kooora2day.online Open in urlscan Pro
2a06:98c1:3120::9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kooora2day.online/
Submission: On October 12 via api (October 12th 2022, 8:40:05 am UTC) from FR — Scanned from NL

Summary HTTP 196 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 196 HTTP transactions. The main IP is 2a06:98c1:3120::9, located in United States and belongs to CLOUDFLARENET, US. The main domain is kooora2day.online.
TLS certificate: Issued by E1 on August 24th 2022. Valid for: 3 months.

This is the only time kooora2day.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2a06:98c1:312... 2a06:98c1:3120::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
46	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3 4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
12 12	2606:4700:303... 2606:4700:3035::ac43:aa61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2404:6800:400... 2404:6800:400a:805::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1 1	185.59.220.194 185.59.220.194	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
196	23

25 2a06:98c1:3120::9 (United States)

ASN13335 (CLOUDFLARENET, US)

kooora2day.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3035::ac43:aa61 (United States) 12 redirects

ASN13335 (CLOUDFLARENET, US)

kora2day.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:400a:805::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.194 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: edge-713.bunnyinfra.net

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	806 KB
35	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	338 KB
34	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 304 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390	467 KB
25	kooora2day.online kooora2day.online	327 KB
12	kora2day.online 12 redirects kora2day.online	5 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	369 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	6 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 908	3 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 334	3 KB
2	google.nl adservice.google.nl — Cisco Umbrella Rank: 9993	914 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2144	356 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 492	61 KB
1	rawgit.com 1 redirects cdn.rawgit.com — Cisco Umbrella Rank: 14367	717 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	13 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	648 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	74 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	25 KB
196	18

	Domain	Requested by
46	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
29	pagead2.googlesyndication.com	kooora2day.online pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com cdn.rawgit.com
25	kooora2day.online	kooora2day.online
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	csi.gstatic.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
12	kora2day.online	12 redirects
12	fonts.gstatic.com	kooora2day.online fonts.googleapis.com
9	www.gstatic.com	googleads.g.doubleclick.net
8	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
8	www.googletagservices.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.nl	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
1	cdn.jsdelivr.net
1	cdn.rawgit.com	1 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	kooora2day.online
1	cdnjs.cloudflare.com	kooora2day.online
196	25

This site contains no links.

Subject Issuer	Validity	Valid
*.kooora2day.online E1	`2022-08-24` - `2022-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://kooora2day.online/
Frame ID: 8A8879060B9B015051BECA07E3B93582
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20190131/zrt_lookup.html
Frame ID: D07000FF48925EA4BCE3E95CF45CA275
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184
Frame ID: E208CB3710F5868151308EE976E5CBF1
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194
Frame ID: 33513A907967D1AED407A01F091B2AC4
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=255&idt=197&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7XAzIuhWLn&p=https%3A//kooora2day.online&dtd=200
Frame ID: 5417904E3A84A0B992883DFB209E8F87
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212
Frame ID: 8F667E2066EB2C4A3E875E8340665DA0
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998545&bpp=1&bdt=256&idt=214&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=UITB7Onavu&p=https%3A//kooora2day.online&dtd=218
Frame ID: 47DB0FC1AFA89CA9ECC82071A3AAE8C6
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227
Frame ID: 3A17D79AEBFE484758E51634BA75B08E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=120&slotname=2241740444&adk=1522501397&adf=3132389021&pi=t.ma~as.2241740444&w=728&lmt=1665563998&format=728x120&url=https%3A%2F%2Fkooora2day.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=256&idt=235&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=hBDBavEXao&p=https%3A//kooora2day.online&dtd=243
Frame ID: 51A0DC0281C27C9500E6711F06D7BE8A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&adk=1812271804&adf=3025194257&lmt=1665563998&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkooora2day.online%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998558&bpp=2&bdt=268&idt=235&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280%2C728x120&nras=1&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=250
Frame ID: 80AA3B296C4FD2870FA2FFD9050BC0F5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/error_handler.js
Frame ID: 58138861F32204C8A59A800EE4F715F0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDR9gIQ3_TP0wMY5fOZzgEwAQ&v=APEucNVkBeJiFTU4UMwzRENJ-pTpeds_0mwo1G4gAevqAckkiQ0vMOmHH6IaGjf0frKLb-ZDetxERYI9Fu6PJwLArFxWJsXSbxdTm3iKToNanltYQ6QeB-wJA_p7aR8ZgS2yZLAvIMs4d-dfXB0Cd-ybcn3-73-yJcEpnh2hf-PuZWQEieyea9s
Frame ID: 08419385E84D5317E3E0F4A6D6AAEE26
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1
Frame ID: C16FB2F6DA0131BDA5DE3229E6252D22
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js
Frame ID: 6D7CA114E9C1EA1BE8650A61C34D23A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js
Frame ID: 5D204BA1AB2BBEC30B2F9DD75A038DF2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js
Frame ID: 8B17DC9DF2A09115B1035B3BCDB54217
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js
Frame ID: FC9CB07711EA6B37CFAAA4BEE84136E6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js
Frame ID: 88F9183177DD2D7C66401AE654448CA5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js
Frame ID: 9877CDD5D3D4A5B6BAFE5901678E41BF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EEB65A29A381B4E47DC18E97AD3D5731
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B67C420635D812E767A1C8DC1B5527CC
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2B874190F40F2D361F573515993746C4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js
Frame ID: D950DD04D15BD9C116E3B28F4FCE81E8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BDDE1D82B6FCB3BA0064793138C8D01A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BC60DCBA43B6A1AB75B8C6EEFB956C9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كورة 2 داي | kora2day مباريات اليوم اون لاين ، اخبار و نتائج المباريات

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

196
Requests

91 %
HTTPS

79 %
IPv6

18
Domains

25
Subdomains

23
IPs

4
Countries

2490 kB
Transfer

6143 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGFsAoRZ6TSVe2TZoN_f86Q&google_cver=1

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0Z9X65NHVHtoUaxQ5knqQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGFsAoRZ6TSVe2TZoN_f86Q&google_cver=1

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEK3GV60x70pZsEX1WsDwMyk&google_cver=1

Request Chain 118

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwODU1NzM0NzU5OTI1NzkwNw%3D%3D

Request Chain 142

https://kora2day.online/img/1558306657.png HTTP 301
https://kooora2day.online/img/1558306657.png

Request Chain 143

https://kora2day.online/img/Ajax.png HTTP 301
https://kooora2day.online/img/Ajax.png

Request Chain 144

https://kora2day.online/img/1564172667.png HTTP 301
https://kooora2day.online/img/1564172667.png

Request Chain 145

https://kora2day.online/img/1568919614.png HTTP 301
https://kooora2day.online/img/1568919614.png

Request Chain 146

https://kora2day.online/img/1557221057.png HTTP 301
https://kooora2day.online/img/1557221057.png

Request Chain 147

https://kora2day.online/img/1557751896.png HTTP 301
https://kooora2day.online/img/1557751896.png

Request Chain 148

https://kora2day.online/img/1567290622.png HTTP 301
https://kooora2day.online/img/1567290622.png

Request Chain 149

https://kora2day.online/img/1557221115.png HTTP 301
https://kooora2day.online/img/1557221115.png

Request Chain 150

https://kora2day.online/img/1662519664.png HTTP 301
https://kooora2day.online/img/1662519664.png

Request Chain 151

https://kora2day.online/img/1557535267.png HTTP 301
https://kooora2day.online/img/1557535267.png

Request Chain 152

https://kora2day.online/img/1556824121.png HTTP 301
https://kooora2day.online/img/1556824121.png

Request Chain 153

https://kora2day.online/img/1557391571.png HTTP 301
https://kooora2day.online/img/1557391571.png

Request Chain 184

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 196

https://cdn.rawgit.com/Abdo-Hegazi/wdbloog/6bdae011/wdbloogablock.js HTTP 301
https://cdn.jsdelivr.net/gh/Abdo-Hegazi/wdbloog@6bdae011/wdbloogablock.js

196 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kooora2day.online/ 23 KB
7 KB 260ms
195ms Document
text/html 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae17fe25af8cf90dd182e1146853d1c33f5d05f72b1362a80295ba11ffd9703

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 758e872c1c949131-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 12 Oct 2022 08:39:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Knvch6T%2FlDrH0PW86ax1lFjvw0HB%2FiY5PceyujBGoHbCVRewofOYfpynw4jRK9cLDfsaAFtL9zsqEBEEsyz3SyvAqRPBgJCIzGpAAsaHssOcuPk0CkyYkszRGcE0k5wkNxc5GScZdnF3DORenFDkqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.css
kooora2day.online/css/ 52 KB
8 KB 39ms
36ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/css/style.css
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0d0183224947491a726527bce158846032a026a8c79ab78ebf1443431d5a8e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 May 2021 19:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 567974
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IbVDFRwGxZu2sy5b1QWVYiMMzkiREzjVDZtPcfll1h%2FYIicASMfU43H7lQ8M%2BGHbBc82WY1xsT2I9roqcSXnMtq86cvS4Bq6x%2Fz6jC4Qo9wsmUGv0gGrI5hfCJlq56EdH3%2BsOgMAW3n4qcxnO6lEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 758e872d5f519131-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 12 Oct 2022 18:53:44 GMT

GET
H2 200 style1.css
kooora2day.online/css/ 19 KB
5 KB 33ms
30ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/css/style1.css
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ee6b835b1a8bb878a2e9696ea68c22ac2be9de8050b096f419c49c731cc2640

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 May 2021 19:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 423507
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvwzemejCKO%2FzHwjH1Y2TGz8wS2SFcqcoguNagVruxTdrwe9KVBc6n8yGdGzC5rTWAh5Pz%2BDvvks5nAUcXduSuslNWDTSSBHgWOXD9mFzMSX5I8WfSVmNL1HXRRZVtMyIVBsxyud0JvE3CzZ%2FLT34w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 758e872d5f539131-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 14 Oct 2022 11:01:31 GMT

GET
H2 200 style2.css
kooora2day.online/css/ 68 KB
12 KB 55ms
52ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/css/style2.css
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f1b8bd2eb14a4bfb2496566389f0de0857566996258dbd88b9515dd881ea30

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 03 Oct 2021 11:49:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103919
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Om0%2FqXEukl5la92ogxS5yDDFRUz%2FrDHcR3XxytDGShXbJJslapNy08kmj7L5%2FUxKyhj5KWa6d88jT%2FVUqSZYwxuIY1kbxX3AFeki%2FkFhTL9bhwykc0MwkDpwV2%2ByVJtmo4d471%2F2AyrNx%2BHSZuCUSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 758e872d5f559131-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Oct 2022 03:47:59 GMT

GET
H2 200 style3.css
kooora2day.online/css/ 75 KB
14 KB 37ms
34ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/css/style3.css
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb634d4f1498400e543624543c1b96ddbf8d05d626cec1a203a5c6a55536b8e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 May 2021 19:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 488215
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTCYlWlHw%2B8Y3NcXfS%2Fg5NNmdcyu03SNC0lgkHgrkE7djIz6Sy2VkA%2BDTr%2BcXZBspCD%2FfBtdCpbKEfRM440rgll7BAGSXE2TrFzFBtWQar2aOflsAtPXDNjSuCoVWhc%2BXvC%2Bb5%2F1EK7gDPk5nH9dfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 758e872d5f579131-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 13 Oct 2022 17:03:03 GMT

GET
H2 200 script.js Show response
kooora2day.online/js/ 95 KB
34 KB 35ms
33ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/js/script.js
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9feafa033b9e4149e6fee5caa77dbe2c84f80dcfd7e29405d38ef3131149ba5b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 May 2021 19:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 488214
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFqWR%2FfZTA0te9Odl6ni5rpx28JCZGX9k3BXwppwFpQDQo5UI9YXnDdpBfB7HpkP8ZNn6B%2Fx3x%2FEl5eGZXN6sPf7MIWUmtv6XutjtXtbQfjmGkvnnxLwAaOqEG48i1z%2FdhcQ8Qr%2Fx6IUOcl%2BvRWxhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 758e872d5f599131-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 13 Oct 2022 17:03:04 GMT

GET
H2 200 crypto-js.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/ 187 KB
25 KB 74ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.js

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6826494432163d74fd27e78ad011a13d55e4670441cd49fc9f1e52a4afd28d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1677531
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24518
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-2edc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJRVN4Tt70ugb6zBeFM8CUhOHkmxsUERtx3Fb%2BWp%2BoHjU7MF9yGtxOKZdG8QL41NpqEsgPQgMnKe96MxL4uyplh4BhTQ%2Fhky%2BX03HKHoVS1gn3ZHzasXR1t3CM7Wu7YLZHtZntNbbzjSL6aqt54iHVkP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 758e872daf4c5c9e-FRA
expires: Mon, 02 Oct 2023 08:39:58 GMT

GET
H3 200 so.png
kooora2day.online/ 7 KB
8 KB 44ms
43ms Image
image/png 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/so.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 353c1e8cd3197a81367cb081a0c39e33dd6445ec15735e68b5833b65e2dd5e1e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395450
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7215
last-modified: Mon, 31 May 2021 19:01:53 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uaiS%2FSbw3WXUAKDMSMuX0ydLJljOk2yXvcJmdbAq02bnfG8JXoIopH8kFpTKKktLF%2BXPHsGbKdV6KL4sEE4MYDqJgP89sx06XdJhou9Up5bejsni8gmw%2FNI5OKXxiy6pxrmd2t0Evqn7z3Lni3W1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e872dec789bcb-FRA
expires: Fri, 14 Oct 2022 18:49:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
54 KB 116ms
69ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86ce3d71ee67691cb5f5655c3ad45e0e09f5f39abd51d51d3686f4ed199dc710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54871
x-xss-protection: 0
server: cafe
etag: 1327952394203071934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:39:58 GMT

GET
H3 200 script1.js Show response
kooora2day.online/js/ 52 KB
18 KB 34ms
34ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/js/script1.js
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fae111500cc7ac97add95d1e3338f4b5d722991c712983632339b50c37fb3c59

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 May 2021 19:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 564289
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96HPY%2BfzERpxurV1w5Y%2Fw8bxGT03rBx8xCQDWgEsvV%2FqbAuD6uRSPf0NWNrsMGXEHSgv7JPyIDVFDI%2Bt5AIL3wHznTTXljMmQSkrjtUJzBS%2FNKX0Tr69YZhIzRjYMHEYbfEwz47DhoXEP3rLgNXXLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 758e872dbc199bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 12 Oct 2022 19:55:09 GMT

GET
H3 200 script3.js Show response
kooora2day.online/js/ 180 KB
26 KB 32ms
32ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/js/script3.js
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c224fb222f6a5c316cc4df16c2956060f96961a06f1d61919a465419614a6a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 31 May 2021 19:01:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 82115
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63B2GKF1ifdUWOZFyk1UoOLoJXw%2FVN1ZQCxraGW9%2FT84406pdCR%2FE8Ws81tbvo6f%2FUxGDcSwl689n%2Fydt%2F7lJTuX7rqKWXRbYlm4rcdwnamfXi%2Ftz3r3YfdwTEm%2Fqdqduof0%2BBEJ%2BLgC1LEIs0HlsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 758e872ddc629bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 18 Oct 2022 09:51:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
74 KB 125ms
49ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9CBR5VC63K

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad3a1a418ac23d60ba83d570787eb92d726d89c08fbd2da8dbf1417230554d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74841
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 12 Oct 2022 08:39:58 GMT

GET
H3 200 mtches.php Show response
kooora2day.online/ 15 KB
12 KB 1379ms
1379ms XHR
text/plain 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kooora2day.online/mtches.php?kid=qRJ4MfnWqyvovH&hst=
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d458e9694d76da132a0764d51f5f80198ef0f8f3968c6168a102d72160139af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0gs0jOEFH3yGaaH7jSp4Bwqw5m9H8wBGfPUHel8rkX%2Frmtnc4DXn7KyzqLHmoDNOy%2BhKFY4fvYwVX401idNxNqPobJN70yFaVHOV0fykkMjFK0FVGBQsPpP1QKFlGn64O%2FoXLtKA2ia3WDKw1mhpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 758e872dec799bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 DroidKufi-Bold.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 72ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Bold.woff2

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/css/style1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Origin: https://kooora2day.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 05:09:40 GMT
x-content-type-options: nosniff
age: 444618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31544
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 05:09:40 GMT

GET
H2 200 DroidKufi-Regular.woff2
fonts.gstatic.com/ea/droidarabickufi/v6/ 31 KB
31 KB 87ms
42ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/css/style1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Origin: https://kooora2day.online
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 19:01:39 GMT
x-content-type-options: nosniff
age: 49099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31248
x-xss-protection: 0
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Oct 2023 19:01:39 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210060101/ 353 KB
116 KB 96ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3440197093437636&plah=kooora2day.online&bust=31070256

