1tW-eseaMOYYavAWtOoJ2amK2qXvAgaCe9cRjPrz0jtrc6Jjp3uuDYZubsFOzCuTg-Jiv5HblB3EksOLdPgpA--Wbl2qcMQkDxPyndwOUKbud8-AEgnTgPGD7KwTHyAPGyMMwAQ%26cry%3D1%26dbm_d%3DAKAmf-Bd-8xGAdvCHfRLormXr_B2lroGFZN52tExcm8rm394FvzlEXR8-gV0a30WsyCirT2_Q2F60gGsQ4ylZm3-ADJyC_JOCWBRkyM5kJnokKrtzRFK5UdBBhJV11YSZEt_qfB6d4BlH9aog41qoKRLAZfoBOAith6A_Rdbbt-nhZjbLr5KLJrOpNnyqYYj6XjoRBPnnDJE2ZHa0SEE0vdJTSbjTORaffN-t5FUkvW0_B8HlAvFNBfGS0MqGt5H7xbhypr4hJoKlRo0OtL_5Px_W_21MQhhxHjiMVI3u5yaRfnwvqlNcz1DALlFeDs1Vb44BImS8n4OzX0COQRRkXHJ8vQE24nug-YSD8m68sLYhw1JuKTkN4jrMJo7j8TW7A5CZq3U6o2gIdSRqn0eR9zYWYVfzNup9AbNpJnd3NsidKpnf7HXCUUXtQFEUO7QS3IT0q84Ax8P0dZDlnDCWbfsM5wc7g1Flw%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fkooora4lives.com%3A2096%2F$0;xdt=1;crlt=c!JrIcVO7_;sttr=129;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:00:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Feb 2022 15:00:54 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5087 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 20 Jan 2022 13:26:12 GMT
expires
Fri, 21 Jan 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
5718
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6AD2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
803fdfe0d1fc5a29af05e5c854a2281bbc93c31257eb6925e3540ebee72d657a

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A388 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 10:49:42 GMT
expires
Thu, 19 Jan 2023 10:49:42 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
101508
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/sadbundle/13817566510312390414/300x600/ Frame F6DD 		81 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb5a94996ae03d5242041b564a31aee99eec95a9d17c4015c9dc109a0ee70752
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:30 GMT
expires
Fri, 20 Jan 2023 15:01:30 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 6AD2 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubX_prfM2y1bJfMsCzZtF1kwp_PcSPnhmMJ3wnmAn9Zbb7yJGXhNWK9dtQRiYOlzd1fARj8oZ_JIsq7yYACVQ0LbISZhzxFXdtyzRVFx4QsgnU0EeIk325uSCelVD5vw4C-xdtq-H34KgSHtuUjXxlKFaR&sig=Cg0ArKJSzFt7tUThyYptEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=89&cbvp=1&cstd=83&cisv=r20220118.94916&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img;adv=11272209693943;ec=11272230929715;adv.a=5109792;c.a=26534172;s.a=5897289;p.a=313687820;a.a=506228228;cache=710637215;
ad.atdmt.com/i/ Frame 6AD2 		0
0
current
dclk-match.dotomi.com/match/bounce/ Frame 5087 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAafixfBxiBAYHgTgX6K6V8&google_cver=1&google_push=AYg5qPLMazSWk0EWaD-wmry-RQMG_iQFS0bmW2-L5DJFmVLQToBtT_Vr_wxR3BOKjl_HrGKX75I8xJVutFjZL8P2qINNvJle8A
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:30 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 5087
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEIy-nqlklwvfnJTjJhYdLWg&google_cver=1&google_push=AYg5qPI5dfjc_Qo3hfh9ThNQkNNaratoaf4WbfBVjwjz_0Dqj_mgOVzx2ru1o2jPhBylir0BWZD...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEIy-nqlklwvfnJTjJhYdLWg&google_cver=1&google_push=AYg5qPI5dfjc_Qo3hfh9ThNQkNNaratoaf4WbfBVjwjz_0Dqj_mgOVzx2ru1o2jPhBylir0BWZD...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=Tz3qDdCpSSiR_61m11UWRw&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=Tz3qDdCpSSiR_61m11UWRw&gdpr=1&gdpr_consent=
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:30 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=Tz3qDdCpSSiR_61m11UWRw&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame 5087
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAuJnyWFwR2-odeAazTQX1A&google_cver=1&google_push=AYg5qPLNDVPZbeY3-jSymtJuxJ9ycPYpwL1GE0igGQPCMor5XlFP6goOPMqqNUW_XHCKkVspuMhlTPSVT2IRXDZzKN_R...
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5131077720425435877&expires=30&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLNDVPZbeY3-jSymtJuxJ9ycPYpwL1GE0igGQPCMor5XlFP6goOPMqqNUW_XHCKkVspuMhlTPSVT2IRXDZzKN_RTruhjGE&google_hm=bhyvsmGcT6eiJptdAV9aMQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLNDVPZbeY3-jSymtJuxJ9ycPYpwL1GE0igGQPCMor5XlFP6goOPMqqNUW_XHCKkVspuMhlTPSVT2IRXDZzKN_RTruhjGE&google_hm=bhyvsmGcT6eiJptdAV9aMQ==
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLNDVPZbeY3-jSymtJuxJ9ycPYpwL1GE0igGQPCMor5XlFP6goOPMqqNUW_XHCKkVspuMhlTPSVT2IRXDZzKN_RTruhjGE&google_hm=bhyvsmGcT6eiJptdAV9aMQ==
Date
Thu, 20 Jan 2022 15:01:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5087
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hm...
