go4kora.com Open in urlscan Pro
2606:4700:3037::ac43:b587 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news4koora.ga/
Effective URL:
https://go4kora.com/
Submission: On June 02 via manual (June 2nd 2022, 6:20:01 am UTC) from CH — Scanned from NL

Summary HTTP 466 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 74 IPs in 12 countries across 60 domains to perform 466 HTTP transactions. The main IP is 2606:4700:3037::ac43:b587, located in United States and belongs to CLOUDFLARENET, US. The main domain is go4kora.com.
TLS certificate: Issued by E1 on April 15th 2022. Valid for: 3 months.

This is the only time go4kora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 52	103.145.13.87 103.145.13.87	213371 (SQUITTER-...) (SQUITTER-NETWORKS)
6	2606:4700:303... 2606:4700:3037::ac43:b587	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
36	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
44	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
8	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
2	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:680c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1 4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6837	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	52.206.189.87 52.206.189.87	14618 (AMAZON-AES) (AMAZON-AES)
3	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
10	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 31	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3 9	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1 2	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
1	141.95.4.200 141.95.4.200	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:f34e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:350... 2a02:26f0:3500:698::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	54.85.47.27 54.85.47.27	14618 (AMAZON-AES) (AMAZON-AES)
12	2a00:1450:401... 2a00:1450:4013:c05::78	15169 (GOOGLE) (GOOGLE)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 22	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
5 8	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	2600:9000:223... 2600:9000:223f:2800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a00:ff0:1234... 2a00:ff0:1234:3::d	41494 (INTERLAN) (INTERLAN)
1 1	2a00:1450:401... 2a00:1450:4012:4::13	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:8::9	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:8660:50c1:ac48:83f2	16509 (AMAZON-02) (AMAZON-02)
1 1	45.9.24.193 45.9.24.193	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1	34.241.99.155 34.241.99.155	16509 (AMAZON-02) (AMAZON-02)
2 2	54.247.7.78 54.247.7.78	16509 (AMAZON-02) (AMAZON-02)
6	52.55.132.212 52.55.132.212	14618 (AMAZON-AES) (AMAZON-AES)
2 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1 1	150.136.25.38 150.136.25.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 2	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.35.228.201 23.35.228.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.88.75.189 23.88.75.189	24940 (HETZNER-AS) (HETZNER-AS)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:401... 2a00:1450:4012::15	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	23.35.228.247 23.35.228.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.33.221.119 185.33.221.119	29990 (ASN-APPNEX) (ASN-APPNEX)
18	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	18.193.44.114 18.193.44.114	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	185.48.9.141 185.48.9.141	50607 (EPIX-KTW-...) (EPIX-KTW-GLOBALMIX)
2	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	() ()
1 2	2a02:2638::1c 2a02:2638::1c	() ()
1	178.250.2.146 178.250.2.146	() ()
466	74

52 103.145.13.87 (Netherlands) 2 redirects

ASN213371 (SQUITTER-NETWORKS, NL)

news4koora.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::ac43:b587 (United States)

ASN13335 (CLOUDFLARENET, US)

go4kora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.aplhb.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:680c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

tg1.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:6837 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.206.189.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-189-87.compute-1.amazonaws.com

servt.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.38.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.4.200 (France)

ASN16276 (OVH, FR)
PTR: ip200.ip-141-95-4.eu

storage.de.cloud.ovh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f34e (United States)

ASN13335 (CLOUDFLARENET, US)

signup.adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:698::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.47.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-47-27.compute-1.amazonaws.com

serv.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4013:c05::78 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.217.16.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.52.2.48 (United States) 5 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:2800:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:ff0:1234:3::d (Romania) 1 redirects

ASN41494 (INTERLAN, RO)

r2---sn-pouxga5o-vu2s.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4012:4::13 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

r3---sn-axq7sn76.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:8::9 (Ireland)

ASN15169 (GOOGLE, US)

r4---sn-5hneknee.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:8660:50c1:ac48:83f2 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.24.193 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

google-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.99.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-99-155.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.7.78 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-7-78.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.55.132.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-132-212.compute-1.amazonaws.com

servs.modoro360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Utrecht, Netherlands) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.25.38 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.50 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.75.240.210 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.189 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.189.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4012::15 (Ireland)

ASN15169 (GOOGLE, US)

r3---sn-axq7sn7e.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.228.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.119 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.44.114 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-44-114.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.48.9.141 (Brzeznica, Poland)

ASN50607 (EPIX-KTW-GLOBALMIX, PL)
PTR: cache.google.com

rr2---sn-x2pm-3ufr.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 bid.g.doubleclick.net — Cisco Umbrella Rank: 473 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271 pubads.g.doubleclick.net — Cisco Umbrella Rank: 479	479 KB
74	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	624 KB
52	news4koora.ga 2 redirects news4koora.ga	2 MB
36	demand.supply live.demand.supply — Cisco Umbrella Rank: 31898	83 KB
31	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com	291 KB
26	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42 imasdk.googleapis.com — Cisco Umbrella Rank: 381 ajax.googleapis.com — Cisco Umbrella Rank: 277	3 MB
22	modoro360.com tg1.modoro360.com — Cisco Umbrella Rank: 136913 servt.modoro360.com — Cisco Umbrella Rank: 129581 serv.modoro360.com — Cisco Umbrella Rank: 160971 servs.modoro360.com — Cisco Umbrella Rank: 238750	12 KB
21	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 886 r3---sn-axq7sn7e.c.2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 242	3 MB
17	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 308	217 KB
10	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 280 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1099	81 KB
8	lijit.com 5 redirects ap.lijit.com — Cisco Umbrella Rank: 575	4 KB
8	adipolo.com player.aplhb.adipolo.com — Cisco Umbrella Rank: 157776 ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 175218 signup.adipolo.com — Cisco Umbrella Rank: 248971	215 KB
8	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 671	228 KB
6	go4kora.com go4kora.com	63 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518	5 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1452 id5-sync.com — Cisco Umbrella Rank: 600	24 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	183 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 730 gum.criteo.com mug.criteo.com	8 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 977 eus.rubiconproject.com — Cisco Umbrella Rank: 530 token.rubiconproject.com — Cisco Umbrella Rank: 644	11 KB
4	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 391 ib.adnxs.com — Cisco Umbrella Rank: 214	4 KB
4	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452 ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	2 KB
4	gvt1.com 3 redirects redirector.gvt1.com — Cisco Umbrella Rank: 1311 r2---sn-pouxga5o-vu2s.gvt1.com r3---sn-axq7sn76.gvt1.com r4---sn-5hneknee.gvt1.com — Cisco Umbrella Rank: 471986	945 KB
4	aniview.com player.aniview.com — Cisco Umbrella Rank: 1891	205 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	148 KB
4	greeter.me jscdn.greeter.me — Cisco Umbrella Rank: 162222	19 KB
3	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 499	1 KB
3	google.nl adservice.google.nl — Cisco Umbrella Rank: 13373	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	87 KB
2	criteo.net static.criteo.net	56 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 111	91 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	53 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 539	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 753 s.tribalfusion.com — Cisco Umbrella Rank: 2251	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 802	2 KB
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 413 image6.pubmatic.com — Cisco Umbrella Rank: 564	6 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 622	773 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	959 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 691	884 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 624	65 KB
1	googlevideo.com rr2---sn-x2pm-3ufr.googlevideo.com — Cisco Umbrella Rank: 889789	3 MB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 409	864 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 794	272 B
1	openx.net u.openx.net — Cisco Umbrella Rank: 699	305 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 741
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 637	600 B
1	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 4843	17 KB
1	technoratimedia.com 1 redirects sync.technoratimedia.com — Cisco Umbrella Rank: 1009	407 B
1	adsafeprotected.com unified.adsafeprotected.com — Cisco Umbrella Rank: 1703	5 KB
1	emxdgt.com cs.emxdgt.com — Cisco Umbrella Rank: 837	59 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 883	478 B
1	rutarget.ru 1 redirects google-sync.rutarget.ru — Cisco Umbrella Rank: 181577	574 B
1	avads.net 1 redirects ads.avads.net — Cisco Umbrella Rank: 24474	443 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2610	1 KB
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2317	552 B
1	ovh.net storage.de.cloud.ovh.net — Cisco Umbrella Rank: 204895	15 KB
1	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 10169	61 KB
1	adtelligent.com player.adtelligent.com — Cisco Umbrella Rank: 5092	5 KB
0	netmng.com Failed google2waycm.netmng.com Failed
466	60

	Domain	Requested by
52	news4koora.ga	2 redirects go4kora.com news4koora.ga
38	pagead2.googlesyndication.com	live.demand.supply www.googletagservices.com 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com srcdoc go4kora.com s0.2mdn.net securepubads.g.doubleclick.net
36	live.demand.supply	go4kora.com live.demand.supply
31	tpc.googlesyndication.com	1 redirects go4kora.com 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com s0.2mdn.net
26	securepubads.g.doubleclick.net	jscdn.greeter.me www.googletagservices.com securepubads.g.doubleclick.net go4kora.com 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
22	cm.g.doubleclick.net	3 redirects go4kora.com 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com googleads.g.doubleclick.net
18	s0.2mdn.net	go4kora.com s0.2mdn.net imasdk.googleapis.com
18	imasdk.googleapis.com	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com player.aniview.com imasdk.googleapis.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com go4kora.com 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
14	pubads.g.doubleclick.net	imasdk.googleapis.com
14	servt.modoro360.com	go4kora.com player.aniview.com
12	csi.gstatic.com	imasdk.googleapis.com www.gstatic.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	www.google.com	3 redirects go4kora.com 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com tpc.googlesyndication.com
8	ap.lijit.com	5 redirects player.aniview.com
8	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com
8	c.amazon-adsystem.com	live.demand.supply c.amazon-adsystem.com
8	maxcdn.bootstrapcdn.com	go4kora.com maxcdn.bootstrapcdn.com
7	fonts.gstatic.com	fonts.googleapis.com
6	servs.modoro360.com	player.aniview.com vid.vidoomy.com
6	www.gstatic.com	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
6	fonts.googleapis.com	news4koora.ga 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
6	go4kora.com	go4kora.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	jscdn.greeter.me 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
5	player.aplhb.adipolo.com	jscdn.greeter.me player.aplhb.adipolo.com
4	player.aniview.com	player.avplayer.com player.aniview.com
4	www.googletagmanager.com	go4kora.com www.googletagmanager.com
4	jscdn.greeter.me	go4kora.com
3	sync.1rx.io	2 redirects player.aniview.com
3	ups.analytics.yahoo.com	2 redirects player.aniview.com
3	id5-sync.com	cdn.id5-sync.com
3	adservice.google.nl	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	go4kora.com connect.facebook.net
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	player.aniview.com static.criteo.net
2	i.ytimg.com	imasdk.googleapis.com
2	www.youtube.com	s0.2mdn.net www.youtube.com
2	ajax.googleapis.com	s0.2mdn.net
2	googleads4.g.doubleclick.net	go4kora.com
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	ib.adnxs.com	1 redirects googleads.g.doubleclick.net
2	r3---sn-axq7sn7e.c.2mdn.net	go4kora.com
2	eus.rubiconproject.com	player.aniview.com eus.rubiconproject.com
2	secure.adnxs.com	2 redirects
2	ad.360yield.com	2 redirects
2	eb2.3lift.com	2 redirects
2	s.ad.smaato.net	2 redirects
2	encrypted-tbn3.gstatic.com	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
2	encrypted-tbn2.gstatic.com	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	cdn.id5-sync.com	go4kora.com securepubads.g.doubleclick.net
2	ghb.aplhb.adipolo.com	player.aplhb.adipolo.com
2	code.jquery.com	go4kora.com
1	mug.criteo.com
1	rr2---sn-x2pm-3ufr.googlevideo.com
1	s.tribalfusion.com	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	gcdn.2mdn.net	1 redirects
1	bidder.criteo.com	player.aniview.com
1	csync.loopme.me	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	u.openx.net	player.aniview.com
1	onetag-sys.com	player.aniview.com
1	ads.stickyadstv.com	player.aniview.com
1	vid.vidoomy.com	player.aniview.com
1	ads.pubmatic.com	player.aniview.com
1	sync.technoratimedia.com	1 redirects
1	unified.adsafeprotected.com	imasdk.googleapis.com
1	cs.emxdgt.com	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
1	sync.go.sonobi.com	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
1	google-sync.rutarget.ru	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	r4---sn-5hneknee.gvt1.com	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
1	r3---sn-axq7sn76.gvt1.com	1 redirects
1	r2---sn-pouxga5o-vu2s.gvt1.com	1 redirects
1	redirector.gvt1.com	1 redirects
1	ads.avads.net	1 redirects
1	a.rfihub.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	encrypted-tbn1.gstatic.com	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
1	encrypted-tbn0.gstatic.com	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	serv.modoro360.com	player.aniview.com
1	signup.adipolo.com	go4kora.com
1	storage.de.cloud.ovh.net	go4kora.com
1	player.avplayer.com	tg1.modoro360.com
1	player.adtelligent.com	player.aplhb.adipolo.com
1	tg1.modoro360.com	jscdn.greeter.me
0	google2waycm.netmng.com Failed	30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
466	96

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
t.me
www.instagram.com
chat.whatsapp.com
www.snapchat.com

Subject Issuer	Validity	Valid
*.go4kora.com E1	`2022-04-15` - `2022-07-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
news4koora.ga R3	`2022-04-15` - `2022-07-14`	3 months	crt.sh
greeter.me E1	`2022-05-20` - `2022-08-18`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-11` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
player.aplhb.adipolo.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
ghb.aplhb.adipolo.com ZeroSSL ECC Domain Secure Site CA	`2022-04-11` - `2022-07-10`	3 months	crt.sh
wl1.aniview.com R3	`2022-05-23` - `2022-08-21`	3 months	crt.sh
cdn.id5-sync.com R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
player.adtelligent.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
outstreamedia.com R3	`2022-05-08` - `2022-08-06`	3 months	crt.sh
*.adservrs.com Amazon	`2022-04-26` - `2023-05-25`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-05-28` - `2023-05-28`	a year	crt.sh
storage.de.cloud.ovh.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-22` - `2023-02-22`	a year	crt.sh
signup.adipolo.com Cloudflare Inc ECC CA-3	`2021-08-07` - `2022-08-06`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2022-05-18` - `2023-06-19`	a year	crt.sh
wrapper-vast.adsafeprotected.com Amazon	`2021-11-18` - `2022-12-16`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-06` - `2022-09-05`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googlevideo.com GTS CA 1C3	`2022-05-24` - `2022-08-02`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh

This page contains 67 frames:

Primary Page: https://go4kora.com/
Frame ID: EBC4B7D0B8441F5F7F85BB1DE9D132C9
Requests: 211 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220531/r20190131/zrt_lookup.html
Frame ID: C8F4581147081452C6C0416EA60CF73A
Requests: 1 HTTP requests in this frame

Frame: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 532E0930A504D92E5D40F830BAFC6442
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Frame ID: 26B3BC980A77636A1FDD195CE3B213F4
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_rbd_n-Beeswax_cnv_n-Outbrain&dcc=t
Frame ID: 4780FEBF6F278BFAA1FFA4DD08B5432A
Requests: 1 HTTP requests in this frame

Frame: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EF635302A621EEA38927F443A744F257
Requests: 5 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Frame ID: FFE5163D52BDD0C44076F79B0654AC5F
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1B326FD664D8B5E239AA3E9ACE7845E0
Requests: 8 HTTP requests in this frame

Frame: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FF72507BBC93BF3EAF77C3A234A5FA4D
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 97ED6290EFEF898810143F5C0C66E2F0
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs
Frame ID: 412206666D958D18A6AECBED886586FD
Requests: 12 HTTP requests in this frame

Frame: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 75F2E8FCA2AA420F5328AE27CED98540
Requests: 31 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51CA6C49FF632363170E68408AB5D071
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DA363E18E2A924BB2E5BCB8E0D2FFF06
Requests: 9 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1654150793394-911564553145-006037-012-007319&key=41fd0c86-d88f-42e8-bb83-7c6a076e5301
Frame ID: 517B4857EB1850D621D06BD7BE1511A3
Requests: 1 HTTP requests in this frame