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35cfe141ff28f49f2437441d03db88901943ae0dac3c2b8f7300477402755e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118737
x-xss-protection: 0
server: cafe
etag: 693785953778918512
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:39:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221010/r20190131/ Frame D070 10 KB
5 KB 69ms
20ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221010/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 23761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 02:03:57 GMT
etag: 9671129459699598864
expires: Wed, 26 Oct 2022 02:03:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
339 B 56ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9CBR5VC63K&gtm=2oeaa0&_p=1844102683&cid=1628939518.1665563999&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665563998&sct=1&seg=0&dl=https%3A%2F%2Fkooora2day.online%2F&dt=%D9%83%D9%88%D8%B1%D8%A9%202%20%D8%AF%D8%A7%D9%8A%20%7C%20kora2day%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20%D8%8C%20%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9CBR5VC63K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:39:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kooora2day.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/ 55 KB
21 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3440197093437636&plah=kooora2day.online&bust=31070256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3479c294ea8ac432b990be3a6e499a2e7e08a65cdbef40399c5403d91417aa1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 18:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21973
x-xss-protection: 0
server: cafe
etag: 14695308871382216921
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 18:46:44 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
648 B 120ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kooora2day.online&callback=_gfp_s_&client=ca-pub-3440197093437636

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebb35848f6b96f0595868b16cc39bfa325919d85003faba12368858aa81ce103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 78ms
29ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=kooora2day.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 84ms
34ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora2day.online

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E208 80 KB
29 KB 464ms
415ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19efc8b61ebe7bc3ef7a92042aa382385c69c747be3e3e022f6a1193d612b0c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30149
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:39:59 GMT
expires: Wed, 12 Oct 2022 08:39:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3351 91 KB
33 KB 475ms
439ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96987a1380a20a0a52700ba526d4c2c28f2dac1c18a12bdac59bf47cc8526b6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33763
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:39:59 GMT
expires: Wed, 12 Oct 2022 08:39:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5417 84 KB
30 KB 393ms
369ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=255&idt=197&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7XAzIuhWLn&p=https%3A//kooora2day.online&dtd=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9a0779d8a973fa6302d6cb434344534ce297b0b574320383df8454a47c979cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31156
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:39:59 GMT
expires: Wed, 12 Oct 2022 08:39:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F66 91 KB
32 KB 483ms
466ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b0a56a279d2c33d885e2d26cfd89b86397680fbb493ac7d19971dc077a6d052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32485
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:39:59 GMT
expires: Wed, 12 Oct 2022 08:39:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 47DB 92 KB
32 KB 435ms
426ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998545&bpp=1&bdt=256&idt=214&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=UITB7Onavu&p=https%3A//kooora2day.online&dtd=218

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6f04e65f51faa47a606d70665a31043b8af1f93433fd56bcd9f77f5f620cbdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32537
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:39:59 GMT
expires: Wed, 12 Oct 2022 08:39:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A17 79 KB
29 KB 491ms
489ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44e4c8cb35f090f7fcfa8934d54d243de324a91b1faf8e60d85846714dc1ec26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29770
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:39:59 GMT
expires: Wed, 12 Oct 2022 08:39:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51A0 21 KB
9 KB 326ms
324ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=120&slotname=2241740444&adk=1522501397&adf=3132389021&pi=t.ma~as.2241740444&w=728&lmt=1665563998&format=728x120&url=https%3A%2F%2Fkooora2day.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=256&idt=235&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=hBDBavEXao&p=https%3A//kooora2day.online&dtd=243

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1722ceb5c77e83b3df2c08d03b07a086e59aee5404f3674ad86a57c133740e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:39:59 GMT
expires: Wed, 12 Oct 2022 08:39:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkooora2day.online%2F&tn=DIV&id=sho&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:39:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
54ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkooora2day.online%2F&tn=HEADER&id=AlbaSport_header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:39:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 80AA 154 KB
43 KB 356ms
355ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&adk=1812271804&adf=3025194257&lmt=1665563998&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkooora2day.online%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998558&bpp=2&bdt=268&idt=235&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280%2C728x120&nras=1&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=8&uci=a!8&fsb=1&dtd=250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cbc39726381687bd46e48378e529dce4be3b8558d86b15eb037660c21c72c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44138
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:39:59 GMT
expires: Wed, 12 Oct 2022 08:39:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 51A0 7 KB
4 KB 135ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=120&slotname=2241740444&adk=1522501397&adf=3132389021&pi=t.ma~as.2241740444&w=728&lmt=1665563998&format=728x120&url=https%3A%2F%2Fkooora2day.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=256&idt=235&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=hBDBavEXao&p=https%3A//kooora2day.online&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0071d47d0a8887e01a161db0a9dc177876a91f023e4e662f8736572c6dbb55c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 22:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3268
x-xss-protection: 0
server: cafe
etag: 4444027641539208282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 22:17:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5417 6 KB
1 KB 134ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=255&idt=197&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7XAzIuhWLn&p=https%3A//kooora2day.online&dtd=200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 08:20:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 5417 2 KB
984 B 138ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:29:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5417 0
0 87ms
74ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-4uHXn1GY6zvMY-siQa4iIKQCvXA_txsnte31tcQ7ZuWr-EfEAEg64PRdmCRBKABqefL4wPIAQmpAvZDUsoERbA-qAMByAPLBKoE2gFP0DlE4Xkl1bPGb-LB90ocusV3JedzWtoHmnQq3lQ64Zuaaz1cr8dKdAmvz_pqPQujH_7eOV1H_JWTLC9focbz0WUR6iSxKu-TCehumjLuIZchX-BR2-jW_H7u-z0NRF_ko8DppuBMbaqxrs1ib2YicQH1T3cgIa_hIismq0fLwOGqCGxPXjaw2kShPdp_D7aRQ2bS7S8SN2QYl7YPiawLwHJCNrxd30nhMCjb9aASJIaJzUr3NV6c58jVH6TEbj807hECIt9ZJIk43dXqIBmtC9yWo2zeT2HC4cAElJXUipcEoAYugAe_mLQcqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQg_kE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMDiBQC0BUBmBYBgBcBshccChoIABIUcHViLTM0NDAxOTcwOTM0Mzc2MzYYAA&sigh=d_VQj_-VIoc&uach_m=[UACH]&cid=CAQSGwDq26N9MGLAKf0GkKTqRtmBAKokJL-Sh8E9URgBIA4&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1631200381&adf=1780538307&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=255&idt=197&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=7XAzIuhWLn&p=https%3A//kooora2day.online&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Oct 2022 08:39:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame 5417 23 KB
9 KB 107ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 5417 3 KB
1 KB 116ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 08:19:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 5417 17 KB
7 KB 104ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5417 151 KB
47 KB 148ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 5417 33 KB
14 KB 128ms
20ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/2821046449865859928/ Frame 5417 21 KB
21 KB 120ms
44ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2821046449865859928/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f2b6f16df08cd88e3875a62dde6b2cfc7d327ce401a43e8cf0266e67afe0b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 23:59:17 GMT
x-content-type-options: nosniff
age: 463242
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21809
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 08:52:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Oct 2023 23:59:17 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15201158318476037583/ Frame 5417 13 KB
13 KB 112ms
39ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15201158318476037583/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b07413d2f47e70984b2db48bc69768960567e80fbc8f519b4922c06dad0a936b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 12:18:39 GMT
x-content-type-options: nosniff
age: 418880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13275
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 12:39:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 12:18:39 GMT

GET
DATA 200
OK truncated
/ Frame 5417 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame E208 6 KB
745 B 34ms
29ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 08:27:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame E208 2 KB
902 B 115ms
69ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:29:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame E208 23 KB
9 KB 79ms
34ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame E208 3 KB
1 KB 73ms
69ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 08:31:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame E208 17 KB
7 KB 76ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E208 151 KB
46 KB 72ms
68ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame E208 33 KB
13 KB 92ms
41ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 47DB 8 KB
895 B 101ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998545&bpp=1&bdt=256&idt=214&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=UITB7Onavu&p=https%3A//kooora2day.online&dtd=218

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 08:22:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 47DB 2 KB
902 B 108ms
73ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:29:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame 47DB 23 KB
9 KB 85ms
49ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 47DB 3 KB
1 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 08:31:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 47DB 17 KB
7 KB 87ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47DB 151 KB
46 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 47DB 33 KB
13 KB 91ms
46ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 3351 2 KB
902 B 103ms
73ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:29:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame 3351 23 KB
9 KB 64ms
35ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 3351 3 KB
1 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 08:31:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 3351 17 KB
7 KB 68ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3351 151 KB
46 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 3351 33 KB
13 KB 80ms
42ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8F66 8 KB
895 B 88ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 08:33:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 8F66 2 KB
902 B 90ms
68ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:29:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame 8F66 23 KB
9 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 8F66 3 KB
1 KB 53ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 08:31:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 8F66 17 KB
7 KB 75ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F66 151 KB
46 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 8F66 33 KB
13 KB 60ms
46ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3A17 6 KB
672 B 85ms
43ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 08:29:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 3A17 2 KB
902 B 82ms
74ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:29:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame 3A17 23 KB
9 KB 54ms
47ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 3A17 3 KB
1 KB 38ms
32ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 08:31:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 3A17 17 KB
7 KB 55ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A17 151 KB
46 KB 77ms
71ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 3A17 33 KB
13 KB 40ms
34ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E208 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COWx8Xn1GY9XPMIiS1wbA7KO4C7rS4uNsxeWCvrMQ2tkeEAEg64PRdmCRBKABn-SKqSjIAQmpAlbniR1oU7A-qAMByAPLBKoEwwFP0D2xsjuulr7DWf_4M3jcbMgZ9MjnwJgrBxKn5Cq2c83qLL6YQBhQjURIIrOsf4dIc3r2WddTqniMZn4munRj7rWkJ_UDycaN7z3qF11xOP8a5X2FckW-gWQI1YSG48-P1uGDG_Q3L2KpBG5Sq-_4nsmuKDd4GexO6dcy70UD-fwzU3yAtcqmB_rE0m5JFneUZ7zS3B5i34PTxZW--8W2rjNcN_xYq6cemulu49M-8LDNXIIiyivYvXYqhrwekHvswm_ABNz29cKiBJIFBAgEGAGSBQQIBRgEoAYugAefnNuIA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEO2DCNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTAogUAdAVAYAXAbIXHAoaCAASFHB1Yi0zNDQwMTk3MDkzNDM3NjM2GAA&sigh=ZaL6QqIvGzQ&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Oct 2022 08:39:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 47DB 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyHIjXn1GY9_WMsuSiQbq7ISoCsXkq7hq0cre58MQmrmIyJAOEAEg64PRdmCRBKAB_--x2ijIAQmpAvZDUsoERbA-qAMByAPLBKoEhAJP0M6rSDpY2odAzghtBKBqcBbxHcUm35RyM5NoR5V-KVMuMoWznTdN-6sKQHOJFh5vmvnOmp1YHrHJrJNeWJ1xB9zWWCfmoC6CJ0OtANd48RrQLCEwIoUjQBehZY3fAqg_kp6A5aca5V0ynEPVQzLADKOBuuGP5amttfgT0wOIO5E7XYg5HddNBpHV-bdahsxnm84RBX1fGJ-A65ufvbjlY2R6f-boCvdz4YMYNS_OuanGj5Fro1d7jbXXFjPHqIar0qx1L1W-8dV-yHh39DzZnyD9wih0wztlff2E-D9OWBtQBC6Qx0O4AGJGR-8faKUorGAuiM7NOTlOlC_HtSS4NE4TccAEyL3jz4EEkgUECAQYAZIFBAgFGASgBi6AB_-ngroDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQs9El0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMzQ0MDE5NzA5MzQzNzYzNhgA&sigh=TVk7DYQTxwM&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=1780191508&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998545&bpp=1&bdt=256&idt=214&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=96&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=UITB7Onavu&p=https%3A//kooora2day.online&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Oct 2022 08:39:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1330591115656907374/ Frame E208 5 KB
5 KB 63ms
63ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1330591115656907374/downsize_200k_v1?w=195&h=102

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35115a3d93830b1edc70caea518f1bb5da0941fabfb9a7124c5705bb7ae6e4a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:46:52 GMT
x-content-type-options: nosniff
age: 435187
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4771
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 14:17:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 07:46:52 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/18120775603513334901/ Frame E208 3 KB
3 KB 71ms
71ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18120775603513334901/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f3c6c64eb56b362407eeb8660c3035ef78a0e81f2e075cab0961bf52c30a2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 08:09:48 GMT
x-content-type-options: nosniff
age: 174611
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2772
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 13:56:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Oct 2023 08:09:48 GMT

GET
DATA 200
OK truncated
/ Frame E208 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 8260090822573625828
tpc.googlesyndication.com/daca_images/simgad/ Frame 3351 10 KB
10 KB 70ms
70ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8260090822573625828?w=180&h=360

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

348506b1732f0ad74a010c86e70c7ad12a5237d1298a71952294faf2df148a69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 06:30:27 GMT
x-content-type-options: nosniff
age: 94172
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9900
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 09:06:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Oct 2022 06:30:27 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3252089363026240092/ Frame 47DB 39 KB
39 KB 41ms
31ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3252089363026240092/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b5ced034948d22e3879e4c02849d73d54c6697b4d0f7c1f64d777090752234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:25:44 GMT
x-content-type-options: nosniff
age: 436455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40075
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 16:08:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 07:25:44 GMT

GET
DATA 200
OK truncated
/ Frame 47DB 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 47DB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8F66 0
0 87ms
75ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9UH_Xn1GY7HOMfGY-cAP2_qXoA7F5Ku4atHK3ufDEJq5iMiQDhABIOuD0XZgkQSgAf_vsdooyAEJqQL2Q1LKBEWwPqgDAcgDywSqBNkBT9BopnBA5v5cOFugNgeyfB_si584zEFyWXoJFv8Rw7SS0CR6ovU55qdsgxH7GOKeT2U3paQ3lfjEFjeDNF9TKK4aCpDeRjjYasPs9ZtU3AlkBN_j-S8pSTlpGsOucmm97n7KKBnv4-YnPNXcZt6vAK_6ePgxz4ZtvAxJFJJfBh5RR1YdF4nCrWI88W2Tejze3dG0gMN94KBX04mk0JMPFhnOHXe0jvxcjHBXG6QJo5tOv3T325JFRd6sOVDFo98tOTnenLBi9HAJj_NS7A8_HoLj7Bw9awRchMAEyL3jz4EEkgUECAQYAZIFBAgFGASgBi6AB_-ngroDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQmOYB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMzQ0MDE5NzA5MzQzNzYzNhgA&sigh=loSGrBikyWM&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Oct 2022 08:39:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210060101/ 151 KB
54 KB 57ms
47ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210060101/reactive_library_fy2021.js?bust=31070256

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b24b4cfae6d6f3068fd85da852f74811870498989ab13dabc02ea3a1f048ea2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55066
x-xss-protection: 0
server: cafe
etag: 2673310690048604081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3351 0
0 102ms
75ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9MZfXn1GY_e8MdyF-cAPs_SU-Av1wP7cbJ7Xt9bXEO2blq_hHxABIOuD0XZgkQSgAanny-MDyAEBqQJW54kdaFOwPqgDAcgDywSqBOABT9B9kUUQHenbGc5tfOBZNAzefe7U4xdUtezPaWKpewn08v5LpwjkgZm1kHpzLeM8gt6h7dxvy_QwCMR0fquS1rLXZKa1rd8TiMsjMceKCj2Gcfm4AOdVAf2wQzJo_d01ZKYwd4z6UO1hVMNYTo5QQRMgnkHNseNEvMdiovN8G1Zewy0s1NBvEMuR4qAthmzEX53kb8VNJotTwZaM7_0Tgi0Kp5ZejAu7BhaVCZsoFsDIqSHxsUaWx99PBiLQGdaW4FOIC5gT0E4SLne_Tpg9LKX6KoNTRfaDs65PKDPmvx_ABJSV1IqXBKAGAoAHv5i0HKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIqAB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMDiBQC0BUBmBYBgBcBshccChoIABIUcHViLTM0NDAxOTcwOTM0Mzc2MzYYAA&sigh=p6eI5-tfkpI&uach_m=[UACH]&cid=CAQSGwCsnQUx6lxNMRTk3gTA9uVTH2LMEvrbU6ZMNRgBIA4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Oct 2022 08:39:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/3252089363026240092/ Frame 8F66 6 KB
6 KB 56ms
29ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3252089363026240092/downsize_200k_v1?w=195&h=102

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b995f724cdeb64c9b8b6a9915c19f9192223a04c13286d6f145754339cae9723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:08:42 GMT
x-content-type-options: nosniff
age: 426677
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6030
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 16:08:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 10:08:42 GMT