0
0
pixel
cm.g.doubleclick.net/ Frame 5087
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB_QSrjgcOo0mNiyFAobdsY&google_cver=1&google_push=AYg5qPLvpeB0EjDOzx6rmoEJcS4dTwhPIHi5Wl_9j8SgbGQj5pHQp2bYT37sSfOumrZPPdaqTwb0XkNY2a1PCclyzwfW1lxZV4k
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODU1NjUxNjU0OTQ2NzYzMDQxMg%3D%3D&google_push=AYg5qPLvpeB0EjDOzx6rmoEJcS4dTwhPIHi5Wl_9j8SgbGQj5pHQp2bYT37s...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODU1NjUxNjU0OTQ2NzYzMDQxMg%3D%3D&google_push=AYg5qPLvpeB0EjDOzx6rmoEJcS4dTwhPIHi5Wl_9j8SgbGQj5pHQp2bYT37sSfOumrZPPdaqTwb0XkNY2a1PCclyzwfW1lxZV4k
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODU1NjUxNjU0OTQ2NzYzMDQxMg%3D%3D&google_push=AYg5qPLvpeB0EjDOzx6rmoEJcS4dTwhPIHi5Wl_9j8SgbGQj5pHQp2bYT37sSfOumrZPPdaqTwb0XkNY2a1PCclyzwfW1lxZV4k
date
Thu, 20 Jan 2022 15:01:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 5087 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPTRpBGq6AK8H9AZDu6NWzA&google_cver=1&google_push=AYg5qPIFmeHH1LGNB_EOa-lc5RqE2Eg_VQYxNLYV5tO4yHKftpBort4_5-DuKjmXcjkAsF_TnZrXYrGGSMN-fYJ2FO7tQ6wOc8M
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:29 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 5087 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwVSNCMmqdt05_l4vp5xe596TLGD-Wo_Su0-D33T-JJA3hlG7XQWyAV8iT127Awg
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
main.css
s0.2mdn.net/sadbundle/13817566510312390414/300x600/ Frame F6DD 		43 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88c8d83d871447e80c4006d96cb41a982c5c340a8b5774488383cbe911f6d4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199153
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4993
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 07:42:17 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame F6DD 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 10:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15672
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jan 2022 10:40:18 GMT
ADventori-2.0.0.js
adventori.com/lp/enabler/ Frame F6DD 		76 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adventori.com/lp/enabler/ADventori-2.0.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.135.141.80 , France, ASN16276 (OVH, FR),
Reverse DNS
hap2.adventori.com
Software
Apache/2.4.10 (Debian) /
Resource Hash
b7829509bcb99ead54d5d925f7385cd95f1d53ac7b8f25ec8e1a6e1e561a5f61

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 20 Jan 2022 15:01:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jan 2022 16:06:08 GMT
Server
Apache/2.4.10 (Debian)
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Content-Length
16893
Expires
Thu, 20 Jan 2022 15:06:30 GMT
engine.js
s0.2mdn.net/sadbundle/13817566510312390414/300x600/ Frame F6DD 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/engine.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0aac31347d948e03fdfca09cd82337cc8b8ad63ed35358c8345339d934169bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199153
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2762
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 07:42:17 GMT
af_init_meta.js
s0.2mdn.net/sadbundle/13817566510312390414/300x600/ Frame F6DD 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/af_init_meta.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59d8e6f0a81bd28b775f16512be13a3870865486d037055b9ac77cd03f8ccf56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
199153
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3190
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 07:42:17 GMT
vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
pagead2.googlesyndication.com/bg/ Frame A388 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/vF3DwGiQdwtNbsVxkFzRL_iZiNaTmsYTTs4lOxRXugY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 07:50:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
25883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13436
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 07:50:07 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F6DD 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81f730aeac0c72c75bcf53d7695462b5c985226bfcf76e37037b258e1e8ec258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4889
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A388 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkKmvSXnpYaqxNZWD3wOZibjgDQAAAAA4AeAEAg&bg=!5uWl5aHNAAZ_DxPPfw87ACkAdvg8Wv5GbHHOjMDUCQAvn9d3NKP_HN7Uj1F4zZxFAHeqnP7hpl-ZdAIAAABwUgAAAAJoAQcKAI07Q6wafs20s1Rv5mYIr9pncLJUAZyeKa2fyamq4BlQWkFNipQT5_mDd9C_nUPkoavg0CvECYCXnb4Ctnb4JmuY6rLYRim8X93-xZYJ8N6nTbnA6azHdWjnXRt0AoV1s-MwgpJMrHYiKU8fhfUBozHvA4C1NbhyS-HpIr4gpEDlMFZNuY-WPsUGdFypomqZAu4DHXrKcaFwvgLoR8dDokPoAKKNAD25ft9MUx9-XmeB6YTsSMlRzeo6OfCm3HHZNv5lrj05eQ4PcJV-74M5yAUHlw4beo4_xVd7cRzdXdqXb3aDfaGsR3KDPdB1BypHEa850_VHTHlMLZ0k46w4G2W-EVbU3RTSIunBzooTMGcbeQOwpjhI7aDYi1r2zQKTWhAmx17XTQOiXN3Ev4qpJn0wv2oOag_nMPhi4_Tt8Ols4fpwZY0AlTqlJC1cQUOcYNNUVnoPpqVGznZOy086N_ygiiuhnwk3bGa4WqOkDKTeC7uEhpyVWoNHHJvhqEcyAxy1Cx08eztK0UYI3xFLRqcRuabnp3QFy8LOWybCEuZ4iUfZoSNQpTSqxxaEIaK5cTBMAudSFBJ3IwJUuJ_f8h4Vvmhtc-NaiMvGc1UnQFY7m0a3y2-ZuNYGmWl0J9GLLzAEEcIn1SxC9gRs9uxFthR7zK7Gve8DI6u2T2c0R5nJAsOrKFUJNIdswHh5X8DuPnagHuhmORDcJRbrA-AaZzOJnfjrSK6SFTd2_jqeIaEZh6W6pPQ2MmN0HEFGLlDUf_pnT0VXdZHlwNkyZHeGqwXC_SD_93Y3ILZWmgfD-5vIPocKnBnyy_TOXrmB6Z4C_htKOlBkWcjZgURy1RQrUOMwRUpT6LL1ZrqXgdO_R6YpnDmxnDx04o_Ncm0702LCHNf4Qq1AOJIDZK4SX3FC-aOfRplzsmjvoAz59ASvKfAhUPJU_6bbKXFR9CooYdhu4U9oeq457YcNdXXQ-9TZlhq5LYskiScyyIcBSfYhbwr4v0CFAzGSl2Z-YEcVS_UpB3Gkn78DXt6A-XtrF4F9BbKFzIOINNPn68roCQdDc5lapqm5omUqNDMPKckrSxosQPvBeixeVjwqftREGK5m8khQF1kqN84SlpxFp6ngLJJm2sKL00Gg-OuP_08ukrCLZdaoMFGngq9L1pChsiZsIWStylhGjnMnbCV7ux_QRKo
Requested by
Host: 03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
URL: https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tagv_50153_13.js
tk.airfrance.fr/50153/ Frame F6DD 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tk.airfrance.fr/50153/tagv_50153_13.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/af_init_meta.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.37.12.217 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-37-12-217.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
da49a1404ff461f3ef235a31261fe19ed1e9a3155f1650652e96afb90744a8e8

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:31 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:13:28 GMT
server
nginx
etag
W/"5e441618-32d9"
p3p
CP="NON DSP COR ADM PSA IVA OUR STP NAV"
cache-control
public, max-age=86400
content-type
application/javascript
background-blue5.png
s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/ Frame F6DD 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/background-blue5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef397592a5440629e15e06e79678b2e00bd8835e551db38f12dea3ffc04ee995
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 06:45:25 GMT
x-content-type-options
nosniff
age
202565
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42629