Frame: https://sync.1rx.io/usersync2/?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D13%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%5BRX_UUID%5D
Frame ID: 42029387BB5082D87A9F0713D4D1622D
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1654150793394-911564553145-006037-012-007319&key=OPTOUT
Frame ID: A6955ECB2C38A3228A161B87EAFB45B8
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1654150793394-911564553145-006037-012-007319&key=GDPR
Frame ID: 7A748643DE202D8294347C1B772552D8
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=55&auid=1654150793394-911564553145-006037-012-007319&key=4239826597430955658
Frame ID: 39C40E3F10DC5C702F7255BAC7919B15
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D
Frame ID: E7E9BB0232EB76129BFAB264FB03DE63
Requests: 2 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1654150793394-911564553145-006037-012-007319&key=695888fedbd905725c7435d47f09da36
Frame ID: 65DD33CB408EE57BFB1089253340CF6E
Requests: 2 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/user-matching?id=&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 81B1D082928B6488BEBDA43B384362EC
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%24UID
Frame ID: 1EBDEBCC5A791E2E474F1DAC2A339438
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: D6C54B09D4CE16D5CCC8447D816B900E
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups//occ?gdpr=1&gdpr_consent=
Frame ID: 35A63B0B0CA83C037762124EDA6F4768
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D23%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D
Frame ID: 6FEFD732EE86F7720672BD9AD315E40E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Frame ID: 17FAA5FBAFD118E268A5CD61423B5B01
Requests: 3 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1654150793394-911564553145-006037-012-007319&key=1d94e503-2555-4b1a-9495-c4ac165f17bf
Frame ID: 2E9CB97FFB2CF5C6D73FA44DC0A24A31
Requests: 1 HTTP requests in this frame

Frame: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 099A7AE56C167A10BDAC35C4B42178B8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCC4EIYu8mJDDAB&v=APEucNWBhVXLpD8rjgp5CrVOUI1H-m13wNuWYa7FKltpmDH_Bi49TU1d4sDxUbrZD09UxIIKFgFP2Nr2irIytTRgNIJnuC4wirEPPmSYQBQlHZ4SVMENlv9n-r00S4U1D2bzBT9oXTxfSXmVh4nbdVzhfThJbdadE-jRPoAubAfXIZcWwTvBmuk
Frame ID: E9068EB5E49454B52AFBA38E0E3CF760
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 49158A02838E79E8140B707951826337
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D72D8B2874AC6576C7873561D9DAA08A
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C62B710ACBEB75B1D7B76161F11A57E3
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
Frame ID: 1F5494E12A016B63E38CACEEE371C507
Requests: 22 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 954B4E98F35B8213E33A37C2E92EACF5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 0AC469FF1103D0762E8E721FD779ACBF
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 6A2ADBD6702461C51C82CE1F418D842B
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 0AD4A518085BFA2BA1BC4BA2DE803771
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 68FBE4A5379259DA5B26B443FDE27E93
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1568F6B3FAE0EB323BDD0B554AFD1A7B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C21BFC9C5F1519C7082DED2BA4B162BA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 84BA8DE5C530A15F88D9AD30ECC89576
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: DE9221BE85AD875CB998810FCDD0F4CB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7E6C51A7F0E890FF1656AB9E1043F741
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js
Frame ID: 37AF7663C9ED46C1E388FB345E37A7AA
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13525622
Frame ID: F5370E6B6C986FA23C3027F30F30CF50
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: DEBF6E7977B135F72DAD02E4CEB7AE26
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CDB838C03A1AB262505856922073B93D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js
Frame ID: 7789E2A543E92C7B9407537E04053D09
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CA9A6FAEA8E5E6A3017DCAED6D03F502
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A221EA8459E0F0FA9C850B51E0342595
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: A775D4575FED676FF2486BCAE51C9D93
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A31D8B9034FBD78D96B87B86EA0B9F52
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 37EA4235E5E135C6E363B2B69A6F309B
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 82A4650D56B767E08F36356BB6A59EAD
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 276F13AE399CB9DD5C969400D406D1C4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 258EE1A6A93D9F107C72A54AABF42968
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 49C43D3125BD06E3C64845551854DE76
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1C1E1850ECA26AC796E241B77C3F12B3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 8F84CC27FFA5C8E096AD0BC75F0863E1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 930F910BA8077063D5DC8391AC6EA8E7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 6A205C8B5724635A8F82493C913863AC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4BC58D18F3BE50BD2A9C1E15DDCB7353
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/simid/simid_trueview_en.html
Frame ID: E1A868CC38606D5A80C883A880EA72FD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/simid/simid_trueview_en.html
Frame ID: 84779949FF765D083D28C30D5CA4C579
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 6DEFF2F6F67D7C84BDB0E6148C5EA2A2
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=go4kora.com
Frame ID: C8BCBC23AEF59BCC60C573EB1896CFE8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

موقع جو فور كورة : عالم كرة القدم بين يديك

Page URL History Show full URLs

http://news4koora.ga/ HTTP 301
https://news4koora.ga/ HTTP 302
https://go4kora.com/ Page URL
https://go4kora.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

466
Requests

93 %
HTTPS

49 %
IPv6

60
Domains

96
Subdomains

74
IPs

12
Countries

15081 kB
Transfer

28390 kB
Size

53
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/go4kora.official

Search URL Search Domain Scan URL

URL: https://twitter.com/go4koraofficial

Search URL Search Domain Scan URL

URL: https://t.me/go4koralive

Search URL Search Domain Scan URL

URL: https://www.instagram.com/go4kora/

Search URL Search Domain Scan URL

URL: https://chat.whatsapp.com/Kd3JB8qI2fe24fuuetI2HF

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/go4kora

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news4koora.ga/ HTTP 301
https://news4koora.ga/ HTTP 302
https://go4kora.com/ Page URL
https://go4kora.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://news4koora.ga/ HTTP 301
https://news4koora.ga/ HTTP 302
https://go4kora.com/

Request Chain 181

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_rbd_n-Beeswax_cnv_n-Outbrain HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_rbd_n-Beeswax_cnv_n-Outbrain&dcc=t

Request Chain 191

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 234

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 247

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 266

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_k6y8NRD6CBjYBDIIRJVc5WGWHu8 HTTP 301
https://tpc.googlesyndication.com/simgad/4283760800443958948

Request Chain 270

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEHiHVRoPSDN6i4AeJMEqOEo&google_cver=1&google_push=AYg5qPKowEK1CYVJ4V5p74zF7ztVV4Jn0gqSYf1gp38GXSSI-oic7qzxnDQ9SzcnqLDxArKhR29pD-YyMbIoh7IztMaqnrnSldfEEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKowEK1CYVJ4V5p74zF7ztVV4Jn0gqSYf1gp38GXSSI-oic7qzxnDQ9SzcnqLDxArKhR29pD-YyMbIoh7IztMaqnrnSldfEEQ

Request Chain 271

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMFWWb_0khf3myjmWwew_Hk&google_cver=1&google_push=AYg5qPKl_ah0LL73zAR0dMziuHD-QKpsMWP_Qt27kU6tpWzBjjv-fjJ6tALJYaAsmF66yc66KCLS2HvlNCjR4DIUvbJoheM9_ivT HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMFWWb_0khf3myjmWwew_Hk&google_cver=1&google_push=AYg5qPKl_ah0LL73zAR0dMziuHD-QKpsMWP_Qt27kU6tpWzBjjv-fjJ6tALJYaAsmF66yc66KCLS2HvlNCjR4DIUvbJoheM9_ivT&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKl_ah0LL73zAR0dMziuHD-QKpsMWP_Qt27kU6tpWzBjjv-fjJ6tALJYaAsmF66yc66KCLS2HvlNCjR4DIUvbJoheM9_ivT&google_hm=EvfbtGZHx0D3Kb_kQXKUJPCa

Request Chain 272

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECa-zPHGv7APFwtAwm8Gqd8&google_cver=1&google_push=AYg5qPITrFlsXlRa8pbn7oCOjE0rYOYnREAhc8hIr-O358wkKToH1vayqKDdwpJ4NyI7AWdXJ3M3AIqHuY9aGnZr7DdO4_IGpC3FFQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPITrFlsXlRa8pbn7oCOjE0rYOYnREAhc8hIr-O358wkKToH1vayqKDdwpJ4NyI7AWdXJ3M3AIqHuY9aGnZr7DdO4_IGpC3FFQ

Request Chain 273

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFdZ9aIpjddAgst4XciJQeE&google_cver=1&google_push=AYg5qPIFAM3fRPIvbm9gfZAn0dOJr7RpBVQC36ajXPPVEZjHRhazUXoM3mzQ3yi5KpHtPbxO2jT9ng_U8vSshWNrnPkFuaaOt31T9Q HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPIFAM3fRPIvbm9gfZAn0dOJr7RpBVQC36ajXPPVEZjHRhazUXoM3mzQ3yi5KpHtPbxO2jT9ng_U8vSshWNrnPkFuaaOt31T9Q&google_gid=CAESEFdZ9aIpjddAgst4XciJQeE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1OTkxNTc5OTk1OTE2NjI1MTgzOQ%3D%3D&google_push=AYg5qPIFAM3fRPIvbm9gfZAn0dOJr7RpBVQC36ajXPPVEZjHRhazUXoM3mzQ3yi5KpHtPbxO2jT9ng_U8vSshWNrnPkFuaaOt31T9Q

Request Chain 274

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOVgpXfLTXRyxgbtAyA_7z4&google_cver=1&google_push=AYg5qPJT2CHGcPfwKtvzQ3K-k4kqfoN9I-e85cXQ2bcSq2XHZB_ylthgJ1JwgKwC6ucrEAW_mDYyCGBsxRd-cFXNZ-g-p8tcQUOuhQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJT2CHGcPfwKtvzQ3K-k4kqfoN9I-e85cXQ2bcSq2XHZB_ylthgJ1JwgKwC6ucrEAW_mDYyCGBsxRd-cFXNZ-g-p8tcQUOuhQ&google_hm=NjU2MDQ4Njc5NjAzNTA0NDM2Mw==

Request Chain 275

https://ads.avads.net/sync/ggl?google_gid=CAESEHMXQYxoiN1UJL_TB0huRIE&google_cver=1&google_push=AYg5qPKhSRGOG11heyukiYl3eghQldEHKaNdX9VI0bYNPdYjZ05AT-bwZSVe86O5ejM4HUV_MuCgLIOQOVGKXAS2DzMgK8yonvkNasM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWE5NmNkYTItYTBiMi00Mzg4LWJlZDQtZGQ0ZGJhYTIxZDkx&google_push=AYg5qPKhSRGOG11heyukiYl3eghQldEHKaNdX9VI0bYNPdYjZ05AT-bwZSVe86O5ejM4HUV_MuCgLIOQOVGKXAS2DzMgK8yonvkNasM

Request Chain 278

https://redirector.gvt1.com/videoplayback?id=50b3c903ada673f6&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1654157993&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=0FD328DACAF66D6B449AA032CCDCF44DC41F3881.B487D91E552F2661D375968A7E51A80FE4259673&key=ck2 HTTP 302
https://r2---sn-pouxga5o-vu2s.gvt1.com/videoplayback?id=50b3c903ada673f6&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654157993&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=43A826184CA7B6FC27CF18F291F588C0C03B3E0F.62C3CC88E76FE03E09A2883FF1F7457ABDEB5779&key=cms1&cms_redirect=yes&mh=Ad&mip=2a00:1630:2:608::2&mm=28&mn=sn-pouxga5o-vu2s&ms=nvh&mt=1654150022&mv=u&mvi=2&pl=32 HTTP 302
https://r3---sn-axq7sn76.gvt1.com/videoplayback?id=50b3c903ada673f6&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654157993&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=62D1546FAB419C91937B7AEE7013903884417F56.7D8DE7EEC79BDAB7EE86DA44B6CF92A149D7F92B&key=cms1&mh=Ad&pl=32&redirect_counter=1&cm2rm=sn-pouxga5o-vu2s7l&req_id=9964fe9b914036e2&cms_redirect=yes&mip=2a00:1630:2:608::2&mm=42&mn=sn-axq7sn76&ms=onc&mt=1654150302&mv=u&mvi=3 HTTP 302
https://r4---sn-5hneknee.gvt1.com/videoplayback?id=50b3c903ada673f6&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654157993&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=57B92CE63BF44DB895C99A7DEA9AEA7117AB33AF.28F38D0A0EE03465F1F5477CCC285F412A5C6120&key=cms1&mh=Ad&pl=32&cm2rm=sn-pouxga5o-vu2s7l,sn-axqd7s&req_id=9964fe9b914036e2&redirect_counter=2&cms_redirect=yes&mip=2a00:1630:2:608::2&mm=34&mn=sn-5hneknee&ms=ltu&mt=1654149965&mv=u&mvi=4

Request Chain 283

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI9bspcIh15YhNgD10v5OUI&google_cver=1&google_push=AYg5qPIRNn6r-sfeABIb9ciwEJUVJv7FF3zwH6VnZ2gWYKzQQZHZO6gdilXzcaTOsDEityWbfAClhOl2WecyxB83Wtvb5VqEcLE4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIRNn6r-sfeABIb9ciwEJUVJv7FF3zwH6VnZ2gWYKzQQZHZO6gdilXzcaTOsDEityWbfAClhOl2WecyxB83Wtvb5VqEcLE4&google_hm=NjQ0MTEyMTM4MzQ5NjYxNDExMg%3D%3D

Request Chain 284

https://google-sync.rutarget.ru/sync?google_gid=CAESEH228L0N9eF4kAA5zbV0xWM&google_cver=1&google_push=AYg5qPLIWbqN0ByvQy3Z2qh762qaZUbkxQHPG12sGPmM_k1JQ0nFLrl-pjD7DsmlDsdUjwpLfjgKAE4MgpgmvQRLghsXu52yjs29 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=SlQ5a01QWXFvWjRt&google_ula=2046794&google_push=AYg5qPLIWbqN0ByvQy3Z2qh762qaZUbkxQHPG12sGPmM_k1JQ0nFLrl-pjD7DsmlDsdUjwpLfjgKAE4MgpgmvQRLghsXu52yjs29

Request Chain 286

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPn-q4r8wvPq8bGzNz-vAeI&google_cver=1&google_push=AYg5qPLVHRM8uvhfzPkLJfo7mVvao3rFgoXnpMGugNdl-GRSG8D3jHepd2RTPJ8oUraub3qNiwgPozhMP33ynZRFX6YskSU9MmvZkQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPn-q4r8wvPq8bGzNz-vAeI&google_cver=1&google_push=AYg5qPLVHRM8uvhfzPkLJfo7mVvao3rFgoXnpMGugNdl-GRSG8D3jHepd2RTPJ8oUraub3qNiwgPozhMP33ynZRFX6YskSU9MmvZkQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLVHRM8uvhfzPkLJfo7mVvao3rFgoXnpMGugNdl-GRSG8D3jHepd2RTPJ8oUraub3qNiwgPozhMP33ynZRFX6YskSU9MmvZkQ&google_hm=EvfbtGZHQCcxCnLVTcmB7E7y

Request Chain 287

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEyPClbYQEblA5abd5jqSUU&google_cver=1&google_push=AYg5qPKJML_hyNPqsy0IvoOwyAgO4afygAJ8hF-OiOtRrCXCqtlCcu0erT5GX6aMJwENBkMzYLp3007TU3ACA3c3E30JcSyWM_NSiQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKJML_hyNPqsy0IvoOwyAgO4afygAJ8hF-OiOtRrCXCqtlCcu0erT5GX6aMJwENBkMzYLp3007TU3ACA3c3E30JcSyWM_NSiQ

Request Chain 288

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA6RvxXvZbj5_TKPtQk0bls&google_cver=1&google_push=AYg5qPIUor1ppQVvxKLsLdNhIXgFd1kpSPUGhkewOYgDmKyZoDRGrNsmH1ms9XmOkRJbILNMVItnNRhHgMV-8i6poQ7cQQkFUq4hOaU HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA6RvxXvZbj5_TKPtQk0bls&google_cver=1&google_push=AYg5qPIUor1ppQVvxKLsLdNhIXgFd1kpSPUGhkewOYgDmKyZoDRGrNsmH1ms9XmOkRJbILNMVItnNRhHgMV-8i6poQ7cQQkFUq4hOaU&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kYzEwMzN4RTJ1SG5HaEU5dFBnaldvazV1WE1qMWIwX35B&google_push=AYg5qPIUor1ppQVvxKLsLdNhIXgFd1kpSPUGhkewOYgDmKyZoDRGrNsmH1ms9XmOkRJbILNMVItnNRhHgMV-8i6poQ7cQQkFUq4hOaU