GET
DATA 200
OK truncated
/ Frame 8F66 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8F66 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 2728354180183721846
tpc.googlesyndication.com/simgad/3252089363026240092/ Frame 3A17 52 KB
52 KB 54ms
28ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3252089363026240092/2728354180183721846?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e06ceae590196303c9d46c59ff0e87ee08892a6a39ffae841bcf924329ae85cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:48:22 GMT
x-content-type-options: nosniff
age: 388297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52954
x-xss-protection: 0
last-modified: Wed, 31 Aug 2022 16:13:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 20:48:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3A17 0
0 79ms
70ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CW2YoXn1GY-OUMomYZqj2tpgLxeSruGrRyt7nwxCauYjIkA4QASDrg9F2YJEEoAH_77HaKMgBCakC9kNSygRFsD6oAwHIA8sEqgTaAU_QwkHs_Yv0shUwdjpIExVYuQLFn7bgEefq0hya2ujLSDYf64htbJ91HuN7LiHFMC2e5IV6ewc4NukoFi9Oanf-dSmTAU3e32L1O5CNxAQsXZCajoSSLPGczvh_LbGygWsXmiCN73eW08HIvV2fTpEUM_qB-Hw_WO0I4Q-12nqZGjAk5EZLu23dCYjxGZ711nZsI4VkzoYgMVyGCDqb-sBFnf62bHUoGf5ryG0JZ1v8vm65dS088y5wrrwMrHw64bfqC190hJhees7LqF3U8356TFsM6XDHKXdnwATIvePPgQSSBQQIBBgBkgUECAUYBKAGLoAH_6eCugOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC2hwnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItMzQ0MDE5NzA5MzQzNzYzNhgA&sigh=hj7fOAQVdbA&uach_m=[UACH]&cid=CAQSGwDq26N9MTWnUVdETcr5D6a1bYgU5QBhSZQ3WBgBIA4&template_id=484&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Oct 2022 08:39:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 5813 7 KB
3 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/error_handler.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0071d47d0a8887e01a161db0a9dc177876a91f023e4e662f8736572c6dbb55c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 22:17:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3268
x-xss-protection: 0
server: cafe
etag: 4444027641539208282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 22:17:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5813 42 B
63 B 66ms
66ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DozSe1AaIMZQaOL4hxjGNwGC5qqgNO0NnhNekz1f_5nbHfrI8fjA8QAh4q-470NNnTsmWGPalp6PF5q7xCUH5SBLLZOzjQpwGYvWH01OZLLBHIBlo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:39:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 5813 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 08:31:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame 5813 17 KB
7 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26466
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5813 151 KB
46 KB 105ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
DATA 200
OK truncated
/ Frame 5417 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8852fc857fba4d1056e397fddc93afb86f61a8875cf2ff0054b406d2bdcfbf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E208 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 922be0b50931e80e085c694bb41350c216641b246b763293b8ccd9317296ebcd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3351 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5416aa063ddcbc70708d5e2f440b09ffa9b0e93d4327725db10c6100c9f5f7c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5417 15 KB
15 KB 60ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 415506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 13:14:53 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5417 15 KB
16 KB 67ms
28ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 444630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 05:09:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5417 15 KB
15 KB 59ms
22ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 389859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 20:22:20 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0841 624 B
299 B 33ms
33ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDR9gIQ3_TP0wMY5fOZzgEwAQ&v=APEucNVkBeJiFTU4UMwzRENJ-pTpeds_0mwo1G4gAevqAckkiQ0vMOmHH6IaGjf0frKLb-ZDetxERYI9Fu6PJwLArFxWJsXSbxdTm3iKToNanltYQ6QeB-wJA_p7aR8ZgS2yZLAvIMs4d-dfXB0Cd-ybcn3-73-yJcEpnh2hf-PuZWQEieyea9s

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=120&slotname=2241740444&adk=1522501397&adf=3132389021&pi=t.ma~as.2241740444&w=728&lmt=1665563998&format=728x120&url=https%3A%2F%2Fkooora2day.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=256&idt=235&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=hBDBavEXao&p=https%3A//kooora2day.online&dtd=243
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:39:59 GMT
expires: Wed, 12 Oct 2022 08:39:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5813 70 KB
32 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVadFwfvsdQGo6n-fVXlLaHq6ziX3D2a0nxO83svrQzVLfZL3ZRZWHg7Vgtv-eet0qwEsX3yjQTKJV-OAGO9ge77dYwQ&cry=1&dbm_d=AKAmf-AvnkiQe93CVuNOgnSruYCLYEndV0fGbYgAHY6abjF31FuIW-MhE_1-Xl9aU8AzW71WC5R-RvRzPIwxrdAu1iWsPRn8k64LzVMfMV4R6bKkLcagOmk5Jnt7PnkwffpCwe_Up202SOpOwVxW9CcvZRTdhxPTM6PL37-XavRtQYwIUKN8Um-Yw8ObNx9wAucANgP6ymCNnxOOlc88mWX2Cz3Vk5gAJebXb4AEtgTMltmqKzvY69yEH5OsDNNcVJle6-zmG4zyENfR3v9l9C3oRhJi-A3meTIbBggo_MVHX-SFHm_C79ZG40gZj7LuaQxXYSy8PKgd_mdrHkJYuX6Sq2v9U638GQbFox7lGuWRjZntCeElEZsZYqOrBfSxIVdXFe6qfkiOUyGTvHEX2-4VdUzTjIi0tIPmZUvRc2kohK4GRWkswtC9lPSqz_TopQ7E0ERO__aHsKC51frCpP7mujooBaeaEf0BWRidNzoI0vRdA1HKmBVLa-rLm46tJx5fq703DIuYjN1EO3LGpxHXtcbbkGxu4dM_75t2-04ZDtGqISRxdZ9mwPv-5dEkaKp1pvuftnHk7e-FhN5S38Xr0b3D15EHkf4t8ECZKh8yQKgY5a7FaHCbDGk9qV_ZC5Poy2ymxd5UemcbjbrMcmVpNYzbuDfhtUr44HiMyG4y18zSkE6g5ZFpkboKKD1YdWU0UxDzGwBff4oscujo9ibZfMYKRbCnBTzcGDGELIrERKFiDnv90VJ67ydaYnjCtcma5Bn1KWosuZw1AKon56JRRHPlSjgpdhwV4Mjdm6lxYRTr07yo377Y8mTKfCo5qGS4fh6kPBtgJoI9VypSddWqUuHyQrUQH8Vu8Vl7T1LKbcyILD3sl2iCQUlxJTCsWN03M5Xv_5MwAmh9aJ6aHN_9iNSzNGMu5a6c3DeZWOe2njOiKfuTck2AwP-zLy4GtaZPVBrO7C8__8oGZzA8OQX4uMJIMwBPJpn9NgAHnruodgNMMbjJHCG2EkfWjEIdICJghdgGVDiyuammy90ydRBEMEhAH0475yWWloJgFqiP1GlTAVOr1yT3ebdYJ3bmDGd9FMhxbz0Bi3_MqA5ZEqfAyPQU2mY-vrF9WEvMK1L0FOopqJSguAc9iRTzuZFL1FEee1sXaN0rNQ7uLmsDMTpGXNhTDy5RVs4TmyRWgSu6b3K_cQjQT2r-fkl7Dt2mPU-CzQLWKbblJGGKnMOCYJQh1eU8sb9dW5T07vG5ExEZIMbiHCkpzCsMaPSQmAwQ0sSALX8Y6ookvu0tfFgCllp3p3uSvOgZCv8OjrnvZrU0jslekp96HEhRjhUJOIF7uiCjetg8cgivXgY0ZwLbDuPVLznYTJ5NYYPVoKy8ZmI5HO2ivuj1v_Tm2qhewCSkc4kMllr0uaBxmA163m48OxZUBY_s9cef4veliIAINAMWcvQgUYPQy9VWlmad9cf45KaYuQhaaWI-AHLLZ8IUVrUX_U-5qjFzTvMaDIZFjcP9REstdSYUVJO-VPLMdpoNEqAy7_AskNMpDj1xLaI66GDsFBWfRXqQ3woe9arVywzMyNX-YKwm0jLLCt3adAnaFwGhwz6Y8jI5ItLkZZxYVvhCTQw-7ungNcOxtWrpG3ok-3LL9VfpePAQ0ChBnoxHz_c-dxLQpFMdhRVlG9RmgnexxHQWGsckj4n_-L9xdUvMziiKy5Wt4ulYZPB_WvacVxTrBAwbRmPSyJomSPY_pYEuC8ZzaWTB0ozL_OAZJPGy8rBwv4flsojapFib4z8BWLqwg1cnqpGEjlxrvPjJN-05QtkCqeBzgp5yRBLfrGrpu7xI5O-3Iv8rYP31SgnsKN9xIazryO4AsCldO6F7dWg12cHWU1e-gZRMw_kfElDBIc1jbSnR0dnx1Z6yPre-_wdhl44jSQpt_6SEYp0Y46jvWa-1D0jm2l2mivKM83MTGgvhOSOGBsLarSvvbyHV0BCKatwA9d8emeDxi6nG8ZnPXQQDmLjYdDlHIPALNiIVBrZgs-FBrTcHaRZUPaNIctIgYl9b_WP6vTpLMT6BsHp0wH68aWcXtZQ3H6pa3G6NynOra7YEL3QFBYNMMrVkg6oeqlNFUk8AnymQvQRLYW1ZG0Zr_JG23wYZl54GsjuXbYBqnWfHBQ31OKDl-ghYVAqqBuj-N-TGDutO7toS2X7CGIY02ugHpMMT5B2_CdWuFy3wLlhBYuD-IMCuCyyuIxXrjP8Sn6Vh86ZWzLHWYZWLiOUhvvpTNYs8ApDDz9LlMpnZaWpArhxynqVr8urv1dkOTkqle9faKjsIbwe1_g8y5Pg_98Z_dsgNXu_aOxQxY40BQftS4VhA9Ou8hDBMLKddkXaDpCO9Vlx_UWejXxxvnmKvXF54lU9Ratkz4djR0VZNvdHvUpvfz-pOy4kLGVjXNi7M0QXnnZOIK7QCncCrO7RFdnVQMT_WksavStcIdS8js5K_vGIs8V6uEKbZJkY6NFYanepdOxQQ9B7JXc-vSXKxOpaqWzBbGluo4awK2eXsbdYNTOvn7ZqwEbeZrIwvv8lpyUGuPy2V153-mD0xp35XYzZYMthk0hcvSs5OEglnpv490vwINGkZopogg_AJ8MBtKSuehtsfvz5xPhTG3HIKIqmldCIKe44rUC6iPlIzp-RxkNGlA3Xy-2VdzyNDF4BYx6BLoMLfKk_gvlF3EjHdUpcv2LNgyUDTPVYhBjxjoDJ_V9dmQKQ-oW6RrqVRaHS7ONfPJnuO5SVNPW0tjJTeUTqMtexrMmj-oIBvgvka8SFStRUe9A6-yNdO5yoy85lzOqct5Zgi29RpgYoi1_rbzwwGBwmtJWRFqTmbc_-1NdqY0q1tRDnIQ2LbuCAN4FVPwFFKWHJKV-w_zhH1Klc1IXDrss0vNDHnuLMQfPz7DQqmS4r6HbkeWHzhl6bgKFEorP8lGZ5g9WQZcYr7VZ5Zrr_1Q-nAa_Xjb1WTzVlFYwhLb5TZnRbBcsQqVxoQsv6kaqjsRk3X9hKXFp2nZa6JbMhv13p26cCR9NNapAAE6m1STJti0Yzfp39YBPWiYaXZs_nE_H61Y3Fw_lDwfki1PuVDUw&cid=CAQSGwDq26N9dsWZxGdU-UPg9jQu0cOyf17lsZtHlBgBIA4&rfl=2%2Chttps%253A%252F%252Fkooora2day.online%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

410ede18b34dd10c6c515afdc7ad37b950a7a607c7d18fc5d03f5d2f51ab82a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=120&slotname=2241740444&adk=1522501397&adf=3132389021&pi=t.ma~as.2241740444&w=728&lmt=1665563998&format=728x120&url=https%3A%2F%2Fkooora2day.online%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=256&idt=235&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1105&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=hBDBavEXao&p=https%3A//kooora2day.online&dtd=243
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33090
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E208 15 KB
16 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 444630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 05:09:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E208 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 389859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 20:22:20 GMT

GET
DATA 200
OK truncated
/ Frame 8F66 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3feccffd3fccb0f8ce7e454c8215a7d70e0af7e5abac9b27d5e7dadd52e29f44

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 47DB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d772805f78c8f21bfa3cf08ccd88d26499a98842c6cc54e1b66388e8d3d79601

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 109ms
44ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=kooora2day.online

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 82ms
33ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kooora2day.online

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/ Frame C16F 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 72950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Oct 2022 12:24:09 GMT
etag: 9671129459699598864
expires: Tue, 25 Oct 2022 12:24:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0841
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGFsAoRZ6TSVe2TZoN_f86Q&google_cver=1

43 B
766 B

43ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGFsAoRZ6TSVe2TZoN_f86Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDR9gIQ3_TP0wMY5fOZzgEwAQ&v=APEucNVkBeJiFTU4UMwzRENJ-pTpeds_0mwo1G4gAevqAckkiQ0vMOmHH6IaGjf0frKLb-ZDetxERYI9Fu6PJwLArFxWJsXSbxdTm3iKToNanltYQ6QeB-wJA_p7aR8ZgS2yZLAvIMs4d-dfXB0Cd-ybcn3-73-yJcEpnh2hf-PuZWQEieyea9s
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 08:40:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:39:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGFsAoRZ6TSVe2TZoN_f86Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0841
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y0Z9X65NHVHtoUaxQ5knqQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGFsAoRZ6TSVe2TZoN_f86Q&google_cver=1

43 B
766 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGFsAoRZ6TSVe2TZoN_f86Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDR9gIQ3_TP0wMY5fOZzgEwAQ&v=APEucNVkBeJiFTU4UMwzRENJ-pTpeds_0mwo1G4gAevqAckkiQ0vMOmHH6IaGjf0frKLb-ZDetxERYI9Fu6PJwLArFxWJsXSbxdTm3iKToNanltYQ6QeB-wJA_p7aR8ZgS2yZLAvIMs4d-dfXB0Cd-ybcn3-73-yJcEpnh2hf-PuZWQEieyea9s
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 08:40:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGFsAoRZ6TSVe2TZoN_f86Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0841
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEK3GV60x70pZsEX1WsDwMyk&google_cver=1

43 B
1018 B

263ms
262ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEK3GV60x70pZsEX1WsDwMyk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDR9gIQ3_TP0wMY5fOZzgEwAQ&v=APEucNVkBeJiFTU4UMwzRENJ-pTpeds_0mwo1G4gAevqAckkiQ0vMOmHH6IaGjf0frKLb-ZDetxERYI9Fu6PJwLArFxWJsXSbxdTm3iKToNanltYQ6QeB-wJA_p7aR8ZgS2yZLAvIMs4d-dfXB0Cd-ybcn3-73-yJcEpnh2hf-PuZWQEieyea9s

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 08:39:59 GMT
AN-X-Request-Uuid: 29e9ab2d-bd0d-470a-ad13-26c4d37fad9b
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 95.211.199.145; 95.211.199.145; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:39:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEK3GV60x70pZsEX1WsDwMyk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0841
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwODU1NzM0NzU5OTI1NzkwNw%3D%3D

170 B
188 B

42ms
41ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwODU1NzM0NzU5OTI1NzkwNw%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 12 Oct 2022 08:40:00 GMT
AN-X-Request-Uuid: c4154c23-d6ba-41b6-82f0-f0ab1a5390f6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcwODU1NzM0NzU5OTI1NzkwNw%3D%3D
Connection: keep-alive
X-Proxy-Origin: 95.211.199.145; 95.211.199.145; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8F66 28 KB
28 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 604515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 08:44:44 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 47DB 28 KB
28 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 604515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 08:44:44 GMT

GET
DATA 200
OK truncated
/ Frame 3A17 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dff340d1c6e8131192239fa6871c82165a07d6fd468e85b2633ef2a82f1db2f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D7C 36 KB
16 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 20:45:27 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 3351 63 KB
24 KB 79ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=3344307226&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998543&bpp=1&bdt=253&idt=189&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=UvrWqiTmj8&p=https%3A//kooora2day.online&dtd=194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 07:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3070
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23659
x-xss-protection: 0
server: cafe
etag: 898360552121563568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:48:49 GMT

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D20 36 KB
16 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 20:45:27 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 5417 63 KB
23 KB 91ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 07:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3070
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23659
x-xss-protection: 0
server: cafe
etag: 898360552121563568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:48:49 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3A17 15 KB
16 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 444630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 05:09:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3A17 15 KB
15 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 389859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 20:22:20 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3A17 15 KB
15 KB 29ms
29ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 415506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 13:14:53 GMT