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 06:45:25 GMT
background-blue.jpg
s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/ Frame F6DD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/background-blue.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ceb1aad0602fa4edc31d85d380a2bf0a028ad229e9094f5c5c3b986a50fb0f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:36:41 GMT
x-content-type-options
nosniff
age
174289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8439
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 14:36:41 GMT
Excellence_In_Motion_Regular_V5.woff2
s0.2mdn.net/sadbundle/13817566510312390414/300x600/fonts/ Frame F6DD 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/fonts/Excellence_In_Motion_Regular_V5.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80c2d79c60490444a0dd3a4101e3b1fc00053ed804ecf7be2706d0dd5c7f27dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
Origin
https://s0.2mdn.net
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:42:18 GMT
x-content-type-options
nosniff
age
199152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14708
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 07:42:18 GMT
Excellence_In_Motion_Medium_V5.woff2
s0.2mdn.net/sadbundle/13817566510312390414/300x600/fonts/ Frame F6DD 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/fonts/Excellence_In_Motion_Medium_V5.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a5f97ae791beef344e61320d5015965207e6c7e3e171d606ddf48e2bdd718f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
Origin
https://s0.2mdn.net
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:42:18 GMT
x-content-type-options
nosniff
age
199152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14568
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 07:42:18 GMT
Excellence_In_Motion_Bold_V5.woff2
s0.2mdn.net/sadbundle/13817566510312390414/300x600/fonts/ Frame F6DD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/fonts/Excellence_In_Motion_Bold_V5.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ba58700889d4a90393e2ee9aa0112a663ef60055740ee7fa781af5e69675811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
Origin
https://s0.2mdn.net
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:42:18 GMT
x-content-type-options
nosniff
age
199152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15220
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 07:42:18 GMT
Excellence_In_Motion_Black_V5.woff2
s0.2mdn.net/sadbundle/13817566510312390414/300x600/fonts/ Frame F6DD 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/fonts/Excellence_In_Motion_Black_V5.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae4137c9e56cf004f0e26ebdf09358841adb6b408d69e3ef6d7758f47b9d6cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/main.css
Origin
https://s0.2mdn.net
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:42:18 GMT
x-content-type-options
nosniff
age
199152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14788
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 07:42:18 GMT
origin1.png
s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/ Frame F6DD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/origin1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dc5032196a4f167a485d72c323f33d7ab3cba0a65d924d11e79db4445eb6a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:36:41 GMT
x-content-type-options
nosniff
age
174289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1739
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 14:36:41 GMT
bookby2.png
s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/ Frame F6DD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/bookby2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266a1234ea6ae2e14527d4f9f993dc0f1f2f7b2ebcd885c5c0d4420c8c673cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:36:41 GMT
x-content-type-options
nosniff
age
174289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2142
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 14:36:41 GMT
monsieur-sieste.png
s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/ Frame F6DD 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/monsieur-sieste.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03dd1452a6eee74bad552f7093fe570e97b30e9b9b5b0d20588b811759c4939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:42:18 GMT
x-content-type-options
nosniff
age
199152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56077
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 07:42:18 GMT
business.png
s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/ Frame F6DD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/img/business.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e65f7a1614abfe8ce9c1d782af29ca3a05cfadc40ff35b0f8b56df135a3060c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 07:42:18 GMT
x-content-type-options
nosniff
age
199152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3967
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 15:40:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 07:42:18 GMT
SIEGE_BUSINESS_300x600.jpg
s0.2mdn.net/creatives/assets/4168881// Frame F6DD 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4168881//SIEGE_BUSINESS_300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
545e99cbc99ea9e7339223323d4b8c98a6a363d4cc4f4c8eab86ebbd82262b11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:59:49 GMT
x-content-type-options
nosniff
age
101
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67530
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 14:08:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jan 2022 15:14:49 GMT
backrdv-300x600.jpg
s0.2mdn.net/creatives/assets/4168881// Frame F6DD 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4168881//backrdv-300x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa1d9cc9a8f49809c0a716d8549fca9ed7aab7c310e4a392db25288d6f70f262
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13817566510312390414/300x600/index.html?e=69&leftOffset=0&topOffset=0&c=r0dvbQPCdz&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 14:53:06 GMT
x-content-type-options
nosniff
age
504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62822
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 13:04:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jan 2022 15:08:06 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.com%3A2096%2F&domain=kooora4lives.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://kooora4lives.com:2096
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
https://kooora4lives.com:2096
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1341
date
Thu, 20 Jan 2022 15:01:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fkooora4lives.com%3A2096%2F&domain=kooora4lives.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=_Gx303w1NDA5enhJd3ZRakpHcVIrSlY4Q09wYTdYc1pSTVpMQkh6ck9jckJHd011Y0ROS2tUTS9JYjdMVFA5S1FTK3NGSUhJL1orV0xRYUY2cS9GbVhNVGVyaU8xUU1UYjJySVordEw5ZXRTamM3S2RWMHZjUWZSalBWMW...