Request Chain 292

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1654150793394-911564553145-006037-012-007319&key=41fd0c86-d88f-42e8-bb83-7c6a076e5301

Request Chain 294

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%5BRX_UUID%5D&cb=1654150793627 HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1654150793394-911564553145-006037-012-007319&key=OPTOUT

Request Chain 295

https://sync.technoratimedia.com/services?srv=cs&pid=&uid=1654150793394-911564553145-006037-012-007319&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%5BUSER_ID%5D HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1654150793394-911564553145-006037-012-007319&key=GDPR

Request Chain 296

https://secure.adnxs.com/getuid?https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D55%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fservs.modoro360.com%252Fcookiesyncendpoint%253Fpid%253D59c9148628a0612da3689288%2526biddername%253D55%2526auid%253D1654150793394-911564553145-006037-012-007319%2526key%253D%2524UID HTTP 302
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=55&auid=1654150793394-911564553145-006037-012-007319&key=4239826597430955658

Request Chain 304

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east

Request Chain 305

https://csync.loopme.me/?redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%7Bdevice_id%7D HTTP 307
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1654150793394-911564553145-006037-012-007319&key=1d94e503-2555-4b1a-9495-c4ac165f17bf

Request Chain 322

https://gcdn.2mdn.net/videoplayback/id/c0e48fec2399ff7b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795435042/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/B4B1DF183D154E4555391DE2441E3147DDD3AEB3.8C5996CEB78409907F969226132D11EF00A62949/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-axq7sn7e.c.2mdn.net/videoplayback/id/c0e48fec2399ff7b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795435042/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5937F9AAEF9F6849AC34CF12E3C5091AA10F7F42.30DB1AEBE7202495C8AA3E428E1E1C1E584B9824/key/cms1/cms_redirect/yes/mh/cq/mip/2a00:1630:2:608::2/mm/42/mn/sn-axq7sn7e/ms/onc/mt/1654150302/mv/u/mvi/3/pl/32/file/file.mp4

Request Chain 324

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHsU5dautx_gjTcY4VvH6U&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHsU5dautx_gjTcY4VvH6U&google_cver=1&C=1

Request Chain 325

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YphWiSLFJiGFoecr1gtKBAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHsU5dautx_gjTcY4VvH6U&google_cver=1

Request Chain 326

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEMMOOGX8Sod1ImnfkJYKHY&google_cver=1

Request Chain 327

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzOTgyNjU5NzQzMDk1NTY1OA%3D%3D

Request Chain 342

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOFyUQA22rx7UtI-7P9McS4&google_cver=1&google_push=AYg5qPJzNH0vKPTBnJUHsyyhEnue1z-1QxokyuHhWJ_IbSDlq8jibJvoF8yB45_zjkvj5TzIsYUHjB6OaLKKRWA9pKzYvFOZof4kbQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOFyUQA22rx7UtI-7P9McS4&google_cver=1&google_push=AYg5qPJzNH0vKPTBnJUHsyyhEnue1z-1QxokyuHhWJ_IbSDlq8jibJvoF8yB45_zjkvj5TzIsYUHjB6OaLKKRWA9pKzYvFOZof4kbQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T0hZTnNUUnQxTldFYnc1&google_gid=CAESEOFyUQA22rx7UtI-7P9McS4&google_cver=1&google_push=AYg5qPJzNH0vKPTBnJUHsyyhEnue1z-1QxokyuHhWJ_IbSDlq8jibJvoF8yB45_zjkvj5TzIsYUHjB6OaLKKRWA9pKzYvFOZof4kbQ

Request Chain 343

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAw8CpLeLwO8ibTjPFaRREw&google_cver=1&google_push=AYg5qPL856OufXScJokq70FZB5OzaHLTbCcZJFKPoevgj0m8rSAg3zWGBdD27LGav_dbSzPB2weBqxea3DN0LYe93oUp9o4Bw0fAKw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL856OufXScJokq70FZB5OzaHLTbCcZJFKPoevgj0m8rSAg3zWGBdD27LGav_dbSzPB2weBqxea3DN0LYe93oUp9o4Bw0fAKw

Request Chain 344

https://a.tribalfusion.com/i.match?p=b6&u=CAESEC63uvx6-PA7pXwzgplWMzU&google_cver=1&google_push=AYg5qPLlEYtsza65AWGa_kkmH_pmS-hleKderV5zUPrgVQ9kyC1sHpSXLYiWivXTT5omf2D_QcJiads2GkkQfQFzXfNx1kQ44venCQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLlEYtsza65AWGa_kkmH_pmS-hleKderV5zUPrgVQ9kyC1sHpSXLYiWivXTT5omf2D_QcJiads2GkkQfQFzXfNx1kQ44venCQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC63uvx6-PA7pXwzgplWMzU&google_cver=1&google_push=AYg5qPLlEYtsza65AWGa_kkmH_pmS-hleKderV5zUPrgVQ9kyC1sHpSXLYiWivXTT5omf2D_QcJiads2GkkQfQFzXfNx1kQ44venCQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLlEYtsza65AWGa_kkmH_pmS-hleKderV5zUPrgVQ9kyC1sHpSXLYiWivXTT5omf2D_QcJiads2GkkQfQFzXfNx1kQ44venCQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 345

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECB9ESouGq_zynzTiDjqc1I&google_cver=1&google_push=AYg5qPJGoiOB-3TICZ0XnIU2wILgRdJ3KNzSZoQ9YUojJMAUY8Gp9s3NcdwtKevsGjDBqJ0NoItIB_Ew_rMEUzixifykMvkjGXvB3g HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECB9ESouGq_zynzTiDjqc1I&google_cver=1&google_push=AYg5qPJGoiOB-3TICZ0XnIU2wILgRdJ3KNzSZoQ9YUojJMAUY8Gp9s3NcdwtKevsGjDBqJ0NoItIB_Ew_rMEUzixifykMvkjGXvB3g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQxNzg4MjU5ODExMTM4NDkwMA&google_push=AYg5qPJGoiOB-3TICZ0XnIU2wILgRdJ3KNzSZoQ9YUojJMAUY8Gp9s3NcdwtKevsGjDBqJ0NoItIB_Ew_rMEUzixifykMvkjGXvB3g

Request Chain 346

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPn-q4r8wvPq8bGzNz-vAeI&google_cver=1&google_push=AYg5qPItXtVHUlLNj42nBerGGWzF0hhxlM8tCFpx-Mqx5Z0bNGuE7hZ1GoPVffz3Vr1SU64VayK6aKko4Ldd8-gnQTqdlFeyMPvT_w HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPItXtVHUlLNj42nBerGGWzF0hhxlM8tCFpx-Mqx5Z0bNGuE7hZ1GoPVffz3Vr1SU64VayK6aKko4Ldd8-gnQTqdlFeyMPvT_w&google_hm=EvfbtGZHQCcxCnLVTcmB7E7y

Request Chain 469

https://gum.criteo.com/sid/json?origin=publishertag&domain=go4kora.com&sn=ChromeSyncframe&so=0&topUrl=go4kora.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=s5K5_HxOdnE5ZUxpZmhSSVh0aXMrMVN5aDcwUEFiMXF4dnJwTU92anhmU2gzUDdaNVkzYkpJYlBJdnJOazNzUVkwR3RQWUFVcTRoVFR6U1pxdnlmaEM1Uk1veGZqL2Eydk1SWk9OSFBBYWNSMmwxZkZyTThhNzNXSEZCdTROU3VTSWZwMjFIOUhrYUlyMndEV21qNUpTeTJQNWk1ZDNmM0FoeTk0Z3B3blZ2eGhvR0krZG1yU0dVbUFLRVgvdTV6MlVvcUpoRFJUNGt2OEZ1TGhXQUFFM3RKcGlCbStMcTdVTktzTXhwTXB1QVNDb2R1SkdIWFArYUlJSkhlWE14am9UdHMzVzhxcW1YVGtLcFdJUm5NdU9LNFlvQT09fA&cppv=2

466 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
go4kora.com/
Redirect Chain

http://news4koora.ga/
https://news4koora.ga/
https://go4kora.com/

35 KB
11 KB

285ms
199ms

Document
text/html

2606:4700:3037::ac43:b587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:b587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b699fd06e3bd1d4364be9deaf4d28449e0549e99264e6fcb58a84366a433bd3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 714e146cde589177-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Jun 2022 06:19:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUYrvYyX2%2BQ3dLvErNXEu17AbYQGPo4s2pjJoUAcEVYurYTIz1wDbbTcg9uH%2FcSzhNHHoKZUTEN%2B6WBO32m4PBteE7%2Fq70Ki%2FxvMb%2FSL%2BuWHiDGsqrSdMfJ3p1UDQV%2BKLk3sClelsRU7sA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Jun 2022 06:19:51 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://go4kora.com/
pragma: no-cache
server: nginx-rc
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 118ms
54ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 549
age: 9194469
cdn-cachedat: 01/06/2022 07:47:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c2f9e218955540353d2cff8a3e76b4e9
cf-ray: 714e146eadbc2056-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-rtl.min.css
news4koora.ga/assets/css/ 24 KB
3 KB 58ms
57ms Stylesheet
text/css 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://news4koora.ga/assets/css/bootstrap-rtl.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 13 Jun 2018 22:48:54 GMT
server: nginx-rc
etag: W/"5b219f56-6147"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 97ms
35ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 549
age: 9250241
cdn-cachedat: 01/04/2022 22:38:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 099c8081bbd0689d1f4da856f5995673
cf-ray: 714e146e9d0c00c3-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 home.css
news4koora.ga/assets/css/ 10 KB
2 KB 58ms
57ms Stylesheet
text/css 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://news4koora.ga/assets/css/home.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

81f81876b4387198404355d437528c0b4c15d91fad02096d161dbdc8cfdbe731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 04:48:51 GMT
server: nginx-rc
etag: W/"62170e33-2607"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H/1.1 200
OK go4korahead.js
jscdn.greeter.me/ 7 KB
8 KB 152ms
28ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/go4korahead.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:51 GMT
Connection: Keep-Alive
Last-Modified: Mon, 14 Feb 2022 16:15:57 GMT
x-amz-request-id: tx0000000000000885f7f20-0062984a3c-475c7122-fra1b
etag: "664fed559982c71e46587fabbce8b1d4"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1654150791.dop231.am5.t,1654150791.cds218.am5.shn,1654150791.dop231.am5.t,1654150791.cds278.am5.c
Content-Type: text/javascript
Cache-Control: max-age=453
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 7303

GET
H2 200 up.js
live.demand.supply/ 9 KB
5 KB 188ms
93ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3GPQ1C4SJM4ZMWPJBK4J0G4
date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 662
cf-polished: origSize=9326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"002151f48bfcfdd9b58f194235c212c4-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 714e146efd775971-AMS
link: <https://live.demand.supply/impl.v15.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/Z280a29yYS5jb20v>; rel=preload; as=script

GET
H2 200 js
www.googletagmanager.com/gtag/ 104 KB
40 KB 142ms
47ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40717
x-xss-protection: 0
expires: Thu, 02 Jun 2022 06:19:51 GMT

GET
H2 200 invisible.js Show response
go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/ 47 KB
17 KB 54ms
49ms Script
application/javascript 2606:4700:3037::ac43:b587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1654142400

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:b587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ebd937e5d2d3acb67115d6d6ae97b998bd52f351f984a0a31fb35e65efcba71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCScQjid608qwq3PgLVnLpK4jAULyrQwYpqEjGq1SoyU1noM2onJB%2B%2F6yWyWtsea%2Be9gvB%2Fteb%2BcwFXIQzX3z3cs61VUCexu3x6SrXjfW42RNVnphduByPcOP9KMSIaoYGD30mOB%2Fe2Zag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 714e146e79319177-FRA
vary: Accept-Encoding

GET
H2 200 logoHome.png
news4koora.ga/assets/img/ 9 KB
9 KB 86ms
81ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/img/logoHome.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

1dd433708cb7ca53a7ac9c6b88da2081520d809dd296b45cd54eaac443a12923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 31 May 2021 18:36:05 GMT
server: nginx-rc
etag: W/"60b52c95-2324"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 35631c3724350a5124c529aa84dfacd6.png
news4koora.ga/assets/teams/ 21 KB
8 KB 87ms
82ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/35631c3724350a5124c529aa84dfacd6.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

f5eed8da5303f6480c04b010ca505967485e334cd44aa7eaadabc051d4baca26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 18 Jun 2018 14:55:28 GMT
server: nginx-rc
etag: W/"5b27c7e0-54da"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 9185481ab9af7991225e8fa338afc299.png
news4koora.ga/assets/comp/ 37 KB
23 KB 87ms
83ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/comp/9185481ab9af7991225e8fa338afc299.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 02 Jun 2021 16:57:07 GMT
server: nginx-rc
etag: W/"60b7b863-928e"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 dcdbc838169ae2904b438f0e30946485.png
news4koora.ga/assets/teams/ 33 KB
19 KB 88ms
84ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/dcdbc838169ae2904b438f0e30946485.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 11 Sep 2018 18:57:24 GMT
server: nginx-rc
etag: W/"5b981014-82ae"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 f900245e60b565f32f0ed0da0687bb62.png
news4koora.ga/assets/teams/ 23 KB
9 KB 88ms
84ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/f900245e60b565f32f0ed0da0687bb62.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

dfc31b51a4d9c52eb921adffb63bfc82ecd08595535975ead89c6d8908601a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 10 Sep 2018 22:52:56 GMT
server: nginx-rc
etag: W/"5b96f5c8-5aa8"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 02e0cd24a1a33ecad3e8a74e33671ede.png
news4koora.ga/assets/comp/ 55 KB
41 KB 89ms
85ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/comp/02e0cd24a1a33ecad3e8a74e33671ede.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 Sep 2018 02:51:20 GMT
server: nginx-rc
etag: W/"5b8ca1a8-da58"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 3bc752ac855af33d8990e28861e33c8b.png
news4koora.ga/assets/teams/ 22 KB
9 KB 89ms
85ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/3bc752ac855af33d8990e28861e33c8b.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

d7b5fa13bd81fd1487b8937803682d44be1edf981ce7deecb9bfa5f916cdeda0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Oct 2018 22:19:02 GMT
server: nginx-rc
etag: W/"5bbbd7d6-59f5"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 fd9d43cdc51cb2ec64ffbae940dc97e8.png
news4koora.ga/assets/teams/ 22 KB
9 KB 90ms
86ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/fd9d43cdc51cb2ec64ffbae940dc97e8.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