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B17 36 KB
16 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 20:45:27 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame E208 63 KB
23 KB 90ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=3401964455&adf=1183496586&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998539&bpp=4&bdt=250&idt=161&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&correlator=1865243603900&rume=1&frm=20&pv=2&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1450&ady=75&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=6DYb6QCE1W&p=https%3A//kooora2day.online&dtd=184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 07:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3070
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23659
x-xss-protection: 0
server: cafe
etag: 898360552121563568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:48:49 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame 5813 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVadFwfvsdQGo6n-fVXlLaHq6ziX3D2a0nxO83svrQzVLfZL3ZRZWHg7Vgtv-eet0qwEsX3yjQTKJV-OAGO9ge77dYwQ&cry=1&dbm_d=AKAmf-AvnkiQe93CVuNOgnSruYCLYEndV0fGbYgAHY6abjF31FuIW-MhE_1-Xl9aU8AzW71WC5R-RvRzPIwxrdAu1iWsPRn8k64LzVMfMV4R6bKkLcagOmk5Jnt7PnkwffpCwe_Up202SOpOwVxW9CcvZRTdhxPTM6PL37-XavRtQYwIUKN8Um-Yw8ObNx9wAucANgP6ymCNnxOOlc88mWX2Cz3Vk5gAJebXb4AEtgTMltmqKzvY69yEH5OsDNNcVJle6-zmG4zyENfR3v9l9C3oRhJi-A3meTIbBggo_MVHX-SFHm_C79ZG40gZj7LuaQxXYSy8PKgd_mdrHkJYuX6Sq2v9U638GQbFox7lGuWRjZntCeElEZsZYqOrBfSxIVdXFe6qfkiOUyGTvHEX2-4VdUzTjIi0tIPmZUvRc2kohK4GRWkswtC9lPSqz_TopQ7E0ERO__aHsKC51frCpP7mujooBaeaEf0BWRidNzoI0vRdA1HKmBVLa-rLm46tJx5fq703DIuYjN1EO3LGpxHXtcbbkGxu4dM_75t2-04ZDtGqISRxdZ9mwPv-5dEkaKp1pvuftnHk7e-FhN5S38Xr0b3D15EHkf4t8ECZKh8yQKgY5a7FaHCbDGk9qV_ZC5Poy2ymxd5UemcbjbrMcmVpNYzbuDfhtUr44HiMyG4y18zSkE6g5ZFpkboKKD1YdWU0UxDzGwBff4oscujo9ibZfMYKRbCnBTzcGDGELIrERKFiDnv90VJ67ydaYnjCtcma5Bn1KWosuZw1AKon56JRRHPlSjgpdhwV4Mjdm6lxYRTr07yo377Y8mTKfCo5qGS4fh6kPBtgJoI9VypSddWqUuHyQrUQH8Vu8Vl7T1LKbcyILD3sl2iCQUlxJTCsWN03M5Xv_5MwAmh9aJ6aHN_9iNSzNGMu5a6c3DeZWOe2njOiKfuTck2AwP-zLy4GtaZPVBrO7C8__8oGZzA8OQX4uMJIMwBPJpn9NgAHnruodgNMMbjJHCG2EkfWjEIdICJghdgGVDiyuammy90ydRBEMEhAH0475yWWloJgFqiP1GlTAVOr1yT3ebdYJ3bmDGd9FMhxbz0Bi3_MqA5ZEqfAyPQU2mY-vrF9WEvMK1L0FOopqJSguAc9iRTzuZFL1FEee1sXaN0rNQ7uLmsDMTpGXNhTDy5RVs4TmyRWgSu6b3K_cQjQT2r-fkl7Dt2mPU-CzQLWKbblJGGKnMOCYJQh1eU8sb9dW5T07vG5ExEZIMbiHCkpzCsMaPSQmAwQ0sSALX8Y6ookvu0tfFgCllp3p3uSvOgZCv8OjrnvZrU0jslekp96HEhRjhUJOIF7uiCjetg8cgivXgY0ZwLbDuPVLznYTJ5NYYPVoKy8ZmI5HO2ivuj1v_Tm2qhewCSkc4kMllr0uaBxmA163m48OxZUBY_s9cef4veliIAINAMWcvQgUYPQy9VWlmad9cf45KaYuQhaaWI-AHLLZ8IUVrUX_U-5qjFzTvMaDIZFjcP9REstdSYUVJO-VPLMdpoNEqAy7_AskNMpDj1xLaI66GDsFBWfRXqQ3woe9arVywzMyNX-YKwm0jLLCt3adAnaFwGhwz6Y8jI5ItLkZZxYVvhCTQw-7ungNcOxtWrpG3ok-3LL9VfpePAQ0ChBnoxHz_c-dxLQpFMdhRVlG9RmgnexxHQWGsckj4n_-L9xdUvMziiKy5Wt4ulYZPB_WvacVxTrBAwbRmPSyJomSPY_pYEuC8ZzaWTB0ozL_OAZJPGy8rBwv4flsojapFib4z8BWLqwg1cnqpGEjlxrvPjJN-05QtkCqeBzgp5yRBLfrGrpu7xI5O-3Iv8rYP31SgnsKN9xIazryO4AsCldO6F7dWg12cHWU1e-gZRMw_kfElDBIc1jbSnR0dnx1Z6yPre-_wdhl44jSQpt_6SEYp0Y46jvWa-1D0jm2l2mivKM83MTGgvhOSOGBsLarSvvbyHV0BCKatwA9d8emeDxi6nG8ZnPXQQDmLjYdDlHIPALNiIVBrZgs-FBrTcHaRZUPaNIctIgYl9b_WP6vTpLMT6BsHp0wH68aWcXtZQ3H6pa3G6NynOra7YEL3QFBYNMMrVkg6oeqlNFUk8AnymQvQRLYW1ZG0Zr_JG23wYZl54GsjuXbYBqnWfHBQ31OKDl-ghYVAqqBuj-N-TGDutO7toS2X7CGIY02ugHpMMT5B2_CdWuFy3wLlhBYuD-IMCuCyyuIxXrjP8Sn6Vh86ZWzLHWYZWLiOUhvvpTNYs8ApDDz9LlMpnZaWpArhxynqVr8urv1dkOTkqle9faKjsIbwe1_g8y5Pg_98Z_dsgNXu_aOxQxY40BQftS4VhA9Ou8hDBMLKddkXaDpCO9Vlx_UWejXxxvnmKvXF54lU9Ratkz4djR0VZNvdHvUpvfz-pOy4kLGVjXNi7M0QXnnZOIK7QCncCrO7RFdnVQMT_WksavStcIdS8js5K_vGIs8V6uEKbZJkY6NFYanepdOxQQ9B7JXc-vSXKxOpaqWzBbGluo4awK2eXsbdYNTOvn7ZqwEbeZrIwvv8lpyUGuPy2V153-mD0xp35XYzZYMthk0hcvSs5OEglnpv490vwINGkZopogg_AJ8MBtKSuehtsfvz5xPhTG3HIKIqmldCIKe44rUC6iPlIzp-RxkNGlA3Xy-2VdzyNDF4BYx6BLoMLfKk_gvlF3EjHdUpcv2LNgyUDTPVYhBjxjoDJ_V9dmQKQ-oW6RrqVRaHS7ONfPJnuO5SVNPW0tjJTeUTqMtexrMmj-oIBvgvka8SFStRUe9A6-yNdO5yoy85lzOqct5Zgi29RpgYoi1_rbzwwGBwmtJWRFqTmbc_-1NdqY0q1tRDnIQ2LbuCAN4FVPwFFKWHJKV-w_zhH1Klc1IXDrss0vNDHnuLMQfPz7DQqmS4r6HbkeWHzhl6bgKFEorP8lGZ5g9WQZcYr7VZ5Zrr_1Q-nAa_Xjb1WTzVlFYwhLb5TZnRbBcsQqVxoQsv6kaqjsRk3X9hKXFp2nZa6JbMhv13p26cCR9NNapAAE6m1STJti0Yzfp39YBPWiYaXZs_nE_H61Y3Fw_lDwfki1PuVDUw&cid=CAQSGwDq26N9dsWZxGdU-UPg9jQu0cOyf17lsZtHlBgBIA4&rfl=2%2Chttps%253A%252F%252Fkooora2day.online%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11730
x-xss-protection: 0
server: cafe
etag: 9319256901541695429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:26:45 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/elements/html/ Frame 5813 8 KB
3 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:26:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:26:25 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5813 0
622 B 135ms
66ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuqqDElV7Ekb4RtUl9Jnm_pnTQZ2_Xywkq7uS1KJ9i97HecDczURsgZmv3fOkmgMaIaCXQTJXHQswZ_nvk3b3Ol_Ux7FEgfRbQPG64XV5M8XazoY6CZpnOZJ9NrN7cBm6iYOZfSo-u3q2-flKDF28fxiVCz3TEnHg2R_fHovOqWjb5KtPEM7G8jXdavcZIZHT2RDN2HaeEuUeFf4vTUh7IdzF_ueCMjUkVVlYOaScWEJPgrXnDq4BwPW1NX3AZCR1x0FXymhN02GSQLD_FrG5gflGU6xNxiwj6Ywv484gv-ArA9-qgCaAK9Rb4EEtyuh-K5Ud3vhg68EhLAdDErrE-pKCKE8D-MuKXe9s2ziX4ZVXp5WmjZEH0hbtJmSsIJFk6D7Ekvm5Fk0MaiItZCnQAN0RSF9EdcZV29MhEMGQ2MC430CS0xQdx8P45awt858shJrw69W3JYH1UopBqTT08OX0Mh7HFdn__4_jRvizTvvmzHSYSCfaiUItPFEnYRr4pNzfVh7oOG1hILVCEe1MDO_8XlRT9_SUWZdnoEKVEo3XLld99Qt98OyzPraaEHfqe-5fx94j5iw8yds3Mt81Hk_GbPbqgG0hDJcwPykt1rTn9jZ4uV6ZDzJbv-PqupZddIz9pnOlnZl6T0t6sccNDh_WIjwVI2akR6Nkoue7Nb7TCEKELXvI-SI8c1Qm6pSwN67ObO8naPd4vLFBfCEHUWdzZHMv10MJrC-u3rse2JcVNtl60M8YGfzX6rURzLWqlxgVqESjr1-oZ7z9HfbEgeADR6qiEhHXo1bjBkq0y6-nBFR8HfbFIEYirP47pJHquEb8BgPF4YSByGF6Lr6LsZFds7502O1OisUBRQoGNg9HxrN0Ax5-Gdwld1UgYr91KX7d_b649npf4T1SQRdY7mIwxGQHQYE_jjoDYCS8jcTCfuGXSGnhShwXm-FLWAEcvZK3hmfymKbRbw8mp3wZGdrl25NrJLkngL13C_PzqgJ48jLLuUbQM4LsNU-9bfsTnnRfJiXaD0rDhYBmeCZz_8U3EQXqNMCsjEv0rNY9D0yYQPMtYgf5IhfuWOpTAYVURfaE6xZnsu8qexDXsF5iIvwN3UsVuemf3GEofQUK8p8Mu4UtfUuxsshZatijUkS2B2PJM5wKSI72yhRH0YpAT5956i_AfVxFfnydyvahkRcauG6w&sai=AMfl-YR7m1CMEVIhzdR_y_F0iWA0cfH3_q_Laxul-13EoRqKpxTCq5zEx1BKJZyAjnWbq3R_4l-q5TPj2FqF0-xSkcBg5DiQ5PcialvNNNAvfrcdHThis2-YiYnzz47nchDNZYU9-LK9J4u4QFoJNOPDfWWg0Q0cN1wNdseeVUlul3lYhqCR1BSk5el6qg&sig=Cg0ArKJSzJUFWvh4zqETEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221010.98087&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Oct 2022 08:39:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5813 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 21:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 21:11:06 GMT

GET
H2 200 5119467611183570424
s0.2mdn.net/simgad/ Frame 5813 13 KB
13 KB 91ms
21ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5119467611183570424

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00bb5b723dab69870efc1fe86d77a806480cca2164f0bd5f7ecd30619f1d756b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 06:47:05 GMT
x-content-type-options: nosniff
age: 93174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13154
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 15:47:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Oct 2023 06:47:05 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame C16F 4 KB
636 B 41ms
37ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 08:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 08:27:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 08:39:59 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C16F 205 B
229 B 24ms
21ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 07:35:17 GMT
x-content-type-options: nosniff
age: 3882
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 12 Oct 2023 07:35:17 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C16F 604 B
628 B 24ms
22ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 05:35:37 GMT
x-content-type-options: nosniff
age: 11062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 12 Oct 2023 05:35:37 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/elements/html/ Frame C16F 19 KB
8 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:19:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0
server: cafe
etag: 5516984893510486959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:19:40 GMT

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame FC9C 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 20:45:27 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8F66 63 KB
23 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=600&slotname=5433141882&adk=1841527856&adf=3453896071&pi=t.ma~as.5433141882&w=150&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=150x600&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998544&bpp=1&bdt=254&idt=203&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=RxmkiR8onE&p=https%3A//kooora2day.online&dtd=212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 07:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3070
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23659
x-xss-protection: 0
server: cafe
etag: 898360552121563568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:48:49 GMT

GET
H3

200

1558306657.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1558306657.png
https://kooora2day.online/img/1558306657.png

6 KB
6 KB

41ms
41ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1558306657.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55d7551c41ac02b33b2212148fc04a86d055f54a8e5630f6df58e80d5b4b4c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57332
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5700
last-modified: Sun, 09 Oct 2022 11:50:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BYjZZvkvay1wO6%2Fkfu6tGPGDmzOfRYNsWXmT4CZDyc2LPolQhXhlf25E%2FWwVqaIeRKa2csnkqnH5q7rxf9BDUHhgiyEuv21MqpRk6sxfa5Z0jmLXEUioNRHLXoK3C8KRRnAQhFVU%2FHisB9e0oF1HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e87391d339bcb-FRA
expires: Tue, 18 Oct 2022 16:44:28 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCnJNO%2Bbnqwga5zl%2B%2BKEpykT7R1iMr8Ucb0uEcr8BOwouUukb%2FKZfMHuJJfSjdf9gCyVmQfUjxbPqVLp%2BknuH1snkWcXkEZqf%2FaJVP%2FPJtbsZIP%2FtvoIm4dairqMY%2FnhqBJsmaKxiFAwVadQepA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1558306657.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87381da0914a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

Ajax.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/Ajax.png
https://kooora2day.online/img/Ajax.png

64 KB
65 KB

1080ms
1079ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/Ajax.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eb18d4a3dc3cf7b96c81faf4b6ec93fef85f16e3769225607dafc5d6aa197a5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:01 GMT
cf-cache-status: MISS
last-modified: Wed, 12 Oct 2022 07:26:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZ%2Bz8R3zL%2BgtBkk672QRu321ZAYe9xryM1p%2B716BPebHNgZbt2sWF4c8WE7Ovvf8tm3ztFVmjc1YTTCxG%2B33lG8z5UmzQRIIavFIa4A0NG0opOP2M34k3xcW6MO%2FnWKz24gbv4Uyq2QYuV9vhu1Pqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e87391d2c9bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65573
expires: Wed, 19 Oct 2022 08:40:00 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIGN8T7CGj5GMkPU2CBUZtyf3H9%2BvQWm%2FdvZ0zLXC5tZvIWU07cw2OYmKDqSC3ZgIUmnHoG2JMGLn6EGq911mLz4cbAqu4rgoSN36v%2BNY%2BG%2Bo%2F51k%2FeB4IimHT1ZfNOPCARfDE1kXazrv3CL%2BO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/Ajax.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87381da5914a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1564172667.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1564172667.png
https://kooora2day.online/img/1564172667.png

4 KB
4 KB

506ms
506ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1564172667.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6936ea19849e01173fad2dce719bf902cd609ea52610e2a14ede6496082cb4a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: MISS
last-modified: Wed, 12 Oct 2022 07:31:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vd%2F6OAAkUAiwJ2fuoi9az%2FPK13LMqjlxA%2Ba%2FjhKjQzyRJPUD3CvLEdHhWrkjcDnSR%2F5ylNDmyG31gEyIa0%2B%2BNEO%2FOr%2F%2B5KRS%2FkBweXjCxog0L9gBDr2DtFu5%2FNCwItX4hUMysSWrYXBKdj3q0oy58A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e87391d259bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3991
expires: Wed, 19 Oct 2022 08:40:00 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yeB6oKWwa4sQKVUA0c4hyz5k9POkuHWmu%2B%2Fskb%2BioPBHWFR1n0srHxajNAaF9Y77F0yqtqrk%2FLdju9N9aJSGBQpsWyU7wtOPitkVWgixUbw%2FuMxYTEek4vQDCnEiGxac8Hwx79OshgVsbxh%2FlkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1564172667.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87381da7914a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1568919614.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1568919614.png
https://kooora2day.online/img/1568919614.png

8 KB
9 KB

488ms
488ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1568919614.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b54fec2159920fccd0a99412ef3ffb65b034a6c59e814b36c825ab899b0591c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: MISS
last-modified: Wed, 12 Oct 2022 07:31:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AHY4oKMDf%2BWQboWv9xYYX7ZNK6eF%2FTS%2B6i%2BzkfItDEuLyO5R6iyHk5T4sC032jMY%2FNBDqlLpQgrBPJFFuuk%2BHBOQeF7oOSojCFGjWRX1WFvcGVUimGuLQv3oS5YvlccUxzWRHyl7kOKQs0XJ3FYTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e87391d189bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8395
expires: Wed, 19 Oct 2022 08:40:00 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24z2x6ZdzzCTNlC0pQopdKO1EabwHe0q9D%2FyrnI%2F82x0dqFu5UbJjgYXLBEluqaBMukRWO30%2B3uHATJEUEwOR5t546XqOrTWv%2B1zCSGZES34OgIAbEIoRyb33aRr6HPPTX%2FiiCJM3HmG%2BA%2BdoZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1568919614.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87381d9b914a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1557221057.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1557221057.png
https://kooora2day.online/img/1557221057.png