433 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_Gx303w1NDA5enhJd3ZRakpHcVIrSlY4Q09wYTdYc1pSTVpMQkh6ck9jckJHd011Y0ROS2tUTS9JYjdMVFA5S1FTK3NGSUhJL1orV0xRYUY2cS9GbVhNVGVyaU8xUU1UYjJySVordEw5ZXRTamM3S2RWMHZjUWZSalBWMWY0ZDBicTJkelFHZE40YVNmZjg3Mk1aNnRYSUxjUTFXUXh2dWNJMmthSDY0WjRlZ0NEMzR0V1hWM1ZDc1A0K1J5VFZvemlGM2YyVlJYV0dWUFVINE9XSFp6b2ZrNGxVZzZ4eHFGL0VYancyWjdubUtCaWZ3MmJYSDc2YWlGYnNIZXU5a2lmMmZkU1phbHlCWDVaNnI2cDRsR0Y1VTFYQT09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
065c89583ff5293c7b4d79c965c95de5b8ee9c28e0ba1a2b84b04abe917ab0c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://kooora4lives.com:2096/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:31 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3062
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:30 GMT
location
https://mug.criteo.com/sid?cpp=_Gx303w1NDA5enhJd3ZRakpHcVIrSlY4Q09wYTdYc1pSTVpMQkh6ck9jckJHd011Y0ROS2tUTS9JYjdMVFA5S1FTK3NGSUhJL1orV0xRYUY2cS9GbVhNVGVyaU8xUU1UYjJySVordEw5ZXRTamM3S2RWMHZjUWZSalBWMWY0ZDBicTJkelFHZE40YVNmZjg3Mk1aNnRYSUxjUTFXUXh2dWNJMmthSDY0WjRlZ0NEMzR0V1hWM1ZDc1A0K1J5VFZvemlGM2YyVlJYV0dWUFVINE9XSFp6b2ZrNGxVZzZ4eHFGL0VYancyWjdubUtCaWZ3MmJYSDc2YWlGYnNIZXU5a2lmMmZkU1phbHlCWDVaNnI2cDRsR0Y1VTFYQT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://kooora4lives.com:2096
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1878
content-length
541
expires
0
692.json
id5-sync.com/g/v2/ 		213 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19013/hb_501006_12923.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.42.88 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p27.id5-sync.com
Software
/
Resource Hash
6fc89905b63e2b87232f7ecfa35ef6858a36167c958576f3be14b536ab1f14b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://kooora4lives.com:2096/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://kooora4lives.com:2096
Date
Thu, 20 Jan 2022 15:01:30 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 6AD2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssYp5bqepMLOHEd68o62H2xKAMsYmCnls9Eu_VDYw1vfW9-xCkdKJloL8mjWedQuRvPyfS9ZgRbEJ5-XPZ4dK-HgDpVLxzU84p9sTVGBGYzK9Vx29jxw&sai=AMfl-YQDbUdEIp_4IUhlobL_oDv41Lyakv6YcEiumLP1C8npCVnGGG8EXhZfaZLD4gJkHCTx4yxKbLQGa4bBu0Y2DF_9d7WGIj9RyorZ03jC3cnD7kG1cRXtACLbTwE&sig=Cg0ArKJSzIGHP79UiwplEAE&cid=CAASEuRoiyn4PNc3BxJT1Xn5Yk3flA&id=lidar2&mcvt=1000&p=601,-84,1205,216&mtos=0,966,1000,1000,1000&tos=0,966,34,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=20&adk=1538426229&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642690889495&rpt=580&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view.js
tk.airfrance.fr/v/ Frame F6DD 		55 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tk.airfrance.fr/v/view.js?esvid=A50153&esvcb=etvcb&wiz_medium=DSP&wiz_source=DV3&wiz_campaign=402582775&wiz_content=FR_Structural%2F%2FSOLO_BUSINESS&wiz_term=15901483325&esvvid=4c296bab61e9794b&esvc=0&esvisc=1&esvf=1&esvsf=0&esvrsl=1600x1200&esvwinrsl=1800x1100&esvaddim=300x600&esvadlt=0x0&esvadrb=0x0&esvadz=10000&esvview=0&esvfocus=1&esvviewts=0&esvpub=https%3A%2F%2F03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com%2F&esvads=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F13817566510312390414%2F300x600%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3Dr0dvbQPCdz%26t%3D1%26renderingType%3D2&esvr=0.16794826373374372&esvlv=1&esvtv=1&esvts=1642690891105&esvtid=13
Requested by
Host: tk.airfrance.fr
URL: https://tk.airfrance.fr/50153/tagv_50153_13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.37.12.217 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-37-12-217.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
e8e93203391e139e797392bf2dc14cbda7c79b905e44aee16b55368bdc7ea5c6

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:31 GMT
content-encoding
gzip
server
nginx
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript
p3p
CP="NON DSP COR ADM PSA IVA OUR STP NAV"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F6DD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 20 Jan 2022 15:01:31 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6AD2 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsubX_prfM2y1bJfMsCzZtF1kwp_PcSPnhmMJ3wnmAn9Zbb7yJGXhNWK9dtQRiYOlzd1fARj8oZ_JIsq7yYACVQ0LbISZhzxFXdtyzRVFx4QsgnU0EeIk325uSCelVD5vw4C-xdtq-H34KgSHtuUjXxlKFaR&sig=Cg0ArKJSzFt7tUThyYptEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1101&vt=11&dtpt=1012&dett=3&cstd=83&cisv=r20220118.94916&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: kooora4lives.com
URL: https://kooora4lives.com:2096/m2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