1a729543bf3f1dea35f0b5c2c43e45345da48396b5642552a59f8599ed2dc668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 12 Oct 2018 14:30:50 GMT
server: nginx-rc
etag: W/"5bc0b01a-5870"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 55f795d877fba996bebbd183a18c82a4.png
news4koora.ga/assets/comp/ 56 KB
43 KB 226ms
222ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/comp/55f795d877fba996bebbd183a18c82a4.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 07 Sep 2018 18:37:44 GMT
server: nginx-rc
etag: W/"5b92c578-dfc9"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 fbd29916d3444a1fd9e54e2f38a42e96.png
news4koora.ga/assets/teams/ 22 KB
9 KB 226ms
222ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/fbd29916d3444a1fd9e54e2f38a42e96.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 07 Sep 2018 00:45:48 GMT
server: nginx-rc
etag: W/"5b91ca3c-58ee"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 f778b2e959ef1f1e4e1d8d4f8e8ccab5.png
news4koora.ga/assets/teams/ 22 KB
9 KB 226ms
223ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/f778b2e959ef1f1e4e1d8d4f8e8ccab5.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 10 Sep 2018 22:57:50 GMT
server: nginx-rc
etag: W/"5b96f6ee-598b"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 5915ce780ae3289c41a9e81e8abd833c.png
news4koora.ga/assets/teams/ 18 KB
4 KB 226ms
223ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/5915ce780ae3289c41a9e81e8abd833c.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 01 Jun 2021 19:01:12 GMT
server: nginx-rc
etag: W/"60b683f8-4695"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 8b563454d192c0bf7b0a0370b886a296.png
news4koora.ga/assets/teams/ 20 KB
6 KB 226ms
223ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/8b563454d192c0bf7b0a0370b886a296.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 11 Sep 2018 18:37:02 GMT
server: nginx-rc
etag: W/"5b980b4e-4fe3"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 9d159e999e037e2906dcdb60e5506c37.png
news4koora.ga/assets/teams/ 18 KB
5 KB 226ms
223ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/9d159e999e037e2906dcdb60e5506c37.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 12 Oct 2018 14:38:22 GMT
server: nginx-rc
etag: W/"5bc0b1de-4879"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 72a504c6994927a792f3579dff7366b1.png
news4koora.ga/assets/teams/ 18 KB
5 KB 226ms
223ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/72a504c6994927a792f3579dff7366b1.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 10 Oct 2018 19:03:20 GMT
server: nginx-rc
etag: W/"5bbe4cf8-4905"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 b31926a74f79d613fa93ca29ea116ac0.png
news4koora.ga/assets/teams/ 20 KB
7 KB 226ms
223ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/b31926a74f79d613fa93ca29ea116ac0.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 18 Jun 2018 14:48:16 GMT
server: nginx-rc
etag: W/"5b27c630-51e2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H/1.1 200
OK go4koravideo.js
jscdn.greeter.me/ 1 KB
2 KB 152ms
29ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/go4koravideo.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:51 GMT
Connection: Keep-Alive
Last-Modified: Tue, 14 Dec 2021 13:11:52 GMT
x-amz-request-id: tx000000000000088669235-0062984d6a-475c7122-fra1b
etag: "e6100050464f63fe59affba4fb1a9b16"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1654150791.dop154.am5.t,1654150791.cds015.am5.shn,1654150791.dop154.am5.t,1654150791.cds260.am5.c
Content-Type: text/javascript
Cache-Control: max-age=1267
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 1390

GET
H2 200 203cd501016508d34f60e84fa3350b8b.jpg
news4koora.ga/assets/articles/ 53 KB
53 KB 225ms
223ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/203cd501016508d34f60e84fa3350b8b.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 02 Mar 2022 17:09:07 GMT
server: nginx-rc
etag: W/"621fa4b3-d28e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 72450ef4f920c799fe20d97981f68611.jpg
news4koora.ga/assets/articles/ 24 KB
20 KB 225ms
223ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/72450ef4f920c799fe20d97981f68611.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 25 Feb 2022 15:47:00 GMT
server: nginx-rc
etag: W/"6218f9f4-61af"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 9c119aed5ce9cef2891efaf62223ecac.jpg
news4koora.ga/assets/articles/ 63 KB
64 KB 225ms
224ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/9c119aed5ce9cef2891efaf62223ecac.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 16:25:02 GMT
server: nginx-rc
etag: W/"6217b15e-fcce"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 83d76f4435b241b0c6574b57e95316ab.jpg
news4koora.ga/assets/articles/ 192 KB
0 225ms
224ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/83d76f4435b241b0c6574b57e95316ab.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 22:58:39 GMT
server: nginx-rc
etag: W/"6216bc1f-95dc1"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 21518a408b34a13d409c9f5ede16064e.jpg
news4koora.ga/assets/articles/ 40 KB
40 KB 226ms
224ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/21518a408b34a13d409c9f5ede16064e.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 16:55:04 GMT
server: nginx-rc
etag: W/"621666e8-a026"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 c350984a80f047fe922da3c3b0bcd2f4.jpg
news4koora.ga/assets/articles/ 128 KB
0 226ms
224ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/c350984a80f047fe922da3c3b0bcd2f4.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 16:32:34 GMT
server: nginx-rc
etag: W/"621661a2-31ae6"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
code.jquery.com/ 94 KB
33 KB 102ms
29ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.1.min.js
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1762a"
vary: Accept-Encoding
x-hw: 1654150791.dop007.am5.t,1654150791.cds237.am5.hn,1654150791.cds249.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33202

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 79ms
50ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 883
age: 823204
cdn-cachedat: 03/10/2022 13:34:43
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"5869c96cc8f19086aee625d670d741f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 582f409259e439cdf4fdaf3e34fa291b
cf-ray: 714e146eadc12056-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 sdk.js Show response
connect.facebook.net/ar_AR/ 3 KB
2 KB 138ms
43ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d79ce60440e1bc506cdf3ebc5117ab489e530785849e14acd469d1928c6a6b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8L8a240QfkNRcVNJSHWwcg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 1zfae1LKP84N8TzkAAzhGg+dATsJeiB5BuKbmX9a1bzQWc0hej89Ei+RJ3UJEsC+XWxs38M758iXiFfHWQT3Vg==
x-fb-trip-id: 720026100
x-fb-content-md5: 48f92839171968d597c6a2c7f7c59ec7
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 02 Jun 2022 06:19:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "38b9df25654148b076a03c94546c54cb"
timing-allow-origin: *
expires: Thu, 02 Jun 2022 06:21:24 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
931 B 120ms
44ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Requested by

Host: news4koora.ga
URL: https://news4koora.ga/assets/css/home.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0adf45ed6d157c9460d611d0be6e8380722abfef91c2d393c6655e13da4432ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news4koora.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 06:19:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Jun 2022 06:19:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Jun 2022 06:19:51 GMT

GET
H2 200 SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v18/ 32 KB
33 KB 148ms
71ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v18/SLXGc1nY6HkvalIhTps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 20:28:21 GMT
x-content-type-options: nosniff
age: 553890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33264
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:23:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 20:28:21 GMT

GET
H3 200 Primary Request / Show response
go4kora.com/ 34 KB
10 KB 199ms
199ms Document
text/html 2606:4700:3037::ac43:b587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8d0316531921bb0101f713b682b6027d2f2abca1be2a858f52da2838926083c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 714e146f68e05c26-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 02 Jun 2022 06:19:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMa0DLxGi2XlnzrMUrgLCrDTRJYRWttI0lc1R6IUWBKyLxDw66ECRemoYppltAkXkAo7gQg9omYreobA0SKYCN6VUY4VOIi6KXtwM%2F3%2Bg8h74EkaV4N%2FI5jzbIpSxNmxXkAnpqMztaeKvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 hb_323494_13494.js
player.aplhb.adipolo.com/prebidlink/459486/ 305 KB
94 KB 139ms
50ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/459486/hb_323494_13494.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 14:54:24 GMT
server: nginx
etag: W/"62962c20-4c5e7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 02 Jun 2022 07:19:51 GMT

GET
H2 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 74 KB
0 169ms
79ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28116
x-xss-protection: 0
server: sffe
etag: "1232 / 156 of 1000 / last-modified: 1654121128"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Jun 2022 06:19:51 GMT

GET
H2 200 wrapper_hb_323494_13494.js
player.aplhb.adipolo.com/prebidlink/459486/ 789 B
731 B 175ms
86ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/459486/wrapper_hb_323494_13494.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 01:04:54 GMT
server: nginx
etag: W/"62980cb6-315"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 02 Jun 2022 07:19:51 GMT

GET
H2 200 gpt.js
www.googletagservices.com/tag/js/ 82 KB
28 KB 121ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28166
x-xss-protection: 0
server: sffe
etag: "1232 / 265 of 1000 / last-modified: 1654121128"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Jun 2022 06:19:51 GMT

GET
H2 200 backWall2020.jpg
news4koora.ga/assets/img/ 128 KB
0 138ms
138ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/img/backWall2020.jpg

Requested by

Host: news4koora.ga
URL: https://news4koora.ga/assets/css/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news4koora.ga/assets/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 14:52:26 GMT
server: nginx-rc
etag: W/"5d8244aa-23409"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 SLXGc1nY6HkvalIkTpu0xg.woff2
fonts.gstatic.com/s/cairo/v18/ 29 KB
30 KB 98ms
34ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v18/SLXGc1nY6HkvalIkTpu0xg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 20:28:33 GMT
x-content-type-options: nosniff
age: 553878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29740
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:13:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 20:28:33 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 71ms
41ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 883
age: 276381
cdn-proxyver: 1.02
cdn-cachedat: 03/10/2022 13:34:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e751bb0ca6e51d9f97bbfaddb7653518
accept-ranges: bytes
cf-ray: 714e146fa9016b39-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 impl.v15.0.0.js
live.demand.supply/ 77 KB
25 KB 68ms
38ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3GPPYJ7DTVFG43BZ1A6MNXB
date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 1101432
cf-polished: origSize=79512
cf-ray: 714e146fcf949713-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ea93311ccbec72ee77f7dffdd40e2da2-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H3 200 Z280a29yYS5jb20v
live.demand.supply/p4/v14-3-0/ 916 B
710 B 126ms
97ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-3-0/Z280a29yYS5jb20v
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 714e146fcf929713-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js
www.googletagmanager.com/gtag/ 168 KB
0 122ms
50ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5QKX54JRFP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70055
x-xss-protection: 0
expires: Thu, 02 Jun 2022 06:19:51 GMT

HEAD
H3 200 e.js
live.demand.supply/e/ 0
401 B 71ms
39ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=222&cs=c&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G376E3G9D5VCQW183JBMDTNM
date: Thu, 02 Jun 2022 06:19:51 GMT
cf-cache-status: HIT
age: 1420489
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "b51d4f9d98e40d6d6d678da6b234a975-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e146fdaa19751-AMS

GET
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 65 KB
0 133ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56123
x-xss-protection: 0
server: cafe
etag: 9709703579651788548
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 06:19:51 GMT

GET
H3 200 ds.2.html
live.demand.supply/ 413 B
470 B 77ms
46ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RGC05SPDGM3C8WHRR1QEKX
date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 83000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 714e146fdaa69751-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js
c.amazon-adsystem.com/aax2/ 134 KB
37 KB 129ms
49ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 02 Jun 2022 05:50:50 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront), 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 19:53:04 GMT
server: AmazonS3
age: 1742
etag: W/"cc07895b7b7c30a55c948b849ccd5e56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1, FRA56-P3
content-encoding: gzip
x-amz-cf-id: Iv6B0KgWLQiCKaGk1u8V2M9CYHFDapjbY_u8gBv8Tp1ODl4FvEO2Tg==

GET
H3 200 uamp.1.json
live.demand.supply/ 8 KB
3 KB 74ms
43ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RZSVZTD409CZ8G7P5S1XTR
date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 823193
etag: W/"011e5e31e2a3f38b0144a3f8ebd2c638-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 714e146fdaa49751-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js
live.demand.supply/x/ 0
365 B 71ms
40ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RS565BK0379SZBVFRX58GS
date: Thu, 02 Jun 2022 06:19:51 GMT
cf-cache-status: HIT
age: 651389
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e146fdaaa9751-AMS

GET
H3 200 uamp.1.json
live.demand.supply/ 8 KB
3 KB 71ms
41ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RZSVZTD409CZ8G7P5S1XTR
date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 823193
etag: W/"011e5e31e2a3f38b0144a3f8ebd2c638-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 714e146fdaa39751-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js
live.demand.supply/x/ 0
365 B 36ms
36ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=um&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RS565BK0379SZBVFRX58GS
date: Thu, 02 Jun 2022 06:19:51 GMT
cf-cache-status: HIT
age: 651389
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e14703b2a9751-AMS

HEAD
H3 200 e.js
live.demand.supply/x/ 0
365 B 40ms
40ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=od&pp=BODY&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RS565BK0379SZBVFRX58GS
date: Thu, 02 Jun 2022 06:19:51 GMT
cf-cache-status: HIT
age: 651389
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e14703b2e9751-AMS

GET pubads_impl_2022053101.js
securepubads.g.doubleclick.net/gpt/ 0
0

GET ppub_config
securepubads.g.doubleclick.net/pagead/ 0
0

GET go4kora.com_auto_interstitial_desktop
live.demand.supply/cpi/ 0
0

GET hbw_master_323494_13494.js
player.aplhb.adipolo.com/prebidlink/459486/ 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 38ms
38ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 549
age: 9194469
cdn-cachedat: 01/06/2022 07:47:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c2f9e218955540353d2cff8a3e76b4e9
cf-ray: 714e1470bad26b39-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-rtl.min.css
news4koora.ga/assets/css/ 24 KB
3 KB 54ms
53ms Stylesheet
text/css 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://news4koora.ga/assets/css/bootstrap-rtl.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 13 Jun 2018 22:48:54 GMT
server: nginx-rc
etag: W/"5b219f56-6147"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 71ms
40ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 549
age: 9250241
cdn-cachedat: 01/04/2022 22:38:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 099c8081bbd0689d1f4da856f5995673
cf-ray: 714e1470eae90b43-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 home.css
news4koora.ga/assets/css/ 10 KB
2 KB 54ms
53ms Stylesheet
text/css 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://news4koora.ga/assets/css/home.css

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

81f81876b4387198404355d437528c0b4c15d91fad02096d161dbdc8cfdbe731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 04:48:51 GMT
server: nginx-rc
etag: W/"62170e33-2607"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H/1.1 200
OK go4korahead.js Show response
jscdn.greeter.me/ 7 KB
8 KB 30ms
29ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/go4korahead.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

2db6f197eee163bea53c66d338b49105218a6e4cf99b2f21b46d4983bea81956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:51 GMT
Connection: Keep-Alive
Last-Modified: Mon, 14 Feb 2022 16:15:57 GMT
x-amz-request-id: tx0000000000000885f7f20-0062984a3c-475c7122-fra1b
etag: "664fed559982c71e46587fabbce8b1d4"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1654150791.dop154.am5.t,1654150791.cds015.am5.shn,1654150791.dop154.am5.t,1654150791.cds278.am5.c
Content-Type: text/javascript
Cache-Control: max-age=453
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 7303

GET
H3 200 up.js Show response
live.demand.supply/ 9 KB
4 KB 72ms
71ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f0ba891ef90a7614caa05b8fc18000f0dea75f166c699e221bcb808cb0e0f19

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3GPQ1C4SJM4ZMWPJBK4J0G4
date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 662
cf-polished: origSize=9326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"002151f48bfcfdd9b58f194235c212c4-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 714e1470d9f69713-AMS
link: <https://live.demand.supply/impl.v15.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/Z280a29yYS5jb20v>; rel=preload; as=script

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 104 KB
40 KB 48ms
46ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64f2cc8fb4cd401218078d4d1229f089370c1246fa43542fae0d64414afa5480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40722
x-xss-protection: 0
expires: Thu, 02 Jun 2022 06:19:51 GMT

GET
H3 200 invisible.js Show response
go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/ 45 KB
16 KB 51ms
48ms Script
application/javascript 2606:4700:3037::ac43:b587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1654142400

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36a62172d00dfe1ffb8e7de83875e80e7b90eccfd6ccb4b04af19bb887e697a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzcbadXsmhfoHs9IKmxmUFcNsQ7i412fpJxARbE4M3OsUIcN6NViFemQhM3Pv%2BJMONa%2FGtcgb6Kk%2B9aVJiraVKofLsksfPJC2ub7M%2BDFpcH2hR6ztZ1XkVuJ5R9DSDYVNWJ6rPzVuDU%2F7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 714e1470eb8f5c26-FRA
vary: Accept-Encoding

GET
H2 200 logoHome.png
news4koora.ga/assets/img/ 9 KB
9 KB 59ms
53ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/img/logoHome.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