6 KB
6 KB

44ms
44ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1557221057.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b88da02687f5436ca46111be2e264021130e660393d15449d273b24823de8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49361
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5701
last-modified: Sun, 09 Oct 2022 11:50:35 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJ0csyduk9YuO7yVJaDPCTGci%2FmKMj2UFleAyaT8mSjeN1FT91%2BNWOhFGO8TlOXS%2B9w4IMCPlvPpZf34RfrwlVkNj958gpHchmtJe2j7gth1bbWCB5hinz06cXpPthETI4Yb1%2FsjP%2BEKcPcOUitPng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e87391d389bcb-FRA
expires: Tue, 18 Oct 2022 18:57:19 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZscSbMi50MMlzZCUFsVRAMc7npiWECPlpBG7OUdPiu5FJ0RaVyeZ33pkpj%2FCfY8WMA1c86BqYQU5kf1uc5E8Sx2BPQdAh9ZWuRiXockRbzCc0VcXC05b4yWubbCZFhkkwDaxabG7RHiJ439ARc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1557221057.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87381da9914a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1557751896.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1557751896.png
https://kooora2day.online/img/1557751896.png

7 KB
8 KB

36ms
36ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1557751896.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6daa6a5ae9a36124f29a0424ef183f1c5a81a258ff565b71aeb3ad0de4f7d413

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49360
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7456
last-modified: Sat, 08 Oct 2022 06:52:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6aMDZdFCZcdBa9cC1C3kKoxq%2F9SORMZ8dxGWnyReIV3%2F%2Bb4l9OFxbKR5yIUTHKgaTvO5AdwEnyhrpj8LaJYgXVjJIUPqTimcrQ6ydaG3XW2Mq4DIdiT0%2BrLOcaqnkqt2C5dPloLH4FK6VcYBmHo5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e87391d149bcb-FRA
expires: Tue, 18 Oct 2022 18:57:20 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XouJcbiIqL8LdXtHviCWg%2BEiXEmkC1osaRx3Kv3n514%2Fw%2F%2FdsZtjJC%2BLXKNYjVtqZbPXqkrWkl%2BFgzk%2FqnhhL3UeroGSvPiqToQL9oCzeMaRuX140ismU7y53jH7qtRmrADoB6voMX2Dnlar29k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1557751896.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87381d9c914a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1567290622.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1567290622.png
https://kooora2day.online/img/1567290622.png

10 KB
11 KB

649ms
648ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1567290622.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33f8a4f01d0f1275202b92a8af81d0bfa7f3aec43d4a0c42b9f4932a0b1ff8a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: MISS
last-modified: Wed, 12 Oct 2022 07:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwkiafPC8rLtnez6hd41NJM0AFoS5xUye0forH0nszEU%2BczXz0k2TVCmJW5oa%2BxnMXyLQO7%2FJh7p0SDGAkHECT5cGed%2BFHt4EGNqNT%2Ba%2FlKGL7VUFIaKVpQ6czf6YPg29q56Ie6pdCevZOCblom5hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e87391d1d9bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10602
expires: Wed, 19 Oct 2022 08:40:00 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkfAMRkO1awOuvt2Rix%2BZMlmSiWYUwWI%2BJnxsJDo1icxrosQjdDn6Ki6JMKWCV41Gv72WilLHbZMC63QPt48oefP5NkykdH0rEUBQcU%2Bjk04t6KWo5gr5NF8DylDfAvBV9P8ZpTjFcLpvw9U4ao%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1567290622.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87381da8914a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1557221115.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1557221115.png
https://kooora2day.online/img/1557221115.png

10 KB
10 KB

29ms
29ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1557221115.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948d46866167f73d90da2bec3a6fd22cb2af32def3cb7400c87a92478e52045e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 489103
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10082
last-modified: Tue, 04 Oct 2022 05:39:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NW3BgHeiYSoiDf3yCa58XSFQsLhCn%2B6h0KMWFxrGhgKqF4Fb5DxI%2FPM6q8hzLRuyaWhDGB6TQBwD6NzXKHEocKKYgEhAcPgPtMdy42Undo%2BFVhct3Y3e%2FlVIVw1YtvyFsn%2BC69PqORN6Qr5JbKQtXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e87391d229bcb-FRA
expires: Thu, 13 Oct 2022 16:48:17 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wikTDLmZEjjEtC6JmE4l7A4yLkRai00HDuVJx8KvBIY7fImGUvcX9I%2BPduTkPFg1Hyn6XLG4QfevNFmuCvBXjf8H31ZxSeVi4pCJYuL%2FNiTU8KXKJSTPi2%2FWIG3%2F4EKkrz9d3D%2FTMoE0qEaBgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1557221115.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87381d99914a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1662519664.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1662519664.png
https://kooora2day.online/img/1662519664.png

7 KB
7 KB

1380ms
1380ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1662519664.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bb50004961baa5355fa82192c5fb82050a38f1f8868df934f727131ee8ba7d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:01 GMT
cf-cache-status: MISS
last-modified: Wed, 12 Oct 2022 07:23:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yswevyD%2FQFQc9GPXxyImL6zT68Ht%2BnKQW%2BdFOJTpc6PEcyyPdtvD7TdWHdTlFqqftEwReGazKiiUhRDzShvwdTEor9Vy2G6dUiIyolTRHe1euhuYbNv7u%2F2zJYBYLaWrZ8NuxheQjdP0faZfI8X07A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e873b9a559bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6763
expires: Wed, 19 Oct 2022 08:40:01 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODsqbqnftT3RltO3AdS0S9ooKysqjlXGWEQJKcKfCSlqZ1Vq5sF34HXfMPsEDhM3IomA4IAOzBTVpNcHqF6CUhdrXmjaacUv6J%2FNp1jFPuUBlJX%2BonYiH2gj3b0laTGJAHrLqTO7gP%2FjRH0%2B0Ds%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1662519664.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87397b7a91e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1557535267.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1557535267.png
https://kooora2day.online/img/1557535267.png

8 KB
9 KB

27ms
27ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1557535267.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c73e32112ded71759b5985f0025184e985ff1562d994458b37b93452ec1b6e9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57333
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8386
last-modified: Sat, 08 Oct 2022 06:52:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcTlhURdpobipztqmxPOMPontApnURxZTlrnwVtiLVxQ3v1eKAi4E4L7OwtY3owi5La%2B2Q6F23RvvEiGe7zZBaCzRJXqMPvIzo0oCRgA3jNkF%2BdtggWxtlesroBBUXgk549aPy7FSXrvMknAf%2FIIMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e873b9a599bcb-FRA
expires: Tue, 18 Oct 2022 16:44:27 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12rt48hIOElMRRqamfkhV65Kx4QUL331BkAEA5PZ87PwrUnt%2B9uQRSB2wJEhlT%2FQlpmTeFjVIrCzy79aAp4kpn4B7fY%2Bv3iQ197X%2FmosX%2Bdy26QaojpPHFzYQlUrbPygpWcLzbfA7VTOkxKqBb4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1557535267.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87397b7b91e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1556824121.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1556824121.png
https://kooora2day.online/img/1556824121.png

4 KB
4 KB

1275ms
1275ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1556824121.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a2666d49e3217edc365cfd57f00673ffb2b9e3752d418b3ddae54a5006ca82c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:01 GMT
cf-cache-status: MISS
last-modified: Wed, 12 Oct 2022 07:27:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AG5rEsAvkNcAyLOMymeO7fbEE7HJF%2BrbGC0aJcNiHepAWokMZiZyiM0JQLBvBBy3SrMSLye2aA7iYFVaDoXjPgcSLDsW9hv%2F1rrZTXjeZXP9mOlzGNS%2Bjaj0qFbadYAXRTuDh9R8WXwFy1XdLF88A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e873b9a549bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3857
expires: Wed, 19 Oct 2022 08:40:01 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fp208ltGeHugedoFV7xKI5P4MSxXOuxQfBBLhDNTrg2bDJg2Ibb6t3MJyox%2Bb7OAoZopxYhaWCz%2FX5gDQENdnux%2BYVzx9ZU%2BP0EKT%2B1XCMow%2BoFtnS5OFQjN4smMsMfdxK4rCjT1qJrFhS3QLXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1556824121.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87397b7d91e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

1557391571.png
kooora2day.online/img/
Redirect Chain

https://kora2day.online/img/1557391571.png
https://kooora2day.online/img/1557391571.png

7 KB
7 KB

491ms
491ms

Image
image/png

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/1557391571.png
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/
Protocol: H3
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c42c66b02cbe31b8cb5e81f0899aa8bd9aa5f29548a8495e17713fe4ac85f753

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:01 GMT
cf-cache-status: MISS
last-modified: Wed, 12 Oct 2022 07:27:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zm52jynhgx5ZguCD%2FqnL7lqFEXYhmgd3E%2B27AZZPhnd8f2VTvVP49YtPvqJYgvPx5RjLkCI32OUwDP%2BcqEY4dgQC1RHkakd7a5hwjL624Smab%2FZRnZdPRAsSCMxXtl9jt9XRSs%2BR5hHIb2KXLMs72Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 758e873b9a589bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7011
expires: Wed, 19 Oct 2022 08:40:00 GMT

Redirect headers

date: Wed, 12 Oct 2022 08:40:00 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g4qQv8PsFHMPD3QPKcu6CrnZ6wVBMgpxFqKSR6wz1got0Wkj%2FIgNclsodgc%2Beu8U%2F15135A8YzWudv2ipFHGhzn6AD2N1YKETddl6EOnRHkoKOli%2FyzUMZ2wrnl%2F99IEbYsy7hHd5Y6mbHnabtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://kooora2day.online/img/1557391571.png
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e87397b7891e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 com.svg
kooora2day.online/img/ 12 KB
12 KB 494ms
493ms Image
text/html 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/com.svg
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9948987a5b4feb2a6af748297c3388744fac9031b1a62125044592749804f61

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/css/style1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a92Lg2JcditjbgJl6eoFSdCmWidbs9AvxNo0zTD1ZgzpnSFQ5%2B1XTHg6db%2BM5JnBn%2BuVrZntYAK%2BZRcKDAz8MPnik2Ca%2B9J3Ow6t53LzzL2JoElk8A8UYpTcFerX0qNtRl%2BTNsulgCOfjCTDq%2BGZjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e8737a9a69bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 tv.svg
kooora2day.online/img/ 12 KB
12 KB 512ms
511ms Image
text/html 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/tv.svg
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9948987a5b4feb2a6af748297c3388744fac9031b1a62125044592749804f61

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/css/style1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkhcDIwbDzQ3f7UWIa79QMUFPWA%2BI2D4TVAcFXmsJ%2FQwsW6djCosZM0dZ7iv9vXx%2F4FxGPHSe9TSk3nC2Z87YbxIM8EOrI90AMCSGtFR07rpsD9s8FoJVO9CL0wb0vLpObrZ%2BI9jMoe6iOyKuq%2BGwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e8737a9a99bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 champ.svg
kooora2day.online/img/ 12 KB
12 KB 517ms
516ms Image
text/html 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kooora2day.online/img/champ.svg
Requested by: Host: kooora2day.online
URL: https://kooora2day.online/css/style1.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9948987a5b4feb2a6af748297c3388744fac9031b1a62125044592749804f61

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/css/style1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qP9v0MlLMFajN97Yw70Woa36jiFkS7xPhoRfVtSOBRfvQzFOq%2FO9ufz3ozAslO3TNMISh0bWBebM%2FaMGrQZcyd9X%2BNl9CRWDzaEkDtXPsrtHPJ6KSabW3eNJAWHjfSc0Q%2BL8HJf%2Bln2EnsN%2Fumyfwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 758e8737a9ab9bcb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 88F9 36 KB
16 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 20:45:27 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 47DB 63 KB
23 KB 322ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 07:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3071
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23659
x-xss-protection: 0
server: cafe
etag: 898360552121563568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:48:49 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
45 B 815ms
280ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~l95dsugg&c=928417129922921&e=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&ctx=1&met.6=6.1_CgwY3w0glwEqBAgBEgA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 9877 36 KB
16 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 20:45:27 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 3A17 63 KB
23 KB 321ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3440197093437636&output=html&h=280&slotname=7748773486&adk=277232271&adf=3994739360&pi=t.ma~as.7748773486&w=1028&fwrn=4&fwrnh=100&lmt=1665563998&rafmt=1&format=1028x280&url=https%3A%2F%2Fkooora2day.online%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665563998546&bpp=1&bdt=257&idt=224&shv=r20221010&mjsv=m202210060101&ptt=9&saldr=aa&abxe=1&prev_fmts=150x600%2C150x600%2C150x600%2C150x600%2C1028x280&correlator=1865243603900&rume=1&frm=20&pv=1&ga_vid=1628939518.1665563999&ga_sid=1665563999&ga_hid=1844102683&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=286&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&oid=2&pvsid=928417129922921&tmod=517962122&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=lqwdKKmMMK&p=https%3A//kooora2day.online&dtd=227

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 07:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3071
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23659
x-xss-protection: 0
server: cafe
etag: 898360552121563568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:48:49 GMT