Accept-Language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 20 Jan 2022 15:01:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 6AD2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwin-BLRKvpZjr0A5W_92tTGVpRN7fc668Sawer6Heq6YaQXczsNpFVrd3xOXBjjrFnuwci50Aa0htDlnkTYJZeBOm0O3_ltk&sig=Cg0ArKJSzNNz6DpaUdyoEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220119&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&app=0&itpl=34&adk=943508953&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642690889495&rpt=685&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Jan 2022 15:01:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_Gx303w1NDA5enhJd3ZRakpHcVIrSlY4Q09wYTdYc1pSTVpMQkh6ck9jckJHd011Y0ROS2tUTS9JYjdMVFA5S1FTK3NGSUhJL1orV0xRYUY2cS9GbVhNVGVyaU8xUU1UYjJySVordEw5ZXRTamM3S2RWMHZjUWZSalBWMWY0ZDBicTJkelFHZE40YVNmZjg3Mk1aNnRYSUxjUTFXUXh2dWNJMmthSDY0WjRlZ0NEMzR0V1hWM1ZDc1A0K1J5VFZvemlGM2YyVlJYV0dWUFVINE9XSFp6b2ZrNGxVZzZ4eHFGL0VYancyWjdubUtCaWZ3MmJYSDc2YWlGYnNIZXU5a2lmMmZkU1phbHlCWDVaNnI2cDRsR0Y1VTFYQT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1077
date
Thu, 20 Jan 2022 15:01:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
pagead2.googlesyndication.com/bg/ Frame E6B3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RSjKnk5gG5e-YnqyaokaGBofRBYcmQ35b5mWA3AF7Xg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 10:24:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
103016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13497
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 10:24:35 GMT
view.gif
tk.airfrance.fr/v/ Frame F6DD 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tk.airfrance.fr/v/view.gif?esvid=A50153&wiz_medium=DSP&wiz_source=DV3&wiz_campaign=402582775&wiz_content=FR_Structural%2F%2FSOLO_BUSINESS&wiz_term=15901483325&esvvid=4c296bab61e9794b&esvc=1&esvisc=1&esvf=1&esvsf=0&esvrsl=1600x1200&esvwinrsl=1800x1100&esvaddim=300x600&esvadlt=0x0&esvadrb=0x0&esvadz=10000&esvview=99&esvfocus=1&esvviewts=1197&esvpub=https%3A%2F%2F03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com%2F&esvads=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F13817566510312390414%2F300x600%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3Dr0dvbQPCdz%26t%3D1%26renderingType%3D2&esvsts=2022-01-20T15%3A01%3A31%2B00%3A00&esvr=0.6585582231409768&esvlv=1&esvtv=1&esvts=1642690892560&esvtid=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.37.12.217 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-37-12-217.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
fr-FR,fr;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 15:01:32 GMT
cache-control
no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
p3p
CP="NON DSP COR ADM PSA IVA OUR STP NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEIrXE3--fhOmeXW_X9o3Lps&google_cver=1&google_push=AYg5qPJ_dKx_59msmM7DKnqWeMCSyscE971l1HWDyFR4ih8QwLqod1XbofM4232vB8QGCpkJ5j9-OAaHGOKgwQNnbAyrFcCFV7rK
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEBD1PLaYIsX6Nnxq688QLoE&google_cver=1&google_push=AYg5qPKpUY8PUIufpZyJnFEKS7AAeIcRRpJAAjHBGFkT-7-cgTXMai8410WKV3PmrDwlREWOrCIuiZprvO7SPgpQTHCI5r2jJw
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11272209693943;ec=11272230929715;adv.a=5109792;c.a=26534172;s.a=5897289;p.a=313687820;a.a=506228228;cache=710637215;
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| __cfQR object| googletag object| adsbygoogle function| rdmode function| gtag object| dataLayer object| google_tag_manager function| HqyLazyload boolean| __cfRLUnblockHandlers object| adipolo object| google_tag_data string| GoogleAnalyticsObject function| ga object| interstitialSlot undefined| anchorSlot undefined| staticSlot object| gptAdSlots object| vpb object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| vmpbjsChunk object| vmpbjs object| _pbjsGlobals object| ADAGIO string| nobidVersion object| nobid object| GoogleGcLKhOms object| Criteo object| sas object| apntag object| _ADAGIO object| google_image_requests object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

47 Cookies

Domain/Path Name / Value
.kooora4lives.com/ Name: _ga
Value: GA1.2.1668863241.1642690887
.kooora4lives.com/ Name: _gid
Value: GA1.2.1091771870.1642690887
.kooora4lives.com/ Name: _gat_gtag_UA_150096121_1
Value: 1
.adtelligent.com/ Name: vmuid
Value: 05bb8b1eed558dc8
kooora4lives.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.kooora4lives.com/ Name: _pubcid
Value: f9fd1b54-55b2-4127-9afe-de210354f780
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.doubleclick.net/ Name: IDE
Value: AHWqTUl_iTsGqZZhrMQE_dkRj0wJPsgXwUH3LExmjES56D_JLzVB1cyKE8FdWXm9L8k
.kooora4lives.com/ Name: __gads
Value: ID=021c6d3e5405527a:T=1642690887:S=ALNI_MZpZxpwvqOlR3hS7dhbECY39Z89xQ
.adnxs.com/ Name: uuid2
Value: 5521439363977680157
.casalemedia.com/ Name: CMID
Value: Yel5SDzs-pkTP1h2FcdcYwAA
.casalemedia.com/ Name: CMPS
Value: 1214
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%sq36MY!]tbPl1M>e)ZlrFUfJ+tGXxoTCC+nX?6Av!Pmo$s^B=/(F@gkbaaS'y=HiFk*bpRz*qF1`*b_ya*<Pu4
.casalemedia.com/ Name: CMPRO
Value: 1115
.lijit.com/ Name: ljt_reader