1dd433708cb7ca53a7ac9c6b88da2081520d809dd296b45cd54eaac443a12923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 31 May 2021 18:36:05 GMT
server: nginx-rc
etag: W/"60b52c95-2324"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 35631c3724350a5124c529aa84dfacd6.png
news4koora.ga/assets/teams/ 21 KB
8 KB 58ms
53ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/35631c3724350a5124c529aa84dfacd6.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

f5eed8da5303f6480c04b010ca505967485e334cd44aa7eaadabc051d4baca26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 18 Jun 2018 14:55:28 GMT
server: nginx-rc
etag: W/"5b27c7e0-54da"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 9185481ab9af7991225e8fa338afc299.png
news4koora.ga/assets/comp/ 37 KB
23 KB 59ms
54ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/comp/9185481ab9af7991225e8fa338afc299.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

a50a6489d99ed5dff7d450ea7d70f359957d679d68a70c62de36f8acf7a1f86a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 02 Jun 2021 16:57:07 GMT
server: nginx-rc
etag: W/"60b7b863-928e"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 dcdbc838169ae2904b438f0e30946485.png
news4koora.ga/assets/teams/ 33 KB
19 KB 59ms
54ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/dcdbc838169ae2904b438f0e30946485.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

bed6129de6971105a37364241ab873900d32ac346c9ab5709d7143999c3660d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 11 Sep 2018 18:57:24 GMT
server: nginx-rc
etag: W/"5b981014-82ae"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 f900245e60b565f32f0ed0da0687bb62.png
news4koora.ga/assets/teams/ 23 KB
9 KB 59ms
54ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/f900245e60b565f32f0ed0da0687bb62.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

dfc31b51a4d9c52eb921adffb63bfc82ecd08595535975ead89c6d8908601a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 10 Sep 2018 22:52:56 GMT
server: nginx-rc
etag: W/"5b96f5c8-5aa8"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 02e0cd24a1a33ecad3e8a74e33671ede.png
news4koora.ga/assets/comp/ 55 KB
41 KB 59ms
54ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/comp/02e0cd24a1a33ecad3e8a74e33671ede.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

bc8ebf0e68e90c9cfed71f96856097eeecf54d0927c9a1c6d1af947d08ceebbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 Sep 2018 02:51:20 GMT
server: nginx-rc
etag: W/"5b8ca1a8-da58"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 3bc752ac855af33d8990e28861e33c8b.png
news4koora.ga/assets/teams/ 22 KB
9 KB 59ms
54ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/3bc752ac855af33d8990e28861e33c8b.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

d7b5fa13bd81fd1487b8937803682d44be1edf981ce7deecb9bfa5f916cdeda0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Oct 2018 22:19:02 GMT
server: nginx-rc
etag: W/"5bbbd7d6-59f5"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 fd9d43cdc51cb2ec64ffbae940dc97e8.png
news4koora.ga/assets/teams/ 22 KB
9 KB 59ms
54ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/fd9d43cdc51cb2ec64ffbae940dc97e8.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

1a729543bf3f1dea35f0b5c2c43e45345da48396b5642552a59f8599ed2dc668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 12 Oct 2018 14:30:50 GMT
server: nginx-rc
etag: W/"5bc0b01a-5870"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 55f795d877fba996bebbd183a18c82a4.png
news4koora.ga/assets/comp/ 56 KB
43 KB 59ms
54ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/comp/55f795d877fba996bebbd183a18c82a4.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

acbdabb44d595f9c93d60914b66a77fc7ed21c673e99f22f7a660ef028ed93c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 07 Sep 2018 18:37:44 GMT
server: nginx-rc
etag: W/"5b92c578-dfc9"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 fbd29916d3444a1fd9e54e2f38a42e96.png
news4koora.ga/assets/teams/ 22 KB
9 KB 59ms
55ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/fbd29916d3444a1fd9e54e2f38a42e96.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

9c5caf538a167657e5b5f8ce0c9b8e1ddcaf025f2ccb00060ecb155d13f03090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 07 Sep 2018 00:45:48 GMT
server: nginx-rc
etag: W/"5b91ca3c-58ee"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 f778b2e959ef1f1e4e1d8d4f8e8ccab5.png
news4koora.ga/assets/teams/ 22 KB
9 KB 59ms
55ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/f778b2e959ef1f1e4e1d8d4f8e8ccab5.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

173e5608ba7209b8ac19f3119aaced7f46fbc278c6f7575a435106885bbb6406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 10 Sep 2018 22:57:50 GMT
server: nginx-rc
etag: W/"5b96f6ee-598b"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 5915ce780ae3289c41a9e81e8abd833c.png
news4koora.ga/assets/teams/ 18 KB
4 KB 59ms
55ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/5915ce780ae3289c41a9e81e8abd833c.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

36ef75ac599a1d85560cfcc80d139dbd755596ae4cd9e55b65ce0d4330079cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 01 Jun 2021 19:01:12 GMT
server: nginx-rc
etag: W/"60b683f8-4695"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 8b563454d192c0bf7b0a0370b886a296.png
news4koora.ga/assets/teams/ 20 KB
6 KB 59ms
55ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/8b563454d192c0bf7b0a0370b886a296.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

6fb71c26f6b5c42a6342209c15dc7f51e8f4e55126e3e39b7df73a11ca744566

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 11 Sep 2018 18:37:02 GMT
server: nginx-rc
etag: W/"5b980b4e-4fe3"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 9d159e999e037e2906dcdb60e5506c37.png
news4koora.ga/assets/teams/ 18 KB
5 KB 78ms
74ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/9d159e999e037e2906dcdb60e5506c37.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

cc3868a6bacbf59075594685e6e11d3e9760bbc9a8a3a577a0700a15b802b586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 12 Oct 2018 14:38:22 GMT
server: nginx-rc
etag: W/"5bc0b1de-4879"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 72a504c6994927a792f3579dff7366b1.png
news4koora.ga/assets/teams/ 18 KB
5 KB 78ms
75ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/72a504c6994927a792f3579dff7366b1.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

c08e77a12a044bad312740ff5e3aed24540728976f798a2584d6d9f7795b37da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 10 Oct 2018 19:03:20 GMT
server: nginx-rc
etag: W/"5bbe4cf8-4905"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 b31926a74f79d613fa93ca29ea116ac0.png
news4koora.ga/assets/teams/ 20 KB
7 KB 78ms
75ms Image
image/png 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/teams/b31926a74f79d613fa93ca29ea116ac0.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

8373a220c22784bfc135ba3ff7aa1286fc3b665130b212e5f5dc95b1db3bee6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 18 Jun 2018 14:48:16 GMT
server: nginx-rc
etag: W/"5b27c630-51e2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H/1.1 200
OK go4koravideo.js Show response
jscdn.greeter.me/ 1 KB
2 KB 35ms
33ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/go4koravideo.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

5af3a3fc8e80f50f581c3fcf3fa485cbf523ed683107d1de599f2770193bd28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:51 GMT
Connection: Keep-Alive
Last-Modified: Tue, 14 Dec 2021 13:11:52 GMT
x-amz-request-id: tx000000000000088669235-0062984d6a-475c7122-fra1b
etag: "e6100050464f63fe59affba4fb1a9b16"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1654150791.dop231.am5.t,1654150791.cds218.am5.shn,1654150791.dop231.am5.t,1654150791.cds260.am5.c
Content-Type: text/javascript
Cache-Control: max-age=1267
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 1390

GET
H2 200 203cd501016508d34f60e84fa3350b8b.jpg
news4koora.ga/assets/articles/ 53 KB
53 KB 78ms
75ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/203cd501016508d34f60e84fa3350b8b.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

ea043c9b1b53c6ddb9afe4bdd8d9838b54fe54435d9f6ea140ebe80478264b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 02 Mar 2022 17:09:07 GMT
server: nginx-rc
etag: W/"621fa4b3-d28e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 72450ef4f920c799fe20d97981f68611.jpg
news4koora.ga/assets/articles/ 24 KB
20 KB 78ms
75ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/72450ef4f920c799fe20d97981f68611.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

be1a9703d742d9e1ca36a740c33fcc122d01a0e5cba8328d1e140c1aee3f8d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 25 Feb 2022 15:47:00 GMT
server: nginx-rc
etag: W/"6218f9f4-61af"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 9c119aed5ce9cef2891efaf62223ecac.jpg
news4koora.ga/assets/articles/ 63 KB
64 KB 78ms
75ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/9c119aed5ce9cef2891efaf62223ecac.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

243f9298fdf5ae6543d77968111398d390d9adf0115d11d0f2f1692695088176

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 24 Feb 2022 16:25:02 GMT
server: nginx-rc
etag: W/"6217b15e-fcce"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 83d76f4435b241b0c6574b57e95316ab.jpg
news4koora.ga/assets/articles/ 599 KB
576 KB 78ms
75ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/83d76f4435b241b0c6574b57e95316ab.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

6ed20cb52595f6abbc5bdd2c52fa323c05120aeee11dfd9ad8401883bd7b4909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 22:58:39 GMT
server: nginx-rc
etag: W/"6216bc1f-95dc1"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 21518a408b34a13d409c9f5ede16064e.jpg
news4koora.ga/assets/articles/ 40 KB
40 KB 78ms
76ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/21518a408b34a13d409c9f5ede16064e.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

663c9b9be1fae766b50858e1ac11f67d14d4921f41d2b294f8d485979b080f9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 16:55:04 GMT
server: nginx-rc
etag: W/"621666e8-a026"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 c350984a80f047fe922da3c3b0bcd2f4.jpg
news4koora.ga/assets/articles/ 199 KB
199 KB 78ms
76ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/articles/c350984a80f047fe922da3c3b0bcd2f4.jpg

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

18b5d6db36aafbc4d353dc2838a78108f28a29eba4ea7b57367ffc334b8d91ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 23 Feb 2022 16:32:34 GMT
server: nginx-rc
etag: W/"621661a2-31ae6"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H2 200 jquery-1.11.1.min.js Show response
code.jquery.com/ 94 KB
33 KB 32ms
30ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.1.min.js
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1762a"
vary: Accept-Encoding
x-hw: 1654150791.dop007.am5.t,1654150791.cds237.am5.hn,1654150791.cds249.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33202

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 38ms
37ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 883
age: 823204
cdn-cachedat: 03/10/2022 13:34:43
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"5869c96cc8f19086aee625d670d741f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 582f409259e439cdf4fdaf3e34fa291b
cf-ray: 714e1470db316b39-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 sdk.js Show response
connect.facebook.net/ar_AR/ 3 KB
2 KB 91ms
44ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d79ce60440e1bc506cdf3ebc5117ab489e530785849e14acd469d1928c6a6b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8L8a240QfkNRcVNJSHWwcg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 1zfae1LKP84N8TzkAAzhGg+dATsJeiB5BuKbmX9a1bzQWc0hej89Ei+RJ3UJEsC+XWxs38M758iXiFfHWQT3Vg==
x-fb-content-md5: 48f92839171968d597c6a2c7f7c59ec7
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 02 Jun 2022 06:19:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "38b9df25654148b076a03c94546c54cb"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 06:21:24 GMT

GET
H2 200 hb_323494_13494.js Show response
player.aplhb.adipolo.com/prebidlink/459486/ 305 KB
94 KB 30ms
29ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/459486/hb_323494_13494.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: fd4ddd446917b19e6b522a553cbbfa3f9ae1893ab2d96010048582bd1edcbf9f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 14:54:24 GMT
server: nginx
etag: W/"62962c20-4c5e7"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 02 Jun 2022 07:19:51 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 117ms
46ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

550c08aebd5519d84edf7466eef34e117380ae5e198b8653a3e6eb392b147ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28115
x-xss-protection: 0
server: sffe
etag: "1232 / 97 of 1000 / last-modified: 1654121096"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Jun 2022 06:19:51 GMT

GET
H2 200 wrapper_hb_323494_13494.js Show response
player.aplhb.adipolo.com/prebidlink/459486/ 789 B
731 B 42ms
41ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/459486/wrapper_hb_323494_13494.js
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 13d2393b2f7728d3474768349cd3aa24eab85de54c1541a56d887829b53e4173

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 01:04:54 GMT
server: nginx
etag: W/"62980cb6-315"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 02 Jun 2022 07:19:51 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
27 KB 114ms
43ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4korahead.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

550c08aebd5519d84edf7466eef34e117380ae5e198b8653a3e6eb392b147ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28115
x-xss-protection: 0
server: sffe
etag: "1232 / 61 of 1000 / last-modified: 1654121096"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Jun 2022 06:19:51 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
429 B 110ms
42ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Requested by

Host: news4koora.ga
URL: https://news4koora.ga/assets/css/home.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0adf45ed6d157c9460d611d0be6e8380722abfef91c2d393c6655e13da4432ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news4koora.ga/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 06:01:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Jun 2022 06:19:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Jun 2022 06:19:51 GMT

GET
H3 200 impl.v15.0.0.js Show response
live.demand.supply/ 77 KB
25 KB 37ms
37ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v15.0.0.js
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3GPPYJ7DTVFG43BZ1A6MNXB
date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 1101432
cf-polished: origSize=79512
cf-ray: 714e14715ae49713-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"ea93311ccbec72ee77f7dffdd40e2da2-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H3 200 Z280a29yYS5jb20v Show response
live.demand.supply/p4/v14-3-0/ 916 B
710 B 72ms
70ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v14-3-0/Z280a29yYS5jb20v
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbef19932cd9ceb0a0f5d162179f3e59b8df6dcc0e435b9d3343c5808f034936

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 714e14715aed9713-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 hbw_master_323494_13494.js Show response
player.aplhb.adipolo.com/prebidlink/459486/ 75 KB
25 KB 28ms
28ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aplhb.adipolo.com/prebidlink/459486/hbw_master_323494_13494.js
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/459486/wrapper_hb_323494_13494.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 55f87ec06fcd0c33b1ec53009d060a1082b2a649280a9fbc2cf7b4921c444c01

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
last-modified: Thu, 02 Jun 2022 01:04:54 GMT
server: nginx
etag: W/"62980cb6-12ce3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Thu, 02 Jun 2022 07:19:51 GMT

GET
H/1.1 200
OK / Show response
ghb.aplhb.adipolo.com/geo/ 153 B
420 B 135ms
31ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/geo/
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/459486/hbw_master_323494_13494.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 5eb91ace0a49779892a90aaad182b91b9a065f54d71348f6f229c25c0f9a7199

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:51 GMT
Server: Adtelligent
Content-Type: application/json
Access-Control-Allow-Origin: https://go4kora.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 153

GET
H/1.1 200
OK tracking Show response
ghb.aplhb.adipolo.com/adunit/ 43 B
430 B 135ms
31ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=323494&site_id=13494&full_page_url=https%3A%2F%2Fgo4kora.com%2F&adid=wmo7ou.w2&features=16416&vpbv=N061&tte=94&lifecycle_tte=360
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/459486/hbw_master_323494_13494.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:51 GMT
Server: Adtelligent
Content-Type: image/gif
Access-Control-Allow-Origin: https://go4kora.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 43

GET
H2 200 backWall2020.jpg
news4koora.ga/assets/img/ 141 KB
141 KB 55ms
53ms Image
image/jpeg 103.145.13.87
SQUITTER-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news4koora.ga/assets/img/backWall2020.jpg

Requested by

Host: news4koora.ga
URL: https://news4koora.ga/assets/css/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.145.13.87 , Netherlands, ASN213371 (SQUITTER-NETWORKS, NL),

Reverse DNS

Software

nginx-rc /

Resource Hash

35697d74383d976566f50c4ea14e4fb2fa04efa4c25ae33584da0921341339fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news4koora.ga/assets/css/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 14:52:26 GMT
server: nginx-rc
etag: W/"5d8244aa-23409"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 02 Jul 2022 06:19:51 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 34ms
33ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 883
age: 276381
cdn-proxyver: 1.02
cdn-cachedat: 03/10/2022 13:34:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: e751bb0ca6e51d9f97bbfaddb7653518
accept-ranges: bytes
cf-ray: 714e1471cd1a6b39-AMS
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 SLXGc1nY6HkvalIkTpu0xg.woff2
fonts.gstatic.com/s/cairo/v18/ 29 KB
29 KB 100ms
33ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v18/SLXGc1nY6HkvalIkTpu0xg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fb0201eb648ada7265dc5c9bb6c5a4cfcf49364b4a9bec976557bb6c2369a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 20:28:33 GMT
x-content-type-options: nosniff
age: 553879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29740
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:13:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 20:28:33 GMT

GET
H3 200 SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v18/ 32 KB
33 KB 103ms
36ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v18/SLXGc1nY6HkvalIhTps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo:400,700&subset=arabic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b2bb9f7daf4f2f3ef930ec5eccec7ef32af9930cd2e454fb51fb1bf26bb2e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 20:28:21 GMT
x-content-type-options: nosniff
age: 553891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33264
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:23:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 20:28:21 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 34ms
33ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=100&cs=c&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G376E3G9D5VCQW183JBMDTNM
date: Thu, 02 Jun 2022 06:19:51 GMT
cf-cache-status: HIT
age: 1420489
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "b51d4f9d98e40d6d6d678da6b234a975-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1471cdea9751-AMS