GET
DATA 200
OK truncated
/ Frame 5813 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32f3b79a00346f4f78be2842dea57617670343e510f4913dbd9d10a5e21b8eae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5813 0
26 B 144ms
69ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ 0
327 B 670ms
273ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~l95dsvdv&c=928417129922921&e=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYwA8gMyoECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EEB6 8 KB
895 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Oct 2022 08:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 07:24:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Oct 2022 08:40:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame EEB6 2 KB
915 B 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:29:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/ Frame EEB6 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:55 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame EEB6 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 08:31:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/ Frame EEB6 17 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221010/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 01:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 26 Oct 2022 01:18:53 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EEB6 151 KB
46 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47122
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665402098278948"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 08:40:00 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame EEB6 33 KB
13 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 526ms
274ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=3~l95dsvhs&c=928417129922921&e=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYphAgOyoECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B67C 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 469413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 22:16:27 GMT
expires: Fri, 06 Oct 2023 22:16:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 3351 0
54 B 518ms
277ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l95dsvli&chm=1&ctx=2&gqid=Xn1GY4T1L5bYxwKIs5GYCg&qqid=CPfj_7Ol2voCFdxCHgIdMzoFvw&met.4=fb.gg~lb.lm~ol.po~bdt.-cg~bpp.-5e~idt.-6~dtd.-1~dt.-5f&met.3=733.lp~742.lp~748.m3~739.o1~555.oh~556.oh~738.pk~749.pk_4~736.qp~735.ro_1~113.15x_4~112.15w_5&met.1=1.l95dsufm~6.0~7.0~8.0~9.0~10.0~12.11~13.d8~14.ec~15.fb~16.o1~17.o1~18.o2~19.pd~20.pd~21.po~22.hi~23.hi&met.7=CAUQCBgBMIQEOJwHaCVw3AN4j4oCgAHjhwKIAcrUBbABAbgBAw~CBwQChgBIKwEKKwEMKYFOHpoygRwkwV4lwmAAesGiAHBDLABAbgBAw~CAkQChgBIKwEKKwEMPIEOEZoygRw7QR4lk2AAepKiAGquAGwAQG4AQM~CB4QChgBIK0EKK0EMKcFOHpo0wRwlQV4-wyAAc8KiAGxFbABAbgBAw~CBwQChgBIK0EKK0EMPoEOE1oygRw8QR4vj2AAZI7iAGTigGwAQG4AQM~CCoQChgBIK0EKK0EMKAFOHM~CBsQChgBIK0EKK0EMKsFOH4~CBcQAhgBINgEKNgEMKkFOFFo2QRwngV42E-AAaxNiAGsTbABAbgBAw~CCEQBBgBII0FKI0FMPQFOGdoqQVw9AV4rAKwAQG4AQM~CCgQChgBINYHKNYHMLgIOGJQ3gdYkQhg9AdokQhwpQh4l7sBgAHruAGIAdv3A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5417 0
54 B 755ms
514ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l95dsvln&chm=1&ctx=2&gqid=Xn1GY9v0L_PBmLAP2e-L6AI&qqid=CKyWgLSl2voCFQ9WwgodOIQAog&met.4=fb.b9~lb.j0~ol.q4~bdt.-cp~bpp.-5l~idt.-5~dtd.-2~dt.-5m&met.3=733.jd~742.jd_1~748.k0~739.kj~555.mr~556.mr_2~738.q1~749.q1_2~736.qh~735.rh_1~113.15t_1~112.15t_2&met.1=1.l95dsufu~6.5~7.5~8.5~9.5~10.s~11.5~12.t~13.b2~14.bm~15.b4~16.kj~17.kj~18.kj~19.ps~20.ps~21.q4~22.du~23.du&met.7=CAUQCBgBKAUwogM4rAdQBlgcYAZoHXCOA3jg9QGAAbTzAYgB5J8FsAEBuAED~CBIQBxgBIJQDKJQDMJwEOIcBQJUDSJUDUJUDWPQDYLYDaPsDcJsEeLAHgAGEBYgBli-qARQKElJvYm90bzozMDAsNDAwLDcwMLABAbgBAw~CBwQChgBIJoDKJoDMKQEOIoBaPoDcKQEeJcJgAHrBogBwQywAQG4AQM~CCEQBBgBIKADKKADMPkDOFlorgNw-AN4rAKwAQG4AQM~CAkQChgBIKMDKKMDMJIEOG9o-gNwkgR4lk2AAepKiAGquAGwAQG4AQM~CB4QChgBIKcDKKcDMKMEOH1o-gNwnQR4-wyAAc8KiAGxFbABAbgBAw~CBwQChgBIKgDKKgDMJwEOHRo-gNwkwR4vj2AAZI7iAGTigGwAQG4AQM~CCoQChgBIKkDKKkDMN0EOLQB~CBsQChgBIKoDKKoDMLIEOIgB~CBcQAhgBIK8DKK8DMLEEOIIBaPoDcKkEeN2sAYABsaoBiAGxqgGwAQG4AQM~CBcQAhgBILEDKLEDMKkEOHho-gNwpAR4h2qAAdtniAHbZ7ABAbgBAw~CCgQChgBINUHKNUHMLwIOGdoighwsAh4l7sBgAHruAGIAdv3A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E208 0
45 B 522ms
281ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l95dsvlp&chm=1&ctx=2&gqid=Xn1GY-T2L_TTmwfI0KXoAg&qqid=CNX2_rOl2voCFQjJ1QodQPYItw&met.4=fb.gg~lb.ld~ol.rj~bdt.-c4~bpp.-52~idt.-p~dtd.-2~dt.-56&met.3=733.lf~742.lf~748.lu~739.nn~555.ot~556.ot~738.rg~749.rh_2~736.s0~735.t8_1~113.16g_1~112.16g_1&met.1=1.l95dsuf9~6.0~7.0~8.0~9.0~10.0~12.1e~13.cx~14.ej~15.ex~16.nn~17.nn~18.no~19.r8~20.r8~21.rj~22.hv~23.hv&met.7=CAUQCBgBMIsEON8HaDJw0QN48e0BgAHF6wGIAcuBBbABAbgBAw~CBIQBxgBIKcEKKcEMMsEOCRorQRwygR4sAeAAYQFiAGWL6oBFAoSUm9ib3RvOjMwMCw0MDAsNzAwsAEBuAED~CBwQChgBIKcEKKcEMK0FOIUBaNcEcJwFeJcJgAHrBogBwQywAQG4AQM~CAkQChgBIKgEKKgEMP4EOFZo1wRw-AR4lk2AAepKiAGquAGwAQG4AQM~CB4QChgBIKgEKKgEMKwFOIUBaNcEcJsFePsMgAHPCogBsRWwAQG4AQM~CBwQChgBIKgEKKgEMPoEOFJo1wRw9gR4vj2AAZI7iAGTigGwAQG4AQM~CCoQChgBIKgEKKgEMJMFOGo~CBsQChgBIKkEKKkEMLgFOI8B~CCEQBBgBINQEKNQEMJoFOEZo1gRwmgV4rAKwAQG4AQM~CBcQAhgBIOMEKOMEMLQFOFFo4wRwogV4zyeAAaMliAGjJbABAbgBAw~CBcQAhgBIOMEKOMEMLYFOFJo5ARwqgV4gBiAAdQViAHUFbABAbgBAw~CCgQChgBIPYHKPYHMNoIOGNonwhw0Qh4l7sBgAHruAGIAdv3A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F66 0
54 B 758ms
518ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l95dsvlq&chm=1&ctx=2&gqid=Xn1GY9T5L4z91wbtvoPYAQ&qqid=CLH1_7Ol2voCFXFMHgIdW_0F5A&met.4=fb.gn~lb.mu~ol.rt~bdt.-cz~bpp.-5w~idt.-a~dtd.-1~dt.-5x&met.3=733.mw~742.mw~748.nc~555.pa~739.pa~556.pa_1~738.rr~749.rr_2~736.sb~735.xl_1~113.15m_1~112.15l_1&met.1=1.l95dsug5~6.1~7.1~8.1~9.1~10.1~12.i~13.dg~14.ds~15.ez~16.pa~17.pa~18.pb~19.rj~20.rj~21.rt~22.id~23.id&met.7=CAUQCBgBKAEw8AM46QdoEnDkA3iRgAKAAeX9AYgBy9gFsAEBuAED~CBIQBxgBIKAEKKAEMIwFOGxo2gRw-QR4jwmAAeMGiAHzQqoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIKEEKKEEMIwFOGxotwRw-wR4lwmAAesGiAHBDLABAbgBAw~CAkQChgBIKEEKKEEMNgEODhQoQRYtgRgoQRotwRwygR4lk2AAepKiAGquAGwAQG4AQM~CB4QChgBIKEEKKEEMJkFOHho6ARwkAV4-wyAAc8KiAGxFbABAbgBAw~CBwQChgBIKEEKKEEMPUEOFRotwRw7QR4vj2AAZI7iAGTigGwAQG4AQM~CCoQChgBIKEEKKEEMI0FOGw~CBsQChgBIKEEKKEEMJsFOHo~CCEQBBgBIN0EKN0EMLUFOFho6QRwtAV4rAKwAQG4AQM~CBcQAhgBIPsEKPsEMLgFOD1olgVwswV4ujGAAY4viAGOL7ABAbgBAw~CCgQChgBIP8HKP8HMMAIOEFogAhwugh4l7sBgAHruAGIAdv3A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 411ms
276ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=4~l95dsvlu&c=928417129922921&e=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsY9REgNCoECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B87 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 07:50:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame B67C 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 20:45:27 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 47DB 0
54 B 372ms
283ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l95dsvpz&chm=1&ctx=2&gqid=Xn1GY4L5L7efmLAP2Yaq0AQ&qqid=CN_9gLSl2voCFUtJwgodajYBpQ&met.4=fb.fj~lb.lo~ol.ry~bdt.-d7~bpp.-62~idt.-5~dtd.-1~dt.-63&met.3=733.lr~742.lr~748.m5~739.no~555.ns~556.ns_1~738.rw~749.rw_2~736.s4~735.xf_1~113.19o_1~112.19o_1&met.1=1.l95dsugc~6.1~7.1~8.1~9.1~10.1~12.b~13.c5~14.dh~15.eb~16.nn~17.nn~18.no~19.ro~20.ro~21.ry~22.gs~23.gs&met.7=CAUQCBgBKAEw5QM47gdoC3C1A3jFgAKAAZn-AYgBl-AFsAEBuAED~CBIQBxgBIIwEKIwEMP0EOHFQjARYzgRgjARo0wRw8QR4jwmAAeMGiAHzQqoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIIwEKIwEMIwFOIABaLAEcPkEeJcJgAHrBogBwQywAQG4AQM~CAkQChgBIIwEKIwEMOUEOFhosARw4QR4lk2AAepKiAGquAGwAQG4AQM~CB4QChgBIIwEKIwEMI0FOIABaLMEcPsEePsMgAHPCogBsRWwAQG4AQM~CBwQChgBII0EKI0EMOYEOFlosQRw5AR4vj2AAZI7iAGTigGwAQG4AQM~CCoQChgBII0EKI0EMO8EOGI~CBsQChgBII0EKI0EMJMFOIcB~CCEQBBgBILUEKLUEMIwFOFdotQRwiwV4rAKwAQG4AQM~CBcQAhgBIMQEKMQEMP0EODlozwRw7gR4t7sCgAGLuQKIAYu5ArABAbgBAw~CCgQChgBILEJKLEJMPYLOMUCaN8LcPMLeJe7AYAB67gBiAHb9wOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3A17 0
54 B 367ms
284ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l95dsvq7&chm=1&ctx=2&gqid=Xn1GY4q6MILqxgKi67jABg&qqid=COO7gLSl2voCFQmMGQodKLsNsw&met.4=fb.gs~lb.nk~ol.x0~bdt.-di~bpp.-6c~idt.-5~dtd.-2~dt.-6d&met.3=733.nm~742.nm~748.o0~555.q6~739.q7~556.q7_1~738.wx~749.wx_3~735.xk_1~113.19l_1~112.19l_1&met.1=1.l95dsugn~6.1~7.1~8.1~9.1~10.1~12.4~13.do~14.e3~15.ev~16.q6~17.q6~18.q7~19.wn~20.wn~21.x0~22.hw~23.hw&met.7=CAUQCBgBKAEw-wM4pAloBHDtA3j26gGAAcroAYgBz_UEsAEBuAED~CBIQBxgBIJwEKJwEMIMFOGdoyARw8wR4sAeAAYQFiAGWL6oBFAoSUm9ib3RvOjMwMCw0MDAsNzAwsAEBuAED~CBwQChgBIJ0EKJ0EMIIFOGVopQRw7wR4lwmAAesGiAHBDLABAbgBAw~CAkQChgBIJ0EKJ0EMNgEODtopQRw1AR4lk2AAepKiAGquAGwAQG4AQM~CB4QChgBIJ0EKJ0EMIoFOG1o5gRwhgV4-wyAAc8KiAGxFbABAbgBAw~CBwQChgBIJ0EKJ0EMNgEODtopgRw1QR4vj2AAZI7iAGTigGwAQG4AQM~CCoQChgBIJ0EKJ0EMIkFOGw~CBsQChgBIJ0EKJ0EMIoFOG0~CBcQAhgBIO0EKO0EMKgFODtoiAVwpAV4hqADgAHanQOIAdqdA7ABAbgBAw~CCEQBBgBIIAFKIAFMNEFOFBoigVw0AV4rAKwAQG4AQM~CCgQChgBILoJKLoJMP8LOMUCaOkLcPwLeJe7AYAB67gBiAHb9wOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 5813 63 KB
23 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 07:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3071
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23659
x-xss-protection: 0
server: cafe
etag: 898360552121563568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:48:49 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B87
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:40:00 GMT
expires: Wed, 12 Oct 2022 08:40:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:40:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame D950 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 20:45:27 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame EEB6 63 KB
23 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221010/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 07:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3071
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23659
x-xss-protection: 0
server: cafe
etag: 898360552121563568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:48:49 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5813 0
54 B 498ms
497ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l95dsvt7&chm=1&ctx=2&gqid=Xn1GY5T1MdDn1gaWka-ACw&qqid=CMuUgrSl2voCFQhDwgodL4cFZg&met.4=fb.48~lb.fw~ol.s4~bdt.-vd~bpp.-o8~idt.-hq~dtd.-hi~dt.-o9&met.3=733.fy~742.fy~748.gc~739.gf~374.p0~749.s1_3~738.s4~736.sg~735.sj_1~113.up_1~112.up_2&met.1=1.l95dsuyj~14.5~15.0~16.5~17.5~18.5~19.6~20.6~21.6~22.a8~23.a8&met.7=CBwQChgBIAgoCDAlOB1oCHAiePAbgAHEGYgBhDiwAQG4AQM~CBwQBhgBIAgoCDBQOEhoCXBLeNYCgAEqiAEqsAEBuAED~CB4QChgBIAgoCDAlOB1oCXAjePsMgAHPCogBsRWwAQG4AQM~CBwQChgBIAgoCDAlOB1oCXAjeL49gAGSO4gBk4oBsAEBuAED~CCoQChgBIAgoCDCPATiGAQ~CCgQBRgBIJkBKJkBMLwBOCNomgFwuwF4wASAAZQCiAHwBLABAbgBAw~CCgQChgBIJsBKJsBMNcBODxomwFw1QF47oQCgAHCggKIAcOtBLABAbgBAw~CAkQChgBIMUCKMUCMN0COBhoxQJw2wJ4_l2AAdJbiAG57gGwAQG4AQM~CBwQChgBIMUCKMUCMN4COBloxgJw3QJ4mRuAAe0YiAHhP7ABAbgBAw~CCIQARgBIMcCKMcCMM8DOIgBQMgCSNgCUNgCWIkDYOsCaIsDcM4DeKwCsAEBuAED~CCcQChgBIMgCKMgCMN4COBdoyQJw3QJ4k3mAAed2iAGKxQKwAQG4AQM~CCkQBhgBIMgCKMgCMKcDOGBAyAJI3QJQ3QJYjgNg8QJojwNwowN4jmmAAeJmiAHiZrABAbgBAw~CCIQARgBILQFKLQFMMQGOJEBULQFWP8FYLQFaP8FcMQGeKwCsAEBuAED~CCcQBRgBIM0GKM0GMOMGOBZozgZw4gZ490OAActBiAHqsgGwAQG4AQM~CCgQChgBIP8HKP8HMLQIODVogAhwnwh4l7sBgAHruAGIAdv3A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EEB6 0
54 B 503ms
503ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~l95dsvt9&chm=1&ctx=2&gqid=Xn1GY96HMs2smLAPley3oAU&qqid=CN-MgrSl2voCFR5FHgId56EEqg&met.4=fb.a~lb.4k~ol.5z~bdt.-1hs~bpp.-1aa~idt.-13t~dtd.-13e~dt.-1ac&met.3=492.e_1~733.4n~742.4m~748.4x~739.4z~518.53~555.5b~556.5b~738.5y~749.5y_1~113.8c_1~112.8c_1&met.1=1.l95dsvky~14.6~15.0~16.6~17.6~18.6~19.6~20.6~21.6&met.7=CBIQBxgBIAsoCzApOB5oC3AoeI8JgAHjBogB80KqARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBIA4oDjAiOBRoD3AieJcJgAHrBogBwQywAQG4AQM~CAkQChgBIA8oDzAjOBRoEHAjeJZNgAHqSogBqrgBsAEBuAED~CB4QChgBIBAoEDAkOBRoEHAkePsMgAHPCogBsRWwAQG4AQM~CBwQChgBIBAoEDAmOBZoEHAkeL49gAGSO4gBk4oBsAEBuAED~CCoQChgBIBAoEDA7OCs~CBsQChgBIBAoEDAlOBU~CCgQBRgBIKIBKKIBMLgBOBZoowFwuAF4vQOAAZEBiAGPAbABAbgBAw~CCgQChgBINoBKNoBMJACODZo2wFw_AF4l7sBgAHruAGIAdv3A7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B67C 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bm5yKX31GY8WdJICwx_APmPS6yAwAAAAAOAHgBAI&bg=!FxSlFFDNAAYqRg79CkY7ACkAdvg8Wjr6R620EtIur_DwTrzz9BBmLvX-O4BWT3qqgPWRPc7phztGfQIAAAB3UgAAAAFoAQcKABqe2RGPEedBituqy_ff3mJPnZIDS57onPJ3KJkC_V4iyRp6AzD5WROBTFSD2nHEUlV9GhsoddQ0PYyrXa3DPOzLXCs93M8mNHeay0XYswLHGCjFbH14BR4ZMseGVteIMRQI-vcJ38PObfPPVbMUztPOlX8SUWQJ1yTOTFBN678v7f5zoKWDw5xTe4HGErvW128oWWliE3RjnxplEtArFETlM5H0aoRwWEO7pO-uslfwKQBQGJ19N4KgafPoJi78zPdTKPhVi4vbO4G1WAgt9rwlfImnO4Z3utwkKSFK44P5hDdKRoQGdMW4DkYvKOcHqYUK_kBEjC2IwmseTaUtkfOJEGhO3sfnZsIq7DEdoUmF8nE_8vMdo7y3EWBUWuZcNVNxUpbqnaB2kWuFNdsfptsCubDtFQ2ulWfiXMp53y1G80h1UHuBMmCEHrNqaMA0zdfh9q9ITwentSriIvZHX2gNO0SJHbghqYnLDNg1pGxeWANA18veayr2uVf99-gzIe7zf5Ft5XjAw7z17dprfmXcFoLRgbvuOAqSFHnHpvB1_yfghcA_DJnZqfjsn6rMhgatQxF88cryz3kLyCHqIA6Ycj0b7sbC8ypNlOm1vLzjaQ9aAlzfQlIdPMHTOBAt-CLJ4IFvF9id9SBcYFM5bfB7Kg_G-4urgTsROyFrcL29uBqab1Jx__hGykwnFwyJqz1bXsNHLpUNHqbyst6jbnj-pz2h1tm51oIqF_5lukffy0v_D70vls-RawaasIxFv3N0gEIK81uFa7OFVrY5Rv1MPaCcdCyqdXrbmtN_9W9Bf9yW-YYVz958tJhITkhT4r2ntop2xyQXqrqetc250Z8vy32zSpujmw2yGJulyH4Iy_sMfUwmK4THBQs29-Ep0u-uRqGW1Ek9tsUyzBCohN4Y6JtzkTc1YFWW93AZyJ2GIWdDhsYvZRUL_UONgtXaHtyPaKYlqvqtLII_j6n_XaMaeO_qoAZysl0e4RgEWACQncrV7S-aez5e5U3WJANYoqh0R4LduKmoJvwy7D6vZDWvaJGtX1a2wLYkXg