Value: 98fe401fac982a3268488774
.casalemedia.com/ Name: CMRUM3
Value: 2d61e979482760CAESECxbI6xDApYo_f1j6pyAwT4
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22D5EF5B13-E686-4456-AD06-C260CB32FD99%22%7D
.quantserve.com/ Name: d
Value: ECIBCQGfJYEA
.quantserve.com/ Name: mc
Value: 61e97948-89ddc-bf50b-2716d
.bidswitch.net/ Name: tuuid
Value: 6e1cafb2-619c-4fa7-a226-9b5d015f5a31
.bidswitch.net/ Name: c
Value: 1642690888
.bidswitch.net/ Name: tuuid_lu
Value: 1642690888
.spotxchange.com/ Name: audience
Value: d85cf76c-7a01-11ec-8054-141922060206
.360yield.com/ Name: tuuid_lu
Value: 1642690888
.360yield.com/ Name: tuuid
Value: 4ca89a14-d7e5-4bfa-8617-b23e3c49e976
.3lift.com/ Name: tluid
Value: 8556516549467630412
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.ctnsnet.com/ Name: cid_4a74c617d43e45609ee327dadd892333
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yel5SAAHBPxJXgAF
.w55c.net/ Name: wfivefivec
Value: ovsogdLe1NayWk5
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 619674FD-CEF8-489B-A965-AC6DEBF1CFFF
.w55c.net/ Name: matchgoogle
Value: 5
.criteo.com/ Name: uid
Value: 5f446d2d-7e27-46b7-91f8-20a4ec42755c
.yahoo.com/ Name: A3
Value: d=AQABBEh56WECEJWaXhErI3uK-E8LbVKW1V0FEgEBAQHK6mHzYQAAAAAA_eMAAA&S=AQAAAgLmTZb5WOIiTtDvQTYaNkY
.advertising.com/ Name: APID
Value: UPd90a75d3-7a01-11ec-ab8a-0666f73737e8
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~22rr:18yl~22rr:1762~22rr"
.yahoo.com/ Name: APIDTS
Value: 1642690889
.yahoo.com/ Name: APID
Value: UPd90a75d3-7a01-11ec-ab8a-0666f73737e8
.casalemedia.com/ Name: CMST
Value: Yel5SGHpeUoA
.tidaltv.com/ Name: tidal_ttid
Value: 4f3dea0d-d0a9-4928-91ff-ad66d7551647
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmJkZmlgYWlgZmoKAGDTn7QQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3MjAxMjUxNrUwNxfiM9StMDa1zC509PUPSgsDAEODgxolAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjQwNzc3MjAxMjUxNrUwNxfiM9StMDa1zC509PUPSguT4jU0MzEyszSwsDQwMzUFADSnjEY0AAAA
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjAwtjI0sgAAhY/U4QkAAAA="
tk.airfrance.fr/ Name: uid
Value: rB8A0mHpeUu8VwJH/Iu0Ag==
.kooora4lives.com/ Name: cto_bundle
Value: VbTFqF9iOW9lRFdCaFhlR0xCcW5zdDBSblZJem5ibFdvOG15d0htZzNsaDcya1FObGFaZXN3d1o1dkFJZHIwbjY4N0ZCUWhTeEg4Q2F3S3p3VllUUW9LNzVyWnVFY05TdXQwc202eXV0ZUpWRGxUUHpTVU1UUjglMkZvZEFiNlNFMVE3bCUyRnRETG5ZdEFzWEFsajUlMkJORmVtaFVkN3clM0QlM0Q
.kooora4lives.com/ Name: cto_bidid
Value: v5xky19wdlRpbkJLUjIxY1FqckFNUmNjOWhIYXYzR0clMkJwREVuUjRPRVdtUjQ0ekJNcXo3aTNFaXdqNFRpcEtoWUMwVjdJVXZaQTdLODY4JTJCdEo0ekx3bDh0eWRHOXI3ZUR5MzNQblclMkJxRUtzOWhIZXQ0dE14OFRWd0hYdUk1YldhVVE0Yg

7 Console Messages

Source Level URL
Text
other warning URL: https://kooora4lives.com:2096/m2/(Line 50)
Message:
<link rel=preload> must have a valid `as` value
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js(Line 346)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJ7suEqg8jypZEz5R0UBJ_RWTDWLIbm679dBNnzxyaJ1xehJZqTDOqNZXeYRvu2qNLWPhz0Etw2muQHi7uHEMz6xwANXkBS
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=TKiaFNflS_qGF7I-PEnpdg&google_push=AYg5qPJLD5vEzIzDiF2-FPAFjgFmFr5qs04ss0a31M0IDCsCMJMEtELIsA2ArS8ZuotsQh9prkhbhnSAVxR6AInkRIWIrBVA21Q
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ad.atdmt.com/i/img;adv=11272209693943;ec=11272230929715;adv.a=5109792;c.a=26534172;s.a=5897289;p.a=313687820;a.a=506228228;cache=710637215;
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yel5SDzs_pkTP1h2FcdcYwAABFsAAAIB&google_push=AYg5qPLtII459TYFOuGK0n2p-GaJb2yVF5uObDVJSe1pX03TnZwmia6zElF4jjxIoJ0NPPmiLyvdPtUWoadWZZr3hmzQ-dQrQE4&google_gid=CAESEALiZkfYzB3Ta0191LSytcM&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

03ca741b1e2daf17f90dabbf7824fc3d.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
adipolo.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.ae
adservice.google.com
adservice.google.fr
adventori.com
ap.lijit.com
bid.g.doubleclick.net
bidder.criteo.com
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d5p.de17a.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gcm.ctnsnet.com
ghb.adtelligent.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
jscdn.greeter.me
kooora4lives.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
player.adtelligent.com
plus.kooora4live.net
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
r5---sn-25glene6.c.2mdn.net
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc.33across.com
static.criteo.net
sync-tm.everesttech.net
sync.search.spotxchange.com
sync.teads.tv
sync.tidaltv.com
tk.airfrance.fr
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kooora4live.com
www.kooora4lives.com
x.bidswitch.net
ad.atdmt.com
cm.g.doubleclick.net
google2waycm.netmng.com
104.111.242.245
108.157.4.26
13.248.245.213
13.32.121.66
13.37.12.217
142.250.181.226
142.250.185.66
142.250.185.70
142.251.5.157
147.75.61.140
15.197.193.217
151.101.194.49