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65b52fc9a44ec50580e99081b1c01ba7f67c05b33148b3cae47eeb926755f888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56121
x-xss-protection: 0
server: cafe
etag: 3540141462400458657
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 06:19:51 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
470 B 38ms
34ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RGC05SPDGM3C8WHRR1QEKX
date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 83000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 714e1471de009751-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
37 KB 42ms
38ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 02 Jun 2022 05:50:50 GMT
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront), 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Tue, 24 May 2022 19:53:04 GMT
server: AmazonS3
age: 1742
etag: W/"cc07895b7b7c30a55c948b849ccd5e56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1, FRA56-P3
content-encoding: gzip
x-amz-cf-id: ih2GnsUZaBS6LGOh29MSi3laio4QINgQPWi-TwIa9rHxj0qM78xNIQ==

GET
H3 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 38ms
36ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RZSVZTD409CZ8G7P5S1XTR
date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 823193
etag: W/"011e5e31e2a3f38b0144a3f8ebd2c638-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 714e1471de069751-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 36ms
34ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RS565BK0379SZBVFRX58GS
date: Thu, 02 Jun 2022 06:19:51 GMT
cf-cache-status: HIT
age: 651389
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1471de049751-AMS

GET
H3 200 uamp.1.json Show response
live.demand.supply/ 8 KB
3 KB 44ms
42ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RZSVZTD409CZ8G7P5S1XTR
date: Thu, 02 Jun 2022 06:19:51 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 823193
etag: W/"011e5e31e2a3f38b0144a3f8ebd2c638-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 714e1471de079751-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5QKX54JRFP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

703e7eb45e4bfc281f6dac1b7b0602925272ae5ce9bc8153ecf999b109cc520c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70008
x-xss-protection: 0
expires: Thu, 02 Jun 2022 06:19:52 GMT

GET
H3 200 go4kora.com_auto_interstitial_desktop Show response
live.demand.supply/cpi/ 27 B
255 B 232ms
232ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cpi/go4kora.com_auto_interstitial_desktop?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 736d370b1cb50f0e26baa7009a8c0b7cff5a2718276f58d9b2d494f40568e5f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 714e14721e7a9751-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27

GET
H3 200 go4kora.com_fluid_sky+sq Show response
live.demand.supply/cp/ 26 B
254 B 249ms
249ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/go4kora.com_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98da03860bbe1f8591d94c443c38930324298709b9218d0a3ad51106903d14bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 714e14721e7d9751-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26

GET
H3 200 pubads_impl_2022052601.js Show response
securepubads.g.doubleclick.net/gpt/ 367 KB
124 KB 34ms
33ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

89fcef2fe8204ec89e703202f4313758021687559f6216a92b5379a753015e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127327
x-xss-protection: 0
last-modified: Thu, 26 May 2022 08:35:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 02 Jun 2023 06:04:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 340 B
180 B 112ms
43ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=go4kora.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

233e6a52c742763b998f8b21cd5867a6006c99b9dd62d84d88a2877d579f3ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155
x-xss-protection: 0
expires: Thu, 02 Jun 2022 06:19:52 GMT

GET
H/1.1 200
OK spt Show response
tg1.modoro360.com/api/adserver/ 23 KB
6 KB 197ms
64ms Script
text/javascript 2a02:26f0:3500:c::5c7b:680c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61b8979becdbe44a0161df9a&AV_PUBLISHERID=603b9ffff4babd238f32ea66
Requested by: Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/go4koravideo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 06bccf28d3c0bc88ee52a454fdf140ddb2085f308dd18ea7279bee1471900350

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 6021
Expires: Thu, 02 Jun 2022 06:24:52 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ar_AR/ 290 KB
83 KB 44ms
44ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk.js?hash=feb501cea3c54f5fe17525c80fd29cce

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fe5ed249e779d6c96662d73a680ada1af0b1a94a78bbc8762301e59e128c377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go4kora.com/
Origin: https://go4kora.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: l23VVeP4EB63HEsUIl4lpw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 02 Jun 2023 04:43:44 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84513
x-fb-rlafr: 0
x-fb-debug: P3oK+GX4odYQHXjAV2Kf9467tubPYspQhVCS4VVYjVVU6MNfqU9RKvdHYlei2qJCYpsejXFAhP3pkC8jhhRS1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c041abf1275cb6a1e7b38c9f04764d5e
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Jun 2022 06:19:52 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5ea6cdabaa0ee69f1456ba4c167f02c5"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 39ms
39ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RS565BK0379SZBVFRX58GS
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 651390
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e14723eb89751-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 40ms
40ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=um&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RS565BK0379SZBVFRX58GS
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 651390
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e14723eba9751-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 40ms
40ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=od&pp=BODY&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RS565BK0379SZBVFRX58GS
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 651390
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e14723ebd9751-AMS

GET
H3 200 go4kora.com_fluid_sky+sq Show response
live.demand.supply/cp/ 26 B
254 B 253ms
253ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/go4kora.com_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98da03860bbe1f8591d94c443c38930324298709b9218d0a3ad51106903d14bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 714e14723ec09751-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26

GET
H3 200 go4kora.com_fluid_sky+sq Show response
live.demand.supply/cp/ 26 B
254 B 228ms
228ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/go4kora.com_fluid_sky+sq?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98da03860bbe1f8591d94c443c38930324298709b9218d0a3ad51106903d14bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 714e14723ec39751-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26

GET
H3 200 pica.js
go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/ 22 KB
8 KB 44ms
44ms Other
application/javascript 2606:4700:3037::ac43:b587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe92c85ce0dabbeb56c9aa54bd9ac8f625305572d23fd573756afac0a9e0fa91

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umgPZMc43eONSFeu1IbkxtaYWK%2FnDbIMHYmemMEs5r9OYljqv7m0r9isaN30WXaQbvaVFbmSbkg5RV7JuzLDpbaFG1DEmFJxdJ%2FyluOLyzkpCzuT6Mb%2Fj%2B241qkFfgi7e3SU8RjWcx49iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 714e14725e0c5c26-FRA
vary: Accept-Encoding

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 386 B
741 B 42ms
41ms XHR
application/json 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgo4kora.com&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: Server /
Resource Hash: cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 03:49:48 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server: Server
age: 9004
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
content-length: 386
x-amz-cf-id: GLK2K9ZzpviDHvWOcadPLH2s-rVyH1gzztv7L-ht4fLkVx-ZKPPXlQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 386 B
740 B 38ms
37ms XHR
application/json 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgo4kora.com&pubid=66ef05f7-ad53-48f6-873a-ac7543370392
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: Server /
Resource Hash: cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 03:49:48 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server: Server
age: 9004
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
content-length: 386
x-amz-cf-id: bh4WIofEO4yIFMPzjgataliTB7zquz1OO2Xz1aqZCL9eVRDhoILKsw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 100ms
34ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 00:57:39 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 19334
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
content-type: application/javascript
x-amz-cf-id: CVH2FGbcC7u7_XJ1bPjNMNeyWbxZH2srZCYO9Hz7_ZhGBP6GZw2hwA==

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220531/r20190131/ Frame C8F4 10 KB
5 KB 107ms
33ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220531/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 40704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 19:01:28 GMT
etag: 1327746537699501093
expires: Wed, 15 Jun 2022 19:01:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 40 KB
11 KB 146ms
65ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:11:14 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: rbx1
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11181
x-request-id: 984220516

POST
H2 204 collect
www.google-analytics.com/g/ 0
159 B 119ms
45ms Ping
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5QKX54JRFP&gtm=2oe610&_p=1462188469&_z=ccd.tdB&cid=45469320.1654150792&ul=en-us&sr=1600x1200&_s=1&sid=1654150791&sct=1&seg=0&dl=https%3A%2F%2Fgo4kora.com%2F&dr=https%3A%2F%2Fgo4kora.com%2F&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D9%88%20%D9%81%D9%88%D8%B1%20%D9%83%D9%88%D8%B1%D8%A9%20%3A%20%D8%B9%D8%A7%D9%84%D9%85%20%D9%83%D8%B1%D8%A9%20%D8%A7%D9%84%D9%82%D8%AF%D9%85%20%D8%A8%D9%8A%D9%86%20%D9%8A%D8%AF%D9%8A%D9%83&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5QKX54JRFP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 106ms
34ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117897648-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2706
date: Thu, 02 Jun 2022 05:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 02 Jun 2022 07:34:46 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 11 KB
5 KB 89ms
25ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fgo4kora.com%2F
Requested by: Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/459486/hb_323494_13494.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: cfdf5cfd7a8fe4da417f41dafe2b7779c714fcca9776bb473b71b37180e4c640

Request headers

Referer: https://go4kora.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 12:02:21 GMT
server: nginx
etag: W/"629603cd-2ac0"
content-type: application/json
access-control-allow-origin: https://go4kora.com
expires: Sat, 04 Jun 2022 06:19:52 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 120ms
41ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 118ms
43ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 292ms
292ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=4215637421167833&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=1&adks=2825964077&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=test%3Drefresh%26excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792174&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=315&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&fws=512&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

40ee46e5a289b1189c04a015f0f14cdc0984814fd1a4b69b1bf1ce0193066c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10502
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 532E 6 KB
4 KB 146ms
42ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:19:52 GMT
expires: Fri, 02 Jun 2023 06:19:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 297ms
297ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=1635207345172003&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Ccube&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=2&adks=2286340821&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792206&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a60d2c15272c40286cf94695f6d5ead357cfa56def46fbe4f8278a31182e7a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10082
x-xss-protection: 0
google-lineitem-id: 5504336788
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326328840
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 252ms
252ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=3200167860556550&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Ccube2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=3&adks=2175863527&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792213&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

777c66e7fd3952024a5974c723f88ebb6e5bfb1477279e7582ae74264a38e230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10064
x-xss-protection: 0
google-lineitem-id: 5504336788
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326328840
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 266ms
266ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=3505701701268625&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Ccube3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=4&adks=1025159968&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792219&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

fd3d0f04744e340aaffb9cf9f76a4a90a07e63f268a8930f9cb02d53f7ad261b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9082
x-xss-protection: 0
google-lineitem-id: 5816136471
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374459605
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 266ms
265ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=4115827067380654&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Crich&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=5&adks=1438974535&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792225&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e2c471bddbb30ec6344269a7933251cf844921f046f12eb21babb3e84b7e754c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9699
x-xss-protection: 0
google-lineitem-id: 5504336788
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326328708
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 278ms
278ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=4259811032511072&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Crich2&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C320x50%7C320x100&ifi=6&adks=3042874566&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792231&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

5c0892888c6ab8a6845d63d520728c85bf3df8a8229c815efb36302117685cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9670
x-xss-protection: 0
google-lineitem-id: 5504336788
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326328708
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 292ms
292ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=68635714005227&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Csky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=7&adks=1499806689&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792238&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

41bb128c325348bfd33d56b491dcb95d8aab85265b135bd227bb11aa272b5d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10356
x-xss-protection: 0
google-lineitem-id: 5504336788
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138326745802
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 435 B
269 B 325ms
325ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=342423572015247&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Cresponsive&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=8&adks=3940055961&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792247&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a2adb68c76e2735e5002496994c321df068c41203f4735db7c6ffb047a869b05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 239
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
272 B 251ms
250ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=3298815063358120&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Cresponsive3&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=9&adks=72340997&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792258&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

baa169a81f2edffe08083e5bf322df3813055d81e60a8c91e1d9f1b8bdf425dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
272 B 231ms
231ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=568076071014438&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Cresponsive4&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=10&adks=2201913070&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792264&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8a1baca9226cd9ae32c72f4e6ddfa87a809617baa7dd7657779df0ca4eb153fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 436 B
272 B 257ms
256ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=691415413070457&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Cresponsive5&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250&ifi=11&adks=1011234766&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792269&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

88f7dbf7396bb8012ca9177de615c473347785e0dc0788f62fd4800534d1dc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 121 KB
43 KB 377ms
377ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=1746886521744537&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Cnativefeedapl&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=12&adks=1000061626&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792274&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ad32401f29b9ea729eb994242dbd572f62d7605bbbfd4d95bdccd1a13c02aba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43522
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 33ms
32ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=go4kora.com_auto_interstitial_desktop&pdc=-0.6723078489303589&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G376E3G9D5VCQW183JBMDTNM
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 1420490
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "b51d4f9d98e40d6d6d678da6b234a975-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1473e9939751-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 35ms
34ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=go4kora.com_fluid_sky%2Bsq&pdc=-0.222794771194458&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G376E3G9D5VCQW183JBMDTNM
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 1420490
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "b51d4f9d98e40d6d6d678da6b234a975-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1473f9a99751-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 33ms
33ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=go4kora.com_fluid_sky%2Bsq&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RS565BK0379SZBVFRX58GS
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 651390
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1473f9ac9751-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 32ms
32ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=go4kora.com_fluid_sky%2Bsq&pdc=-0.222794771194458&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G376E3G9D5VCQW183JBMDTNM
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 1420490
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "b51d4f9d98e40d6d6d678da6b234a975-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1473f9ad9751-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 35ms
34ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=go4kora.com_fluid_sky%2Bsq&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RS565BK0379SZBVFRX58GS
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 651390
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1473f9ae9751-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 37ms
37ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=go4kora.com_fluid_sky%2Bsq&pdc=-0.222794771194458&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G376E3G9D5VCQW183JBMDTNM
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 1420490
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "b51d4f9d98e40d6d6d678da6b234a975-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1473f9af9751-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
365 B 37ms
37ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=go4kora.com_fluid_sky%2Bsq&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G3RS565BK0379SZBVFRX58GS
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 651390
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1473f9b09751-AMS

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 112 KB
30 KB 347ms
347ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=3123698448122293&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=44890869%3A22630893834%2Cca-pub-3831894559014614-tag%2Cb4620e87-ee52-4f3a-a455-b7e3deeb67dc&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=13&adks=1634542020&sfv=1-0-38&ecs=20220602&ists=1&fas=8&fsapi=false&prev_scp=ti%3Da3538840-e543-4084-a0fb-8ac2d3565e43%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D77&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1654150792302&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c9daa60c6cdb7d7a2a1682e44e5496699038360f2c147b26b2363c7cab33a85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31072
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2022052601.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 34ms
34ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022052601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

c83c3fde7d39843c4ff04bd8f1c944876dcfdb4410b1df84606ae767ef31ef24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 10:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13355
x-xss-protection: 0
last-modified: Thu, 26 May 2022 08:35:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 May 2023 10:51:39 GMT

POST
H3 200 714e146f68e05c26 Show response
go4kora.com/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
748 B 59ms
59ms XHR
text/plain 2606:4700:3037::ac43:b587
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go4kora.com/cdn-cgi/challenge-platform/h/g/cv/result/714e146f68e05c26

Requested by

Host: go4kora.com
URL: https://go4kora.com/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1654142400

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:b587 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEioaCuD2dNZcWKtLAf%2FdED1JUUpHl91n91TwFFHpQnp97Owk4Pv02jfyx3N2vFUYD7kkPYrSGG1G10PQv2qUADunEJMOagiXG3rzGkFmkckU%2Frtcnsmt6jpCo1ynYnhvf2DmwPyz2J6fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 714e14757ae35c26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
61 KB 172ms
36ms Script
application/javascript 2a02:26f0:3500:c::5c7b:6837
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=61b8979becdbe44a0161df9a&AV_PUBLISHERID=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6837 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdv3MtB8ywSkxoFTIcVTwmMCJVLnsqLiokzJPDc1lTU-XBbxh1xIFRlJmFv_ujNnAJO9Rwzbgi9de8Pj1jr87iA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 61326
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
server: UploadServer
etag: "9dff0335699f04080269947f40c366ae"
vary: Accept-Encoding
x-goog-hash: crc32c=DITkQg==, md5=nf8DNWmfBAgCaZR/QMNmrg==
content-language: en
x-goog-generation: 1646327924579580
cache-control: public, max-age=300
x-goog-stored-content-length: 61326
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 02 Jun 2022 06:24:52 GMT