Requested by

Host: kooora2day.online
URL: https://kooora2day.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3351 42 B
64 B 104ms
60ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfWHdwn544NVymQGlyvBU9NFJ5P0iHWulvUUfCa4W3ckINLoHR99nOXqFQudNR25bvp4PGu76EJ0cxt4vmc5aI7dkRKh-e7E_eUm8CHyIitVgvuzaNZuAwJ73LmDHYffL3ml10clLFSiaPUTCJmklzkGhXV4kObPDt6xzRUcnmEHuj9Uas2mlYy9OoYH0DVFh5zweiQRmMieMrzftv8kUkk-ve_fB-tY1mDPrp8rNP3sp6y_FTYEDGDE-JnZuQuWjOEwKfwHwgjGJScG7tQeEWLd4mxGUm0-cMge-ypFlXK5xdm6J-NGqVcHyHuU6O21T3DDvAnxU_u3r-indABu9S3IBR4pSraP11_qup39ff8ZiIpEel8eyXT8YdYwm0wDPlVoFPWSoO2B01cVxpk15BIRTxmT7xi_UCeZtAk_PR8y6yh1LVA1cY-pMnNISMIClMF2ED2AVBrg5urZHjt9dJRWLKmbdpYVzafFcpoFpC9OA9ayza-o8pjSU82GpG3qrGP-sYgONr7FhL4cCY9f_PhFYVLbp1Na0y3L82LJHR_gfzpmvHW4UetbuKaHYCpvRfZ5qB--28UNzZtAYTSEU5z-WQjk6qolVR5Ze2y1CZJSRCiEe-W83i_xOzDOlii6JeY8cYTOsJHgz6BsvgVISDirRHACmz-UXWTT58sMIuqj9MSiEbQLdXkVgDavtnTPifnX4sr7ZSA7oNOmYYxkmi7OjtHZz1sdN-dJSWY5IT7IMm7k7lPMNERNhJUyu_Af2ZAR2o631TUwLtcx99yVJM7ybz0rTg8Xhcz9VkhBmyCF3QI9DshYsyCWmZjewFVAY7Uf8J05mYrZ9S986kWUNKM4KWOmudenNLQAhuPyPtJmh1NvvqYlz-3WMVXzuQPb8mUizZW9lWHba4jZ5qHvFe1eMoPheATl9zkh7oHHQSPJ50EZsLx7nCR56mPaL-joO4SVnM-1lwSo2LWbe-afvSr0cagQ&sai=AMfl-YR8OU0wmmJzLCm6wCLm-dGDTQxM0XyrHbmrqJSmjlOSqJjA1tjlBPWuoPWdT7Qvru9VhxsVWn47yuan-uqM9kWYpXYquZhCmoXC&sig=Cg0ArKJSzAlylMwb6p_oEAE&cid=CAQSGwCsnQUx6lxNMRTk3gTA9uVTH2LMEvrbU6ZMNRgBIA4&id=lidar2&mcvt=1000&p=0,0,600,150&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=0.88&if=1&vu=1&app=0&itpl=22&adk=3401964455&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665563998738&rpt=920&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5417 42 B
64 B 101ms
59ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3epYVaPrM6i-SRGwU8mQxvzsxbu2RQNGVlOn4cSolKTFd-m6u_xFyqFnbi4tAWZvwtuMSdQXQSOY7GOFij8dSpNxoBTc3f0pYgL5bXhBB88Jf_pzTLzxGN6HP58Z6EREk6FTh-bqxdPH16Xq6s62MScxtPsgQmr6qxr5M1Le_nXNGl76Gi9KFzs89oyNH21nwGD1WxZWLN4N3yW0550uLIDnsQ4Xd-7myF89V9FLgnR6v7DqJf78lHX2TyxvSM_Vji8oO459yfakS47GHx8AnUf7TiJt_-yomursDmlIBCIDxJ-pnXe1PuUT_YUAFx341haKPKE6zhwJ-fZvp7rvI2TROh6-T6XW6w2g03fy0zzhGE2A5RNmlTSoyBq3u3Ke1Bhf86DWiXJDBGjjUMzUUpdl0dM6HrMTvBIk6UdnXzKlo0DYbD2SuF42H5pqy7ZL4DULxRssuM1rUG5PRQv6RZaRkyOvtL7gGW9piEU3XzzrlUiTy9ht5hA6VkK8LU0QjAZIuA9-kgS66kTqKynYpVcuV45f6BPQ-C94cVYodAVnfEErBWmRhS8ZIsDzQjS0M1JZtLQPxHf8QHqNi4QcCGDcR_QoUJQ33nUdFVvvYw4q6wJ5zspemBdnSFK96Z_00_lYOHUw8r7y9st6c7DvoqjFmCy7Q9Xf-YN3wuGtsSarE1yX8fVs8oaMi0k8P3GYsUjmO7-G2hyV3E3D6V8TVF5o9yP43-aIt_m_CyKF3Lua-KV3CT57WIGjenWtRr_QVH62GTKXPMB9ei_dv1K6lVI5hgGurLRTYgZ34LAGI8EqJMmMcmyL7dyl_MB3cioPRQp0eHjseY7umYCut0L5qaeSRw4j4Jnr0_GQ0ccCY7bsUCcz4Trfv4pcBbilvnqK-Y-6bBST8aqboH22wtctBHcJS0qmnTNWJnT1OumVE3b4GGXbzHysUKWzISKNV3DiOqmzx0js3Qrd_RZg7SNiA&sai=AMfl-YQO9LRJX14xBwkVLQCQ1AVBq_dORZKmdZeWMMeoyTOnbNSyasRonNQ1Ljyr7_aQz-7KB8Mp0liWY5XBDA94Hs2cxpHUVpDgYD1J&sig=Cg0ArKJSzHoC5xwi8H92EAE&cid=CAQSGwDq26N9MGLAKf0GkKTqRtmBAKokJL-Sh8E9URgBIA4&id=lidar2&mcvt=1003&p=0,0,600,150&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1631200381&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665563998746&rpt=937&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E208 42 B
64 B 65ms
56ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfdC8bH-fvGghsMxa4Jy92NAq2CVG242Xk4w2mT3xZRPx54AVT-a7aHgcQfSHr7mNkR8yER4oqnkVsVxWVgONi00jBXBVICbtzLZ3zthsZ-6-bm1_oZ3ryXFDRs3EA5yTjSxwiHQ&sai=AMfl-YSq5HfTdXGw0uY1i1qW3AboVXz4I2nS7w6YqMuZwN3y8bjwmRKKrl2eH6vPkuhF69dmnscI9X-ryAN6cb0&sig=Cg0ArKJSzOx1lyzrL09OEAE&id=lidar2&mcvt=1000&p=0,0,600,150&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3401964455&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665563998725&rpt=989&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47DB 42 B
64 B 58ms
56ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-R21-9bI2WvbNZ9E6QCryIqQX3bW4n1HTeaDHsiZdM19vxxmHihCGAdc9OQLz_sfk4xatq9cAZWst5gn_FJStceWMSp9NGyCQuFcFg6EzJBN46kNgswibAZ2WtLUtJeCMFVUpxw&sai=AMfl-YTWl1xs7OzN9S6h89WNHrHXCxSiV5Usi6QVEamvKZAeHzH0blrLT1DQl6lb5NHsNEUZ7GcS4jsPhHY4UWc&sig=Cg0ArKJSzDrwSPr2ioZsEAE&id=lidar2&mcvt=1002&p=0,0,280,1028&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=277232271&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665563998764&rpt=1004&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F66 42 B
64 B 59ms
57ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvAJB4IZgYthScburegwg9SMMkvv39SnFC3tiE5Uij2ukl68WrpoKiQsl7Bx_NcMW98_IYS5umpQvW2apAvUmsFB30Ag_pEvIPj2Rf4FN2A9ZL-q6-Ykfg7D9Tzh_p2IQ4ckq2Vrg&sai=AMfl-YSVyuzl9Ld5fNIfuaIQZX4p7PmIMtomgOzoK7DTVSBEuzAoooZHCYwz6Opx6PULuAYES8J-nYQoQTbMKLs&sig=Cg0ArKJSzDg33fTtcRbvEAE&id=lidar2&mcvt=1008&p=0,0,600,150&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=22&adk=1841527856&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665563998757&rpt=999&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5813 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYQB7WxVq0XLaEBvmFa9MhJkFDsJrcr7SZZS8khjIelhnFyz5TdvmrKVN04_UMZY-t9-H1DD4GtMPGglLSqxg4Y4Bl6SH50QcWFORW_Irw_9FLyXn7hb1tf3O3p2fK7eKZ2ZpwbQ&sai=AMfl-YRFigzy-y2VNh38RcHXr3J8TNcOBB_9CQVBOOKYIW2WdPhRNEbmdrPZAksq284cSFPgSK6geOKKAFDT7bQ&sig=Cg0ArKJSzLWs_yDen9ENEAE&cid=CAQSGwDq26N9dsWZxGdU-UPg9jQu0cOyf17lsZtHlBgBIA4&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1522501397&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665563999419&rpt=1009&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wdbloogablock.js Show response
cdn.jsdelivr.net/gh/Abdo-Hegazi/wdbloog@6bdae011/
Redirect Chain

https://cdn.rawgit.com/Abdo-Hegazi/wdbloog/6bdae011/wdbloogablock.js
https://cdn.jsdelivr.net/gh/Abdo-Hegazi/wdbloog@6bdae011/wdbloogablock.js

89 KB
61 KB

140ms
28ms

Script
application/javascript

2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Abdo-Hegazi/wdbloog@6bdae011/wdbloogablock.js

Protocol

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13e0fa139f142ba0536cb05f41c2f8041898dec667e91bfb86f132181f792c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 36676
x-jsd-version: 6bdae011
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19167-FRA, cache-hhn4023-HHN
x-jsd-version-type: branch
server: cloudflare
etag: W/"1648b-ZlSERJEr1qXnAA1jGd0QGwxRXIA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyK8jZQCu5F%2Fdsibxl9GfCSx5XigOrr0JMuxgUui%2B8jeJGcR1lpdAVLCbsPu5%2BnXkJaAPSncKwXcJVLloFTYyMU%2B%2B0imoxCqz%2BtlydDWFaKE9I7j0MTn6%2F5tCImWrT9up2uu8fHprP7hv5XyJEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 758e874828229116-FRA

Redirect headers

date: Wed, 12 Oct 2022 08:40:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 713
age: 80695
x-cache: MISS, HIT
cdn-cachedat: 10/12/2022 08:40:02
cdn-pullzone: 201235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
content-length: 107
x-served-by: cache-fra19124-FRA, cache-chi-kigq8000068-CHI
server: BunnyCDN-DE-713
cdn-proxyver: 1.02
cdn-requestpullcode: 301
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
location: https://cdn.jsdelivr.net/gh/Abdo-Hegazi/wdbloog@6bdae011/wdbloogablock.js
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers: *
cache-control: public, max-age=2592000
cdn-cache: EXPIRED
cdn-requestid: 0a5d7d94571e5f9b2b729220776f0021
timing-allow-origin: *
cdn-requestcountrycode: NL
cdn-status: 301
cdn-requestpullsuccess: True