172.217.16.130
178.250.2.131
178.250.2.146
18.156.0.31
18.196.197.61
184.30.24.241
185.33.221.11
185.64.190.78
185.86.137.121
185.94.180.125
193.0.160.128
205.185.216.42
213.155.156.183
216.52.2.39
2600:9000:223f:ac00:1b:5138:8a40:93a1
2606:4700:20::681a:d53
2606:4700:20::681b:4171
2606:4700:20::ac43:4740
2606:4700:20::ac43:4bf1
2606:4700:3033::6815:2de
2607:f8b0:400e:c08::78
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:80:800::7001
2a00:1450:4001:801::200e
2a00:1450:4001:803::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2006
2a00:1450:4001:828::200a
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:4007:2d::a
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:20::2010
2a05:d018:24:b002:6973:f435:affb:5901
2a05:d018:d29:3605:f8ff:4e61:fc04:1ff8
2a0c:5c81:5142::2
3.126.9.108
34.149.20.76
34.98.64.218
35.156.69.231
35.186.193.173
35.190.0.66
35.227.252.103
45.133.44.3
5.135.141.80
51.89.42.88
51.89.9.251
66.155.71.150
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01b4f51cb4adacf39e490eb0b247798243ec108fe29d41f9858ddbdd40a7452a
03ffaab06677ed0ab349a8b3a75edb16dbb8db0dd7b9a81bc546f08997010467
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
065c89583ff5293c7b4d79c965c95de5b8ee9c28e0ba1a2b84b04abe917ab0c9
0920e44f96b6b9314c0ec0116527d78de9e862c73957ebaec7b283f986c26234
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
16c037bedf4df26c2af3f5f6a118911274ce6982325d197fde4ccbad92344519
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
1d8c3ebdce5a05ae984a44c887124849c6a65711ed0ee13c2f372b18589b7e7d
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e07a1577fe17c6b83938cae8d3fb382d1e0dc6f8d242b973bcde5acde14c5c3
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f5d5fdb76bf126c16a1689bca96a4c03b6aaa27efe67ffd5c0400cc74dfca33
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
217b03a8e0836c70982d6240dea80133667a0c9fec9ee9764c9e8195293bb93c
249e90601855c64286297bb23a25f8cbf7fb0c0ea9aca8a1e94dc0736dc6abc1
24b5c098ed380a6c809c5c49645d67dc3f11cf53158910a5bebb71c4949b6dae
2554231538d215e25183ebf736d042fba01900659d9e46cc267e9fc2928455d1
266a1234ea6ae2e14527d4f9f993dc0f1f2f7b2ebcd885c5c0d4420c8c673cc5
279aae1c2f60917f5633b97c8773832967c4ca84af15c809a525f0e726cf2928
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f17ef18482613d08503762b07982f005c4aa383db0ea284948028ca039ca72a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
382f703fb24619e3eb3839a00e603b55da65dbda0870eb3bd179ebceee43799c
3cc452287bf60c2137af690588bd2b455b1e2a798f9dad0453ca56e7b8e336e2
411af3a0cdb161d363fcae09436cc4c53d783bec45b0dade1214e071f600acbb
41ff90d2b5010b96788d7cb2c0715baf52735f7dc9d13d4e1b78384af4a09f85
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4528ca9e4e601b97be627ab26a891a181a1f44161c990df96f9996037005ed78
48a0de8b3d48b1317fb55e9e92e0cdabc1f026bef3c6c5d33d693f4a5624d1a8
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4c911aedbf707cff09a1987e076555a9cf9fbb456f89cfe8dbc377444b3778
4f37b30a99cae60beefd3f7146059f5f6d2b10ac9689d7507be429696f9ce529
4f3cb8ad60c10f4c829a5bf535e6d4513578e2478be748201949f77a4ec62b9f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
51ed5a56c130b285752202178c582130791187991b1da780bc8b863cd435926f
545e99cbc99ea9e7339223323d4b8c98a6a363d4cc4f4c8eab86ebbd82262b11
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56464706bc02f9f808b5ae74eba2fb1912706ba234120c40edc510e765159535
56924929e5205947c5045129c84ea494804b2f5499bbf3e65b354d7949f1cc5f
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
59d8e6f0a81bd28b775f16512be13a3870865486d037055b9ac77cd03f8ccf56
5bf565056e3242ec213d54dc98e5eacd883747f806b166e73fa40e8d90ec0939
5e045ae784a5912fe98bb81005bbfaa36cef097b6a2bdd4ff1ce2fe915ac8ce8
5f3397dd5f9f9d67ca626b5bd63e2209c10f3f8305b133b30b4c0c0bfaa325b0
5fdf6a4b7aa94a34317ec47cf2be6b143d9b72649c74f2062ad3da60a32da3e2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e531ec854e493c774a1f8666b5640dc0d15256a066eaad85580f878227e38a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6820c8f8b383ca4e4997515fe6bf438468a9439d71d6ca2c16ea5e557626d13c
6994349fd4c8a98461fe0fcc61ede177d984f21e38e89a30ba9e1254a2692952
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3ceed2256e78d1d6cf8ca4405b9204e43ed8dace787060fda3e822204fdbf5
6da3648e75291a3f67cba7dd173c1557fc40b0341d5d6ec2be11d5c843708bb4
6dc5032196a4f167a485d72c323f33d7ab3cba0a65d924d11e79db4445eb6a02
6e0870abf1eeacdc97db38723072c580b92e1709573a188d4c168e6e55a4f1dd
6e9b9252b60de82f3f3baf658de193f31ebfa675793f17a1a22f0ee3d1041051
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
6fc89905b63e2b87232f7ecfa35ef6858a36167c958576f3be14b536ab1f14b3
71895469b6ff513d909d23563b37a01f80b74341eb41acefb21d660a93d6a143
722efbeed2dbfce21c71b9a813139f505316f2c37e8da88b7d6b9c217c452355
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
73d70cea0d76ca385b047d6b092fc480fa521f2cf38c9d50dabfcb1c7433ec83