GET
H2 200 track
servt.modoro360.com/ 0
71 B 346ms
111ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?pid=603b9ffff4babd238f32ea66&cid=607d8fb337a8647f135f4f25&cb=1654150792533&r=go4kora.com&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&e=playerLoaded
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 110ms
42ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1462188469&t=pageview&_s=1&dl=https%3A%2F%2Fgo4kora.com%2F&ul=en-us&de=UTF-8&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%AC%D9%88%20%D9%81%D9%88%D8%B1%20%D9%83%D9%88%D8%B1%D8%A9%20%3A%20%D8%B9%D8%A7%D9%84%D9%85%20%D9%83%D8%B1%D8%A9%20%D8%A7%D9%84%D9%82%D8%AF%D9%85%20%D8%A8%D9%8A%D9%86%20%D9%8A%D8%AF%D9%8A%D9%83&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1099744222&gjid=1979865758&cid=45469320.1654150792&tid=UA-117897648-1&_gid=2093944220.1654150793&_r=1&gtm=2ou610&z=1913120756

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 1113.json Show response
id5-sync.com/g/v2/ 213 B
618 B 109ms
35ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1113.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

c5a8e407b43247b83adf478ea8dcc988109ba6d0441b17a252af4ea1164e89b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://go4kora.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go4kora.com
date: Thu, 02 Jun 2022 06:19:52 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

POST
H/1.1 200 1113.json Show response
id5-sync.com/g/v2/ 213 B
618 B 107ms
35ms XHR
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1113.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

b90325364e7412e76f70735b18e3ed69f30b50f8f12275d7df1270b6f50f8df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://go4kora.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go4kora.com
date: Thu, 02 Jun 2022 06:19:52 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 154 B
621 B 75ms
75ms XHR
text/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgo4kora.com%2F&pr=https%3A%2F%2Fgo4kora.com%2F&pid=8NewzlQohvNGi&cb=0&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22go4kora.com_fluid_sky%2Bsq%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-55.fra56.r.cloudfront.net

Software

Server /

Resource Hash

ddb78e39ef01880fa4142076ce7d168155adf8d351849e7ea631cfbb1902ae84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: A50HWXRB37HPMMZXCSY5
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://go4kora.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 154
x-amz-cf-id: 3Jw25qXOmj8nhU3Gw97efh3r9ThU1mH1WkbarEFyiiDJrVO46wdX9w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 154 B
621 B 71ms
70ms XHR
text/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgo4kora.com%2F&pr=https%3A%2F%2Fgo4kora.com%2F&pid=8NewzlQohvNGi&cb=1&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22go4kora.com_fluid_sky%2Bsq%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-55.fra56.r.cloudfront.net

Software

Server /

Resource Hash

230b6af0dad07b2ae460899e8d590b66e0587883d4120db9723bddec619be5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: FFVP92QYK5ZGC62EQW0Q
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://go4kora.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 154
x-amz-cf-id: ow_Joaj5QP339Xza4jbBfB7uhyCdkBpOImW5pu5UzTU27u3Gl5L0tQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 154 B
618 B 69ms
69ms XHR
text/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgo4kora.com%2F&pr=https%3A%2F%2Fgo4kora.com%2F&pid=8NewzlQohvNGi&cb=2&ws=1600x1200&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22go4kora.com_fluid_sky%2Bsq%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%5D%7D%5D&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-55.fra56.r.cloudfront.net

Software

Server /

Resource Hash

be59918da7b51426f1c69a4cd89123cdbc9e74f16d358e9b681df36fed20a4d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: 6V4YNVA3NV8ZTR2C0277
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://go4kora.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 154
x-amz-cf-id: vsB10ihdMAMPvpIuhwvvLmsgDH666Of0qjtiA8cf07ofbKaa5ulpkg==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012205161914000/ Frame 26B3 220 KB
61 KB 126ms
35ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 164055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61456
x-xss-protection: 0
server: sffe
date: Tue, 31 May 2022 08:45:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42b814baf88beb20"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 May 2023 08:45:37 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 26B3 14 KB
5 KB 182ms
91ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 220226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5191
x-xss-protection: 0
server: sffe
date: Mon, 30 May 2022 17:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3630c4be819f8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 May 2023 17:09:26 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 26B3 94 KB
28 KB 195ms
103ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 220226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28900
x-xss-protection: 0
server: sffe
date: Mon, 30 May 2022 17:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ccce7ec6c76e0017"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 May 2023 17:09:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 26B3 5 KB
2 KB 188ms
96ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 220226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1905
x-xss-protection: 0
server: sffe
date: Mon, 30 May 2022 17:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "862cd07357fd06d9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 May 2023 17:09:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 26B3 40 KB
13 KB 188ms
97ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 126766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12945
x-xss-protection: 0
server: sffe
date: Tue, 31 May 2022 19:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2cd215bb1afb4615"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 May 2023 19:07:06 GMT

GET
DATA 200
OK truncated
/ Frame 26B3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9faf9d5aeedfcc89838a101d4992ccec87b9c0d02772d33bc329c1aa21bcd96c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6460188027823351569
tpc.googlesyndication.com/daca_images/simgad/ Frame 26B3 57 KB
58 KB 128ms
35ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6460188027823351569

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34f2c76afbba2ec6294fc0ceaf7bf796c8b6796105305b7068f7391290ef325b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 13:03:19 GMT
x-content-type-options: nosniff
age: 148593
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58517
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 07:11:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 May 2023 13:03:19 GMT

GET
H2 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 26B3 3 KB
3 KB 126ms
33ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 18:59:49 GMT
x-content-type-options: nosniff
server: cafe
age: 40803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9421415325968714010
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Thu, 02 Jun 2022 18:59:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 26B3 344 B
807 B 125ms
32ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 84818
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 02 Jun 2022 06:46:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 26B3 0
0 115ms
41ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQa7xN1RlLxQd9adHV2N-M_-v7vBJInDKjfHWh6Ma804CxPcatZlqDbEm8LgkMKJReSRh6yD1OL6s5KGNhKmJ0g9m_HVA
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 26B3 0
0 78ms
77ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHQ9hiFaYYqLADvjO7_UPr7CfyAHPwK2cY_37mfm3D2QQASCosoV8YJGEoIWMGKABqvT4kQPIAQLgAgCoAwHIAwiqBNoBT9BwbaP0J6CzbKSm4XYXPXPrLYW7x1l1MPoHWe8YPDp0b3OeNcMatzipZ1ZvGs1QJT9IpECsC9b5IiHkGU7j58iS5jZmTLleSkFDE3GCdGCXnFSGJKs1HVMn580WTFs3rTBcG_tVTVvyhO4QpEPdV8hqI7U-z8bj9dCuhqJrz5DmqarXICePSFG8zUseVzaOis8ag1jThnHq84iSXRsmBWDFFmw-BarK33oVGS_WyvoXDbKZUbdkujolrTFClY-SvA_a3OVhLZygJIDjixX6-JwIbBFJFE5Me37ABMTys-HyA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAe-i4duqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQiJUG0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi0zNTQ1MjQxOTkyMDczMjU0gAoDyAsB2BMC0BUBmBYBgBcBshceChwIABIUcHViLTI5MzA4MDUxMDQ0MTgyMDQYppN2&sigh=BVcNUP26ZHk&uach_m=[UACH]
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 4780
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_rbd_n-Beeswax_cnv_n-Outbrain
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_rbd_n-Beeswax_cnv_n-Outbrain&dcc=t

65 B
686 B

46ms
46ms

Document
text/html

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_rbd_n-Beeswax_cnv_n-Outbrain&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 02 Jun 2022 06:19:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 3Z0YBZNNFH86PJEANFJC

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 02 Jun 2022 06:19:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-sharethrough_n-LoopMe_rbd_n-Beeswax_cnv_n-Outbrain&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: NNBWHZY64SH34RQH49PW

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 111ms
42ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 110ms
42ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 113 KB
36 KB 468ms
468ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=1093629243616353&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=44890869%3A22630893834%2Cca-pub-3831894559014614-tag%2C3174330e-5b35-445d-b726-fb64eb2aa02e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1024x600&fluid=height&ifi=14&adks=1841013479&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=ti%3Da3538840-e543-4084-a0fb-8ac2d3565e43%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D77%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D9b623ba2ddfc33e3-22a215a5a5cd0003%3AT%3D1654150792%3AS%3DALNI_MYiIS_oOSvY4VoEdvscQSKYJkKwlQ&abxe=1&dt=1654150792642&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=346&adys=176&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1140x616&msz=1140x616&fws=0&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8fe34b8c3a1a835c88704434df8c2964215ccfda96757e381bf483ccf34f329c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37224
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 374ms
374ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=833127034262890&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=44890869%3A22630893834%2Cca-pub-3831894559014614-tag%2C3174330e-5b35-445d-b726-fb64eb2aa02e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1024x600&fluid=height&ifi=15&adks=1841013477&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=ti%3Da3538840-e543-4084-a0fb-8ac2d3565e43%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D77%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D9b623ba2ddfc33e3-22a215a5a5cd0003%3AT%3D1654150792%3AS%3DALNI_MYiIS_oOSvY4VoEdvscQSKYJkKwlQ&abxe=1&dt=1654150792648&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=346&adys=2737&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1140x616&msz=1140x616&fws=0&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

15ceb163867a9019d0259a656d7298fb92c2678fe0d8a8cd12a0225c577e00c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11083
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
24 KB 288ms
288ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=1949118988680203&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=44890869%3A22630893834%2Cca-pub-3831894559014614-tag%2C3174330e-5b35-445d-b726-fb64eb2aa02e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C1024x600&fluid=height&ifi=16&adks=1841013476&sfv=1-0-38&ecs=20220602&fsapi=false&prev_scp=ti%3Da3538840-e543-4084-a0fb-8ac2d3565e43%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D77%26excl_cat%3DPREPOST&eri=1&sc=1&cookie=ID%3D9b623ba2ddfc33e3-22a215a5a5cd0003%3AT%3D1654150792%3AS%3DALNI_MYiIS_oOSvY4VoEdvscQSKYJkKwlQ&abxe=1&dt=1654150792655&lmt=1654150792&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=346&adys=1385&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1140x616&msz=1140x616&fws=0&ohw=0&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bfbbd3a1a2be3136cb41e4a75909e46ea1a7ea09fe9039b7cff18f1326224054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24166
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 41 KB
12 KB 33ms
33ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:11:46 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 51.254.41.128/25
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: rbx1
content-disposition: attachment;filename="esp.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11458
x-request-id: 1051131968

GET
H3 200 container.html Show response
30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EF63 6 KB
3 KB 99ms
33ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:19:52 GMT
expires: Fri, 02 Jun 2023 06:19:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 34ms
34ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.2&b=3&r=go4kora.com_auto_interstitial_desktop&sy=604f45af-fce2-4096-8617-341a4b1451f5&ts=77&cd=2&pud=100&pus=c&pue=310&pid=64&pis=c&pie=372&ppd=73&pps=a&ppe=380&pad=92&pas=c&pae=478&pcl=458&ttc=434&tti=1116&ttif=0&lca=380&lcak=ppe&lct=478&lctk=pae&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=go4kora.com&mlre=go4kora.com&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=a3538840-e543-4084-a0fb-8ac2d3565e43&e=lm&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G376E3G9D5VCQW183JBMDTNM
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 1420490
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "b51d4f9d98e40d6d6d678da6b234a975-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e14765df99751-AMS

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 103ms
35ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://go4kora.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://go4kora.com
date: Thu, 02 Jun 2022 06:19:52 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 26B3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

146ms
80ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 02 Jun 2022 06:19:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/ 15 KB
15 KB 172ms
50ms Image
image/x-icon 141.95.4.200
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 141.95.4.200 , France, ASN16276 (OVH, FR),
Reverse DNS: ip200.ip-141-95-4.eu
Software: /
Resource Hash: fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:52 GMT
X-Openstack-Request-Id: tx7739122498cb4ba19a278-0062985688
Last-Modified: Sun, 31 Jan 2021 12:57:34 GMT
X-Trans-Id: tx7739122498cb4ba19a278-0062985688
Etag: 7bf4f6782dee3b520a65ff84286e3691
Content-Type: image/x-icon
X-Timestamp: 1612097853.12655
Accept-Ranges: bytes
Content-Length: 15086

GET
H2 200 /
signup.adipolo.com/ 0
0 137ms
61ms Image
text/html 2606:4700::6810:f34e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signup.adipolo.com/
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame FFE5 376 KB
106 KB 115ms
33ms Script
application/javascript 2a02:26f0:3500:698::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:698::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5fe2c91e401a2966029b07099d138f903d3bfcfad86da5a7c33d85c548b303af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdscT4In4E2GWlig4jYBCPY9CfVjjmT4MNnhj2KjSrcfnOhswHss2upLE-REbxioaT_IFKCmWeHx7lNkcoqJzyKkwODGiwuP
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 107957
last-modified: Wed, 01 Jun 2022 14:02:12 GMT
server: UploadServer
etag: "a0ef14730334e50c34e9e95557ee78b3"
vary: Accept-Encoding
x-goog-hash: crc32c=YEt6cg==, md5=oO8UcwM05Qw06elVV+54sw==
x-goog-generation: 1654092132009332
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 107957
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 02 Jun 2022 06:24:52 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame EF63 4 KB
633 B 41ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 06:08:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Jun 2022 06:19:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Jun 2022 06:19:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1B32 8 KB
892 B 41ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f23a79d0f7a1525618b8df0c196c65fad4d42afd4eafa80fae381cdf8404e268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 06:05:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Jun 2022 06:19:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Jun 2022 06:19:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 1B32 2 KB
902 B 105ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:19:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame 1B32 21 KB
8 KB 118ms
49ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite_fy2021.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7fdfa58b30ccdefdd8f99a40cd0c78aecb8e858b5256d07fec8eefa95518a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 04:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
server: cafe
etag: 3385757330471345920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 04:16:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 1B32 3 KB
1 KB 123ms
54ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/window_focus_fy2021.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 05:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 05:36:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1B32 138 KB
42 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 06:19:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 1B32 17 KB
7 KB 104ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:16:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1B32 0
0 43ms
42ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0GiheuDeaGvYWlt7-3zrza14Kzrfv4m-wrXKHnGpwZ58g4OoGvKzkugpu8qxdjx5JsfmihlP3bpTwQo6D-j9FenYFgg
Requested by: Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame 1B32 31 KB
13 KB 109ms
35ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 00:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 00:18:58 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/ Frame EF63 19 KB
8 KB 107ms
42ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9adcbce27a94f1a18dbded1b0024b427af2f13ae66d9390dacae83017cd3e460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 04:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0
server: cafe
etag: 1301743315790764339
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 04:00:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EF63 205 B
293 B 112ms
42ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:18:53 GMT
x-content-type-options: nosniff
age: 59
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 02 Jun 2023 06:18:53 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame EF63 604 B
918 B 111ms
42ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 04:36:04 GMT
x-content-type-options: nosniff
age: 6228
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 02 Jun 2023 04:36:04 GMT

GET
H3 200 container.html Show response
30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FF72 6 KB
3 KB 33ms
32ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:19:52 GMT
expires: Fri, 02 Jun 2023 06:19:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 33ms
32ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=go4kora.com_fluid_sky%2Bsq&sy=604f45af-fce2-4096-8617-341a4b1451f5&ts=77&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=go4kora.com&mlre=go4kora.com&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=a3538840-e543-4084-a0fb-8ac2d3565e43&e=lm&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G376E3G9D5VCQW183JBMDTNM
date: Thu, 02 Jun 2022 06:19:52 GMT
cf-cache-status: HIT
age: 1420490
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "b51d4f9d98e40d6d6d678da6b234a975-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1478296c9751-AMS

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame FF72 21 KB
9 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite_fy2019.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d04270929a7b55e11bad5612cec9a0bc6f99aa203065ebb49282a8e10ed3f897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8686
x-xss-protection: 0
server: cafe
etag: 15744946208710284980
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:12:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FF72 8 KB
714 B 41ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 06:05:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Jun 2022 06:19:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Jun 2022 06:19:53 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame FF72 14 KB
3 KB 137ms
35ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.css