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 35ms
35ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221010&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bea34f5f2b12cabeb9409475a19e9b6deb2cc4c54045ec75bfaab48c1a310a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11212
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Oct 2022 08:40:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BDDE 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:31:55 GMT
expires: Thu, 12 Oct 2023 08:31:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6BC6 783 B
535 B 76ms
32ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed781dbf27d8ec0d80e33ff08d167e2300a435e5322d1134bfc3cd21b613e3f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2jlS49LeuI4JC0rM1wjaZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kooora2day.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-2jlS49LeuI4JC0rM1wjaZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Oct 2022 08:40:02 GMT
expires: Wed, 12 Oct 2022 08:40:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js Show response
pagead2.googlesyndication.com/bg/ Frame BDDE 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GqdA_Tv7WdpTYI8K1v09aLIv-PCgI0anbpiD0lWdf3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 11 Oct 2022 20:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15993
x-xss-protection: 0
last-modified: Mon, 03 Oct 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 20:45:27 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6BC6 0
0 55ms
55ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221010&jk=928417129922921&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BDDE 0
12 B 20ms
20ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cCbL7Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
53 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/Abdo-Hegazi/wdbloog/6bdae011/wdbloogablock.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ba5522522fa0512ede6b11a096f57bf0fc1de3340577b84b2ab4fef535915b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 08:40:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54326
x-xss-protection: 0
server: cafe
etag: 178648609978622034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:40:02 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
45 B 579ms
278ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=5~l95dsvp2&c=928417129922921&e=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&ctx=1&met.3=247.eb~248.eb~164.ec~165.e9_4~247.ed~248.ed~164.ed~165.ed_1~247.ed~248.ee~164.ee~165.ed_1~247.ee~248.ee~164.ee~165.ee_1~247.ef~248.ef~164.ef~165.ee_1~247.ef~248.ef~164.ef~165.ef_1~164.eg~165.eg_1~166.e0_r~1001.es_1__1~164.et~165.es_2~166.eu_2~166.ez_1~166.f1_2~166.f3_1~1032.iq~326.iu_2~832.ix~868.ix~216.ip_9~215.ip_9~843.io_a~779.iy~889.j7~639.ji~914.ji~1032.jl~326.jm~832.jm~868.jm~216.jl_2~215.jl_2~779.jn~889.jp~639.jt~914.jt~1032.ju~326.jv~832.jv~868.jv~216.ju_1~215.ju_1~779.jv~889.jx~639.k1~914.k1~1032.k1~326.k1~832.k1~868.k1~216.k1_2~215.k1_2~779.k3~889.k8~639.kc~914.kc~1032.kc~326.kc~832.kd~868.kd~216.kc_1~215.kc_1~779.kd~889.kf~639.kj~914.kj~112.kl_2~1032.kn~326.ko~832.ko~868.ko~216.kn_1~215.kn_1~779.ko~889.kp~639.ku~914.ku~1032.kz~326.kz~832.kz~868.kz~216.kz_6~215.kz_6~779.l5~889.l6~639.l9~914.l9~1032.la~326.la~832.lb~868.lb~216.la_8~215.la_8~779.li~889.lp~639.lr~914.lr~629.me~429.115_1~993.11a_2__2~453.11c_1~998.11c_1__2~453.11d~998.11d_1__2~453.11e~998.11e__2~992.11c_2__2~994.11e__2~453.11f~453.11f~453.11f~453.11g~454.11g~454.11g~454.11h~453.11h~753.11j~991.119_a__2~990.119_a__2~353.116_d~168.14g~168.14g~168.14g~168.14g~168.14g~168.14g~168.14g~168.14g~168.14g_1~168.14g_1~168.14h~168.14h~168.14h~168.14h~168.14h~168.14h~168.14h~168.14h~168.14h~168.14h~168.14h~168.14h~168.14h~168.16z~168.16z~168.16z~168.16z~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.170~168.17p~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17q~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.17z~168.180~168.180~168.180~168.180~210.18v~1032.18x~326.18x~832.18x~868.18x~164.18x_1~165.18w_1~466.18w_1~522.18w_2~779.18x~525.18z_5~639.194~914.194~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.19g~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1aj~168.1ak~168.1ak~168.1ak~168.1ak~168.1ak~168.1ak~246.1hz_2~246.1lx~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~168.1nm~246.1pz~246.1t7~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u6~168.1u7~168.1u7~168.1u7~168.1u7~168.1u7~168.1u7~168.1u7~168.1u7~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~168.1uc~113.319_1&met.7=CBsQCMAB3rDZ-wQ~CBsQByCIAjgowAHHyKjcAg~CBsQByCJAjgiwAHqpKG-BQ~CBsQByCJAjgowAH1gqyEBQ~CBsQByCJAjg5wAHm2IGwBQ~CBsQCiCJAjgnwAHI6KuxBA~CBsQCiCJAjhNwAGRoPmlBA~CBsQBiCJAjiDAcABos3JzA0~CAEQChgBIIkCKIkCMPMDOOoBQOACSOACUOACWI8DYPMCaI8DcNMDeIOvA4AB16wDiAGKoQqwAQG4AQPAAd6Ov5sB~CBsQCiCJAjhuwAHP2d2HCQ~CBsQCiCJAjiCAcABvo_Zhwk~CBsQChgBIIkCKIkCMIkEOIACwAGM1djrBA~CBsQAhgBIOQCKOQCMMEDOF1A5QJI5QJQ5QJYlwNg-AJomANwrAN45PgBgAG49gGIAbj2AbABAbgBA8ABuaTvhAw~CBsQAhgBIOsCKOsCMM8DOGRomANwwgN4vPYBgAGQ9AGIAZD0AbABAbgBA8ABoqGbHQ~CAMQChgBIIIEKIIEMI8FOI4BUIIEWKoEYIIEaKsEcOIEeP2hB4AB0Z8HiAHIhBawAQG4AQPAAdSJ2YQN~CAwQBRgBIJMEKJMEMNoEOEZAlARIlQRQlQRYxQRgqARoxQRw2QR48CSAAcQiiAH5TLABAbgBA8ABqsu-jQM~CBwQChgBIKcFKKcFML4FOBdoqAVwvQV4ga4BgAHVqwGIAea4A7ABAbgBA8AByt7X7A8~CC8QBxgBIK8FKK8FMIMGOFRArwVIsAVQsAVY4QVgxAVo4QVw_QV4kAOAAWSIAWuwAQG4AQPAAfKtqq0C~CC8QBxgBIK8FKK8FMIUGOFVAsAVIsAVQsAVY4gVgxAVo4gVwhAZ4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQChgBIK0FKK0FMKUGOHlArQVIrQVQrQVY9QVgzAVo_AVwpQZ4-AOAAcwBiAHdAbABAbgBA8AB5Krg8AI~CBwQBhgBIIsGKIsGMMMGODhojAZwwgZ4rAKwAQG4AQPAAZSE4rUO~CBwQBhgBIIsGKIsGMMQGODlojQZwwwZ4rAKwAQG4AQPAAZSE4rUO~CAUQBRgBIPwFKPwFMNMIONcCaI0GcNEIeMNJgAGXR4gB1qkBsAEBuAEDwAGQx7LwCA~CAUQBRgBIM8FKM8FMPEIOKIDUNUFWOsFYNUFaOwFcN0IeOD1AYABtPMBiAHknwWwAQG4AQPAAZDHsvAI~CAUQBRgBILsFKLsFMMUJOIsEaOwFcIsJePHtAYABxesBiAHLgQWwAQG4AQPAAZDHsvAI~CAUQBRgBIMcFKMcFMMwJOIQEaOwFcKQJeI-KAoAB44cCiAHK1AWwAQG4AQPAAZDHsvAI~CAUQBRgBINoFKNoFMMoJOPADaO0FcL8JeJGAAoAB5f0BiAHL2AWwAQG4AQPAAZDHsvAI~CAUQBRgBIOEFKOEFMMcJOOUDaO0FcJcJeMWAAoABmf4BiAGX4AWwAQG4AQPAAZDHsvAI~CAUQBRgBII4GKI4GML4JOK8DaJAGcPMIeJbbAoAB6tgCiAGP0QmwAQG4AQPAAZDHsvAI~CAUQBRgBIOwFKOwFMOcJOPsDaPAFcNkJePbqAYAByugBiAHP9QSwAQG4AQPAAZDHsvAI~CBwQChgBILoKKLoKMPcKOD1oxApw8wp4xrADgAGargOIAdy0CbABAbgBA8AB8IeZ9A8~CBsQDSDhAjjnCsABjPPzyQ4~CC8QBxgBINIMKNIMMKYNOFRQ0wxYgw1g0wxogw1wpQ14kAOAAWSIAWuwAQG4AQPAAZv_iccH~CAwQBRgBINQMKNQMMO4MOBto1Qxw6Qx48CSAAcQiiAH5TLABAbgBA8ABmqP6wQ8~CC8QBxgBINIMKNIMMMYNOHRQ0gxYkg1g0gxokw1wvw14kAOAAWSIAWuwAQG4AQPAAfKtqq0C~CBsQBiD1DjibAsAByZixZA~CBsQBiD1DjieAsABpuaS7AQ~CBsQBiD2DjiVAsABiJ7C6w0~CBsQBiD2DjiOAsABzPqp8Qc~CBsQAiD4Djj5A8ABpYvXzgw~CBsQAiD4DjiPBMABtNvhhQk~CBsQAiD4DjiQBMABuNn36AM~CBsQBiD2DjicBcABtJOdoQE~CBsQBiD1DjjZBcABz52kjQg~CBsQBiD1DjjsBcAB6J73pAM~CBsQARgBIJgPKJgPMMsVOLMGwAGkoPylBw~CBsQARgBIKYQKKYQMMgVOKMFwAGkoPylBw~CBsQARgBILcRKLcRMMkVOJIEwAGkoPylBw~CBsQARgBIKsSKKsSMMkVOJ4DwAGkoPylBw~CBsQBiD2Djj5BsABw8fZlQs~CBsQBiD2DjjtCMABnPPJrg8~CBsQBiD1DjjCCsAB4I_J-Qc~CBsQBiD2Djj6DsABt9iEKg~CBsQBiD2DjjkD8ABirn1ogo~CBsQCDjdHsAB3rDZ-wQ~CCcQDRgBIN0eKN0eMIAfOCRo3R5wgB94-FmAAcxXiAGlc7ABAbgBA8AB8_LLrgs~CCcQChgBIIEfKIEfMLIfODHAAeLBm9oF~CCcQBRgBIOUhKOUhMPwhOBfAAZmVn6AL~CBsQBRgBIOYhKOYhMLQiOE3AAc_G2uIB~CBsQCiDcHjiPBcABucSNhg8~CAEQChgBIO4jKO4jMKMkODVo7iNwniR44qoDgAG2qAOIAeCSCrABAbgBA8AB3o6_mwE&met.1=1.l95dstvv~6.0~7.1~8.j~9.j~10.1t~11.12~12.1t~13.79~14.79~15.7b~16.be~17.be~18.bf~19.317~20.317~21.318~22.ae~23.ae
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221010&jk=928417129922921&bg=!h4SlhMDNAAYqRg79CkY7ACkAdvg8WvewCpVU7VTGHoP3pGbjba0EVN1WaQxh2Fn_kdhJva9EQ3Cz3gIAAABVUgAAAAJoAQeZArNhRWKg-gP55tt2xz62NmthT3G9R3lzRRoGgQNupLPGhfcQE-2k0ui7b0T8xkZpQrWbvonWPYz_vgE4YAA7AgatQoulyfh6fA6olMaSLErgUHL0oJM9eggvLC4v6OcpWeulIwfAoWpVR9y6TTGswdtgAZXJNKSR6Ya8Ny0n3MuEeVpox2WFWWPnoPgxphBzg_wnRMbKrXw3HqbwHNMa6Go2LfmRNUBQ9_X33RMF3F1GLxFEX29buJ1f2YDZUIvW809LpvM3SBvlONUllwIrKGaq1VmKRWkVttqoS5BMYBWN8WX_UO3YTpJPDpRDyjPMNEd2EywY8atLgBSA-a7na866rQqiOMCHA9k8_So4Um2Np7RiLSysMm8pcAe52E_GtQGB1TR-41sfCZh-zf7A2vFNvhQbca1KY7MLrj-LIlCA-yUcCwhTGYCLSEUV91p6GzeyLr5658oK1Ut8-KAxuFkRTzjvo2CwGH_31IhsCBcncjoRoAp796sg28EzIs1DY8MHEt7XO0PafW2_aNh_iFKCAKShzfW2X_chr8n-V9wZa7xKSayCLNZ1V7Tjo7OsAka9NnFbwMGJtkasB3jyxMG1Qadn40z2MkUy1vdIzyeE6bZdhAOIP_kNSoeeJU-WaKrDNwnLSigwxwcOFqvmTmiY-K_mAZ5gMaoUWBqFrODtlwArxhHmz6wLiQEagikE6zeNJ12WvUpKYAO9Vocp4TSUECGvEubAl9w8slFov02ZsIiVPDH8fe0eLwrwTQnbPypVfF3uo4QSFNnMD2oj1Rl6wpOPJXuiWHW9alnQXH9Y1lf-qF-rCBObl2cPxEjbr9IRDERtFlQqv_fO_MnWb6y0fkGQyGnaCq8XULXzpmzOwmZnFVHfUpqR3VDQe62XZx8S2f5hS80cxKi2SdbjuOXvrGaQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 384ms
282ms Ping
image/gif 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=6~l95dsxgx&c=928417129922921&e=44759876%2C44759927%2C44759842%2C42531706%2C31070256%2C31061691%2C31061693&ctx=1&met.3=166.3l4_3
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221010/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 48ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-9CBR5VC63K&gtm=2oeaa0&_p=1844102683&cid=1628939518.1665563999&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1665563998&sct=1&seg=0&dl=https%3A%2F%2Fkooora2day.online%2F&dt=%D9%83%D9%88%D8%B1%D8%A9%202%20%D8%AF%D8%A7%D9%8A%20%7C%20kora2day%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86%20%D8%8C%20%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1%20%D9%88%20%D9%86%D8%AA%D8%A7%D8%A6%D8%AC%20%D8%A7%D9%84%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA&en=scroll&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9CBR5VC63K
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://kooora2day.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Oct 2022 08:40:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kooora2day.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kooora2day.online/	1970-01-20 16:15:23	Name: tb Value: rndmtb
.kooora2day.online/	1970-01-20 16:15:23	Name: _ga_9CBR5VC63K Value: GS1.1.1665563998.1.0.1665563998.0.0.0
.kooora2day.online/	1970-01-20 16:15:23	Name: _ga Value: GA1.1.1628939518.1665563999
.kooora2day.online/	1970-01-20 16:00:59	Name: __gads Value: ID=f9e754e82a274f2e-22ff937143ce0075:T=1665563998:RT=1665563998:S=ALNI_MZAR2fGmtnQMD3mFFd4C4gIcqCJKA
.doubleclick.net/	1970-01-20 16:00:59	Name: IDE Value: AHWqTUmYmvTgEMLuWY1y2lNMCvj-Vqff1BxFqFMn3yQ_k8J9CfLQ5XWlveQWXzBuJog
.casalemedia.com/	1970-01-20 15:25:00	Name: CMID Value: Y0Z9X65NHVHtoUaxQ5knqQAA
.casalemedia.com/	1970-01-20 08:49:00	Name: CMPS Value: 1154
.casalemedia.com/	1970-01-20 08:49:00	Name: CMPRO Value: 1154
.adnxs.com/	1970-01-20 08:49:00	Name: uuid2 Value: 3708557347599257907
.adnxs.com/	1970-01-20 08:49:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVVqkOhb!]tbPl1M>e)ZlrFUfJ+tGXxpO_%Zp.9'zo<8zg.+OSO/4=AayT`dZnO4Q@xf3If)y3KL9D3I?+HcH??!
.doubleclick.net/	1970-01-20 06:39:27	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kooora2day.online/img/com.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kooora2day.online/img/tv.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kooora2day.online/img/champ.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
cdn.jsdelivr.net
cdn.rawgit.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
kooora2day.online
kora2day.online
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
142.250.186.162
185.59.220.194
185.80.39.216
2001:4860:4802:34::36
2404:6800:400a:805::2003
2606:4700:3035::ac43:aa61
2606:4700::6810:5914
2606:4700::6811:180e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a06:98c1:3120::9
37.252.173.22
0071d47d0a8887e01a161db0a9dc177876a91f023e4e662f8736572c6dbb55c8
00bb5b723dab69870efc1fe86d77a806480cca2164f0bd5f7ecd30619f1d756b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bea34f5f2b12cabeb9409475a19e9b6deb2cc4c54045ec75bfaab48c1a310a2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13e0fa139f142ba0536cb05f41c2f8041898dec667e91bfb86f132181f792c15
1722ceb5c77e83b3df2c08d03b07a086e59aee5404f3674ad86a57c133740e50
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19efc8b61ebe7bc3ef7a92042aa382385c69c747be3e3e022f6a1193d612b0c8
1aa740fd3bfb59da53608f0ad6fd3d68b22ff8f0a02346a76e9883d2559d7f79
24b88da02687f5436ca46111be2e264021130e660393d15449d273b24823de8e
2bb50004961baa5355fa82192c5fb82050a38f1f8868df934f727131ee8ba7d6
2f3c6c64eb56b362407eeb8660c3035ef78a0e81f2e075cab0961bf52c30a2fb
31f02fb9a8ae77e5d8bb229bf73f473f783e8155042655926cafca211cd11c98
32f3b79a00346f4f78be2842dea57617670343e510f4913dbd9d10a5e21b8eae
33f8a4f01d0f1275202b92a8af81d0bfa7f3aec43d4a0c42b9f4932a0b1ff8a0
3479c294ea8ac432b990be3a6e499a2e7e08a65cdbef40399c5403d91417aa1f
348506b1732f0ad74a010c86e70c7ad12a5237d1298a71952294faf2df148a69
35115a3d93830b1edc70caea518f1bb5da0941fabfb9a7124c5705bb7ae6e4a5
353c1e8cd3197a81367cb081a0c39e33dd6445ec15735e68b5833b65e2dd5e1e
35cfe141ff28f49f2437441d03db88901943ae0dac3c2b8f7300477402755e02
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3b0a56a279d2c33d885e2d26cfd89b86397680fbb493ac7d19971dc077a6d052
3f8852fc857fba4d1056e397fddc93afb86f61a8875cf2ff0054b406d2bdcfbf
3feccffd3fccb0f8ce7e454c8215a7d70e0af7e5abac9b27d5e7dadd52e29f44
410ede18b34dd10c6c515afdc7ad37b950a7a607c7d18fc5d03f5d2f51ab82a8
44e4c8cb35f090f7fcfa8934d54d243de324a91b1faf8e60d85846714dc1ec26
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4eb18d4a3dc3cf7b96c81faf4b6ec93fef85f16e3769225607dafc5d6aa197a5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5416aa063ddcbc70708d5e2f440b09ffa9b0e93d4327725db10c6100c9f5f7c3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5ba5522522fa0512ede6b11a096f57bf0fc1de3340577b84b2ab4fef535915b4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cbc39726381687bd46e48378e529dce4be3b8558d86b15eb037660c21c72c8a
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68b5ced034948d22e3879e4c02849d73d54c6697b4d0f7c1f64d777090752234
6936ea19849e01173fad2dce719bf902cd609ea52610e2a14ede6496082cb4a6
6b54fec2159920fccd0a99412ef3ffb65b034a6c59e814b36c825ab899b0591c
6daa6a5ae9a36124f29a0424ef183f1c5a81a258ff565b71aeb3ad0de4f7d413
6ee6b835b1a8bb878a2e9696ea68c22ac2be9de8050b096f419c49c731cc2640
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
7a2666d49e3217edc365cfd57f00673ffb2b9e3752d418b3ddae54a5006ca82c
86ce3d71ee67691cb5f5655c3ad45e0e09f5f39abd51d51d3686f4ed199dc710
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8f2b6f16df08cd88e3875a62dde6b2cfc7d327ce401a43e8cf0266e67afe0b4c
922be0b50931e80e085c694bb41350c216641b246b763293b8ccd9317296ebcd
948d46866167f73d90da2bec3a6fd22cb2af32def3cb7400c87a92478e52045e
96987a1380a20a0a52700ba526d4c2c28f2dac1c18a12bdac59bf47cc8526b6f
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9d458e9694d76da132a0764d51f5f80198ef0f8f3968c6168a102d72160139af
9feafa033b9e4149e6fee5caa77dbe2c84f80dcfd7e29405d38ef3131149ba5b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a139caebc5a7c4bf78945ba3f22a3ae9981e5e8d6f10a2f6235d07a438eb0c41
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a9a0779d8a973fa6302d6cb434344534ce297b0b574320383df8454a47c979cf
aae17fe25af8cf90dd182e1146853d1c33f5d05f72b1362a80295ba11ffd9703
ad3a1a418ac23d60ba83d570787eb92d726d89c08fbd2da8dbf1417230554d87
b07413d2f47e70984b2db48bc69768960567e80fbc8f519b4922c06dad0a936b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24b4cfae6d6f3068fd85da852f74811870498989ab13dabc02ea3a1f048ea2a
b3c218f921126409f2f4a82b74458117039037330ffb76b30df5c6062b353a90
b55d7551c41ac02b33b2212148fc04a86d055f54a8e5630f6df58e80d5b4b4c1
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
b995f724cdeb64c9b8b6a9915c19f9192223a04c13286d6f145754339cae9723
bb634d4f1498400e543624543c1b96ddbf8d05d626cec1a203a5c6a55536b8e2
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c42c66b02cbe31b8cb5e81f0899aa8bd9aa5f29548a8495e17713fe4ac85f753
c6826494432163d74fd27e78ad011a13d55e4670441cd49fc9f1e52a4afd28d9
c73e32112ded71759b5985f0025184e985ff1562d994458b37b93452ec1b6e9e
c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46
c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036
c9948987a5b4feb2a6af748297c3388744fac9031b1a62125044592749804f61
d2f1b8bd2eb14a4bfb2496566389f0de0857566996258dbd88b9515dd881ea30
d772805f78c8f21bfa3cf08ccd88d26499a98842c6cc54e1b66388e8d3d79601
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8c224fb222f6a5c316cc4df16c2956060f96961a06f1d61919a465419614a6a
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
dff340d1c6e8131192239fa6871c82165a07d6fd468e85b2633ef2a82f1db2f3
e06ceae590196303c9d46c59ff0e87ee08892a6a39ffae841bcf924329ae85cc
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f04e65f51faa47a606d70665a31043b8af1f93433fd56bcd9f77f5f620cbdb
ebb35848f6b96f0595868b16cc39bfa325919d85003faba12368858aa81ce103
ed781dbf27d8ec0d80e33ff08d167e2300a435e5322d1134bfc3cd21b613e3f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d0183224947491a726527bce158846032a026a8c79ab78ebf1443431d5a8e9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fae111500cc7ac97add95d1e3338f4b5d722991c712983632339b50c37fb3c59

kooora2day.online Open in urlscan Pro 2a06:98c1:3120::9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

196 Requests

91 %HTTPS

79 %IPv6

18 Domains

25 Subdomains

23 IPs

4 Countries

2490 kBTransfer

6143 kBSize

11 Cookies

0 Outgoing links

Redirected requests

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kooora2day.online Open in urlscan Pro
2a06:98c1:3120::9 Public Scan

Screenshot
Live screenshot

Full Image

196
Requests

91 %
HTTPS

79 %
IPv6

18
Domains

25
Subdomains

23
IPs

4
Countries

2490 kB
Transfer

6143 kB
Size

11
Cookies

196 HTTP transactions
14 data transactions