7848e8fe8acaeb11f1fa92481bce612e12d101f25030f1cbb1d9ae4f0b6a1e74
7a5f97ae791beef344e61320d5015965207e6c7e3e171d606ddf48e2bdd718f1
7b2999c6aacdf476178e78cd8b61b57b7a5e2249a813a1ac85ddd01cbe32703d
803fdfe0d1fc5a29af05e5c854a2281bbc93c31257eb6925e3540ebee72d657a
80c2d79c60490444a0dd3a4101e3b1fc00053ed804ecf7be2706d0dd5c7f27dd
81f730aeac0c72c75bcf53d7695462b5c985226bfcf76e37037b258e1e8ec258
824ac5f673120aab41919b661d3bd8d1c4344432eb125db449e776e154dd5768
82b64ae5dd223c48e3cdc24f760779017667cd421b807854ad94fd79c5d405f8
85a48d7292aab406c9b1673ed11fb440224c01635a238b82af5081939308d146
876744a14c03d98eac7ef9f8a669805bda6e49c10102acddef6d11261244fea9
88c8d83d871447e80c4006d96cb41a982c5c340a8b5774488383cbe911f6d4e1
8a03487b6d86bd2f421b6008bae504b368cf68da068592288fa6156eb546bcf9
8ba58700889d4a90393e2ee9aa0112a663ef60055740ee7fa781af5e69675811
8ceb1aad0602fa4edc31d85d380a2bf0a028ad229e9094f5c5c3b986a50fb0f8
8d4b9633320f23d8ce3c4dcb514f76d27c6774115c5f699917dd94c3777a6ba7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901469fa3001f7409d0d6c2f41bcda16b8bd19f8a3e0109c4fa8b7230e52e644
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9133fe1a7630c487f6ea8394413e817da57704752528bfe55ac697912e385747
922e306a6fe0ede719a7fc79f287dfabf6cd9234583d778ec544a88eed908db2
953f95177cf9d22c325e2c95b1ad88160975a71ed6ce0454f261aec4b13fe610
970b650a8ccf222b9b239bcc0717130de60007c1b292167965b80f5b4c625033
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
996ae51c16366f266170fc08ede7364cb5696ed15e01b047301e15a5cfb37d6b
9a1b10dacb76fa5da43b5c27b466898ba8819e463107544540ecce30737fa68d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a36c2d7e1a7106395602b99eaceffb3d1e17d27cb5c1a9dec396b84896e7d65f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6d37a1d36aad175558c9cb9fe6c01f15e09e7edbb9f2953581305ee43f64637
a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a73b8ae00adc888a638c853eaa5ee849e50c8727abcfc869f1a50b30e1a595f0
a79412760347f066745387d92f0db41a48c1fe0f5b9a4ffcd2c9c6269149d48e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acb8aba77083d0c920f0de2ce32a6ed0d55c35516e5a48d5b03f57650f41fa6f
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae4137c9e56cf004f0e26ebdf09358841adb6b408d69e3ef6d7758f47b9d6cbb
af0f1373dbc18a369b4455f527dc92e8f8b38504b655ab993074cb3a8cf45d86
b03dd1452a6eee74bad552f7093fe570e97b30e9b9b5b0d20588b811759c4939
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b7829509bcb99ead54d5d925f7385cd95f1d53ac7b8f25ec8e1a6e1e561a5f61
b7c55617f84818daf4c70cc10ada26ddd5b582b1d1c2c2829b3220487a6db477
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc5dc3c06890770b4d6ec571905cd12ff89988d6939ac6134ece253b1457ba06
bc6f706201a1c84a33b468d33b955d7320b987e22820c8ed5d23bbae11af0f35
bf50ff33fc4beb3adef4d90e03d6b34cc1365b1a1c6beb7567f911d71293dae4
c1388d9e37742e0bff62e541f312d861c404530e5f869aa00badfcf07b3a0aa5
c1b32e585f73a96cc23268195ffe60f1797b66ed221aaf08fbbc433b73b9b456
cb5a94996ae03d5242041b564a31aee99eec95a9d17c4015c9dc109a0ee70752
cba9a0da2b12b2dbe86f13086f1231e383dcc2b287223db94b8e3582a6ee2887
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdf0b0f2c5cef0e09f6cc68cb1a183831eba5c571627b3862c0d959de0350678
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb518325df1232cf5e796eba4b3ced0fe2730533a1f109f0c48bb0112102630
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da49a1404ff461f3ef235a31261fe19ed1e9a3155f1650652e96afb90744a8e8
dcc2585466f270c5670d3365306a375ce9555236ecac32888b817a479a53e07b
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e65f7a1614abfe8ce9c1d782af29ca3a05cfadc40ff35b0f8b56df135a3060c8
e7a3f0a5255ebd6567982d24f2769f81efb4e614d834c125c2a0e101478d3773
e8e93203391e139e797392bf2dc14cbda7c79b905e44aee16b55368bdc7ea5c6
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e92ab3bc3d9bc6c228223f3393e594a6f05f00a85c951ff5c89957d84352fa74
e99d78b65478de19fbb451857e3bf5d513862758df1f5906537c248d6e610293
e9fd472877b5a58bcb188c57bdb556d7f080972594d1f36a37ed605cc8fdd02d
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef397592a5440629e15e06e79678b2e00bd8835e551db38f12dea3ffc04ee995
ef9bcfa6bc3e6d8739467a3133a3c2763ac2d871629def102fdbc1e501eb1c3b
f0aac31347d948e03fdfca09cd82337cc8b8ad63ed35358c8345339d934169bc
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f41a88e6574bbd92d5f7b9dca32b8ad2ca2138fcb9d8f1097ffd678a2157fca8
f4415dcf6cea91ec87485fe7485323a3a4104a694a4c19e87f1cfaed4104fa73
f74e838046f6ce24516714dc9a6e4d0eb4b5a11cd2e908b2112848aae36d7238
f8564f21250a90e12a0326ab4c46db6837d6760f1f70388a8f099f32586811da
f98446d452731c21af292cf5872a69786e895b9fc568db53dedef3cc850649dc
f98ae961eab586bc99b2d15dd434b8c33e5cf8df431468a6a43a905a69996c06
fa1d9cc9a8f49809c0a716d8549fca9ed7aab7c310e4a392db25288d6f70f262
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fefd66953c82a4802fabeb99b9bb429c5fd45c57e832473d187dd133225a5d3f