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 13:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 May 2023 13:39:48 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame FF72 351 KB
121 KB 137ms
36ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 13:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123888
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 May 2023 13:39:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame FF72 17 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:05:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FF72 0
0 42ms
41ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLIHBJ9vuqvEocT_pHlbKXTdDErBCWSQ7jj1B-FWLkQ_1nxg5m5rUjKzS3AVCfks-tVNGKBV0Z-zoDqsefyDA52u1Dww
Requested by: Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 97ED 143 B
163 B 52ms
34ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 2032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 02 Jun 2022 05:46:01 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012205161914000/ Frame 4122 220 KB
60 KB 100ms
34ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 164056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61456
x-xss-protection: 0
server: sffe
date: Tue, 31 May 2022 08:45:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42b814baf88beb20"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 May 2023 08:45:37 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 4122 14 KB
5 KB 155ms
89ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 220227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5191
x-xss-protection: 0
server: sffe
date: Mon, 30 May 2022 17:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3630c4be819f8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 May 2023 17:09:26 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 4122 94 KB
28 KB 144ms
79ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 220227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28900
x-xss-protection: 0
server: sffe
date: Mon, 30 May 2022 17:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ccce7ec6c76e0017"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 May 2023 17:09:26 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 4122 5 KB
2 KB 141ms
76ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 220227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1905
x-xss-protection: 0
server: sffe
date: Mon, 30 May 2022 17:09:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "862cd07357fd06d9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 May 2023 17:09:26 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012205161914000/v0/ Frame 4122 40 KB
13 KB 156ms
91ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205161914000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 126767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12945
x-xss-protection: 0
server: sffe
date: Tue, 31 May 2022 19:07:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2cd215bb1afb4615"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 May 2023 19:07:06 GMT

GET
H3 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4122 3 KB
3 KB 34ms
34ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 18:59:49 GMT
x-content-type-options: nosniff
server: cafe
age: 40804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9421415325968714010
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Thu, 02 Jun 2022 18:59:49 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4122 344 B
368 B 34ms
33ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 84819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 02 Jun 2022 06:46:14 GMT

GET
DATA 200
OK truncated
/ Frame 4122 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 601f6f5eb8b14d43a44a24e2a46bf878a90fbf4e4e35fb2dd62d80df8f4ba4af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 7813124534792987951
tpc.googlesyndication.com/simgad/ Frame 4122 7 KB
7 KB 34ms
34ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7813124534792987951?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qknaWhC-zpHBQHDDrEweyh9JwYyqw

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b07f50b601b63273ca08da35705892868cce6c3293386097c79b976c352c930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:25:15 GMT
x-content-type-options: nosniff
age: 132878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6747
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 10:01:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 May 2023 17:25:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4122 0
0 42ms
41ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS72Gm0oTIL_auuo71az6HiHquJOSWDlIFVhI0TB-wPHmLEorncNct66nP1L9Bwz8SlV9lMLrUkg05SkwPXNRSPe6U3tg
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4122 0
0 76ms
76ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-KmAiFaYYtGOK9qG9u8P3Yei2AW2zOKyavmWtcP-Dee8udGODhABIJWbyiFgkYSghYwYoAGk3ZqLA8gBAuACAKgDAcgDCKoE6wFP0F4oypKLmTLbNd19qHhq9ilLEBrNRsatvcxgMl3Ra2SYwjD4WLTostQclxylQ1oG-hJUA8soo6wDROrcLZ7R6a3SYsLk4CC_bGapqLZkSPtFtXwTjCllMnVn-YX_Gik3u2ibe0luk8TTqP_S0KDPQrQsWA-KzTtExGl4qwFjlLsv433MeML_ouxjEisN8i-DO7E7EOxcdh16itldn8_Qv8FUjct6gz4bjED0D7T1l2hHCE7Ko43YZzExbHKx6kPw3MPhFyXOCtPEXHG_2oMrHIIh6Vrqc5mFelX9y9UGeC_w1xiVJu9pljPxwATOhbXPwQPgBAGSBQQIBBgBkgUECAUYBKAGAoAHxKLldKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPX4AdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTY5NzQ3MDM3NTM5NjA4MIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=PD0DdU5s-O8&uach_m=[UACH]
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 34ms
34ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=go4kora.com_fluid_sky%2Bsq&sy=604f45af-fce2-4096-8617-341a4b1451f5&ts=77&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=go4kora.com&mlre=go4kora.com&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=a3538840-e543-4084-a0fb-8ac2d3565e43&e=lm&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G376E3G9D5VCQW183JBMDTNM
date: Thu, 02 Jun 2022 06:19:53 GMT
cf-cache-status: HIT
age: 1420491
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "b51d4f9d98e40d6d6d678da6b234a975-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e1478aa609751-AMS

GET
H2 200 track
servt.modoro360.com/ 0
70 B 103ms
102ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?r=go4kora.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.25&apppkg=&fv=1&proto=https&pid=603b9ffff4babd238f32ea66&cid=607d8fb337a8647f135f4f25&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=100&cb=1654150793078
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
serv.modoro360.com/api/adserver/tag/ 28 KB
4 KB 400ms
166ms XHR
application/json 54.85.47.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=61b8979becdbe44a0161df9a&AV_PUBLISHERID=603b9ffff4babd238f32ea66&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fgo4kora.com%2F&AV_CHANNELID=607d8fb337a8647f135f4f25&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=go4kora.com&AV_DADPOS=1&AV_TAG=61b8979becdbe44a0161df9a&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.25&responsive=1&sver=2&avtoken=793077&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1654150793099
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.47.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-47-27.compute-1.amazonaws.com
Software: /
Resource Hash: 6b10905e00c5413c589e84b0d29d2381ef19ceec5ebe77c9c4e04b7dff26b797

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://go4kora.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Sat, 21 May 2022 16:33:13 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 97ED
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

89ms
89ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Jun 2022 06:19:53 GMT
expires: Thu, 02 Jun 2022 06:19:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 02 Jun 2022 06:19:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 75F2 6 KB
3 KB 33ms
32ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:19:52 GMT
expires: Fri, 02 Jun 2023 06:19:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
365 B 33ms
33ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=go4kora.com_fluid_sky%2Bsq&sy=604f45af-fce2-4096-8617-341a4b1451f5&ts=77&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=go4kora.com&mlre=go4kora.com&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=a3538840-e543-4084-a0fb-8ac2d3565e43&e=lm&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-nf-request-id: 01G376E3G9D5VCQW183JBMDTNM
date: Thu, 02 Jun 2022 06:19:53 GMT
cf-cache-status: HIT
age: 1420491
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "b51d4f9d98e40d6d6d678da6b234a975-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 714e14792b3e9751-AMS

GET
H3 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame 75F2 10 KB
4 KB 100ms
33ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 00:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 00:38:51 GMT

GET
H3 200 c1187f9c406d7453d4f1a2621f2f7324.js Show response
www.gstatic.com/mysidia/ Frame 75F2 148 KB
55 KB 102ms
36ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c1187f9c406d7453d4f1a2621f2f7324.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f23ce3a908dabd98caaa52aaa2681fb06ed05811d0fbfe00d5d16374a181b73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 01:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56283
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 01:45:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 75F2 4 KB
812 B 41ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23229beed834a4ea7199399a8cda7d3d3355099c25e1cda56c7181b0d8ceeb8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 02 Jun 2022 06:11:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 02 Jun 2022 06:19:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Jun 2022 06:19:53 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 75F2 2 KB
910 B 33ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 828
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:06:05 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame 75F2 21 KB
9 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite_fy2019.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d04270929a7b55e11bad5612cec9a0bc6f99aa203065ebb49282a8e10ed3f897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8686
x-xss-protection: 0
server: cafe
etag: 15744946208710284980
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:12:37 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 75F2 3 KB
1 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/window_focus_fy2019.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:03:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75F2 138 KB
42 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 06:19:53 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 75F2 17 KB
7 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:05:41 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 75F2 0
0 42ms
42ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXdNTWefo0pae8BX0_JvoNkq_xROc2tXYlrdgPYIDC5sDg3nGeIfgGW_FE1KAlVzTp5h8L3flumLpvcPZggKSIcGQEOQ
Requested by: Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame 75F2 31 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 00:18:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 00:18:58 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4122
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

101ms
101ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H3
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 02 Jun 2022 06:19:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame FF72 0
327 B 122ms
46ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l3wmo8pj&c=2195964878557&slotId=1097982439278.5&qqid=CJ-nnvOPjvgCFYnIuwgdQcUArw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44731965%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FF72 15 KB
16 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 236209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 12:43:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FF72 15 KB
15 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 241926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:07:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF72 0
20 B 67ms
66ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C8zNriFaYYp_DK4mR7_UPwYqD-Aqo6I6wareQsfWNELuJ27_wLhABIJWbyiFgkYSghYwYoAHnho2gAsgBBagDAcgDmwSqBOcBT9Ap-cs6rBLjodHyTZ-4xmIi4t-ittyYXSL_s7zPXKuC2lvUO9384N9GIZFjhOBfLbpzoWWcwYMuKCcM8C9hATyCkitwMCpbPmU0lkBHvjgCFEgWR5MpeJt97J-i05lURFtT5BhtsyFqZfnmmacrRqhXcCGmv_6DkA17PkTk3GeOjL18r8hrlEA2vZtorg3SmIJUI134v1Z_RRiUlC_y2E16Fgi1o7SF1R9HMbpcN2KGH3a-It-xEmKbpoOxKmqrrdpaxA71NGW497C5w3P6d-RRYI8Hf691Wr8qNT87nFgVMfTpcQw-wASEifODnQTgBAOQBgGgBk6AB4H58t8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNjk3NDcwMzc1Mzk2MDgwgAoDmAsByAsBgAwBsBO4_KwPyBOZop7gA9ATANgTCogUBdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1654150793246&ai=C8zNriFaYYp_DK4mR7_UPwYqD-Aqo6I6wareQsfWNELuJ27_wLhABIJWbyiFgkYSghYwYoAHnho2gAsgBBagDAcgDmwSqBOcBT9Ap-cs6rBLjodHyTZ-4xmIi4t-ittyYXSL_s7zPXKuC2lvUO9384N9GIZFjhOBfLbpzoWWcwYMuKCcM8C9hATyCkitwMCpbPmU0lkBHvjgCFEgWR5MpeJt97J-i05lURFtT5BhtsyFqZfnmmacrRqhXcCGmv_6DkA17PkTk3GeOjL18r8hrlEA2vZtorg3SmIJUI134v1Z_RRiUlC_y2E16Fgi1o7SF1R9HMbpcN2KGH3a-It-xEmKbpoOxKmqrrdpaxA71NGW497C5w3P6d-RRYI8Hf691Wr8qNT87nFgVMfTpcQw-wASEifODnQTgBAOQBgGgBk6AB4H58t8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNjk3NDcwMzc1Mzk2MDgwgAoDmAsByAsBgAwBsBO4_KwPyBOZop7gA9ATANgTCogUBdgUAdAVAfgWAYAXAQ

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame FF72 24 KB
15 KB 166ms
71ms XHR
text/xml 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CktgF_SYGR40-qG4Uk6COHBwT7pAgfxxFez8BUVXUkZOAVa4qlYoxk4NlgmSoPCjkahRHQxHmzYID52QagO2KbJjsJdg&dbm_d=AKAmf-BJNt8wHhDmy2EeciMXAFM31axCtf7Fh9kSYZWcBd10EQqQEfMPYsPY-6kep6i8-VH_GaglAB54VgQwiOn5n3P9lA9I3DEpQGSioFJQ41EJLJ63NW9QSRakWK7RJ823OShidOsqcICOJ0GxCS1xdD4AN1d_9skYcJ4AETPJXyMRCui2g7MR81l8FnkSNCDwydQnQwMeb-GLjBkt8JY4CdWEpogNQSza0zGd94HrVBw3BWC8X-Hqcj2YMFW3RujjyLQVYIEhwTSO-rYvVYOd3MlWsC66GF5qQ5wSC9fsLX7uKIjksM4rmWqmvzpt6qokRAhsWe5ODkhUGsJ4ed3WIlM1VnHYeejV5gyaV2aLzSRxSirngUDljJg4xxZ-jvOZ2O_PUptkTgRGTSpy0yBFBKwPD2iuLSOfO2kdMdTqjlZgBjCyUgkHZPLLaZyyy6ykHH5Ol1SZLTog46sgi24mwag9-dnN834yzBMII-fc4ySeWCNmpTaVzqaS3B7-mNYMsG7vvMCDNs4tcle5JcBKLkjkxUNwjMSQkatULiQImmFZZIjyOYljz-lkDQOU-ueMAWKTgGChZEecHXiDYc6gd-RYFIkZ5suBnsqXUOGaGSY_yfK9zWCihwlk7Uk_5oo848Myhq99JCUQJ6uerIyMeeyfKiqW45vGBedEwc7rgv5mlrYjsxoWyADm7VIkxngi3E0P1QDWOMnh01-7lA787LmtPRPTPf3VtbEWS7j3htvyzA_WMW2ew2pnhUlAve8sRu3L40o6w0SsgJlF34-x8R405W7Bw25BxICuDd6YyIPfJN5QO0DF7Ixh9Njk7kzL_McpM8SgOsd0ECxZ8BQglpce9fqHYPHWjKruqK3ELx3BBR2QcVHFOTVYF9ntyWvIcYvAbAGzuFG-xL0h4WFz0VzaAsf-QDj4zu3gnOqUcbNa4GSDI0aY9OQ-lBzVx1Z8EdsNuuaLISk2HF7410ynnZtxx4P3qCj40axs72VFNLm-82ZwfkE3UKGOrB_R6SToC9yeZwqU6OxC5Yy1O2cYZj5IwV9m-cg7Bo0tDhT04uFssTJdPZIcmydvFqT8wSqGXCHbl__Y5UBos16d1_-rBLKX_XC6E7h5RvhU0pavhek3NAJmEBvZS7Cfbl-1XFsJljcX4JFv9dEDRJCo1NNqLENlzk4sNBFtpmdg2u2Mkv8Ick6SBC0ltibIkEVG6bYCSV4RZoQbbs7GJkeycVMf_fhXPVWRhVF6jTHh8nzvwMOraU8G845HQsXLcLMYX7wCu_cPhi1Ze0P7BmsUlEleXlVehh0Jgu6zbwMvAl7QsGLr5JDvLLkm1SvlIWVuDObu8GBaofm1aXTuBKrhU0afZV6-UTeWc0Xaec9Pm6VDRkcln5EH5aCDWFPuThPaSCsvY9cDDC3LJck246Tfh7FOjsr56jzYUgLkB5aOEKYyS20DakThUz-L7X5kgr0b1KnuoXJ1-frrPfF1DpeJP7LUYfVLFi_NZuvMBudt4D_LHRRgDF4Rmpwog9zLVVWstYFJgYkE_FcQEr8l5BvcfPRdZI-w2X0H0-Y3PwQE2VHkny5KSxoDvlguynfo-ir1dTr_v-DV0-f1JIR-BlNZmyU_SnmksB5YbQunzE6J65e7loyDIbml4kmpqVux3x-snpQXIUyMkkaNqeZ1v716mt8MIkTH2DLUCOxV1AvFHAe6o2RWf7H6iGHVnl2PNVeiygDfAu8JxzGaT_p0SgWWEbJV8v643t5VfqTGigEahpD4NFX_QMU3ruErG7L6FCqBbx5_IuZ4fHotphc38cKrjGWPgI0UtCKjtNt6ozCqCz6QpVWpTeXhcrfiNLgzWqRhw_gfmIgzJK7JftlJizIJNUsBiUYhK406jnHI-nCA95D14wb6cSthw_HYb_GMm0jMl6n677Mkdr-EpLeDVGzY9GXJdg3JskWAKtavaOka4SnwGzXVsILKg75ClOhzuqPa26m1X0Y6Bs3iclhhq0IlQtF3fN51zZxyuGtSqtXxtDByFGd9wJ92m6j2237rxCEJfOa-DCrUL1tAjkblIqXR_XI2rbqyJmu6bENSPn3ckCXGmCrMQyBeN5s-QMHIIhhQmvvKr6w166f45I06mt4ranIvZVG6C4VfWxHWo_VRE22Hfnf6ROnI-FoDEhJx2jiX-GPVR4oZEbJ0gh0NVoQ3GB_aPCtK3i-hVeq5flFLfnva2eO6OudrlKZjdy2bME1eMuzneKtTRlXq1NuDPEyPBuq9xCnsBaYIcuLk4V4hakLX5K92mmyusi9JBV-62FZOdb7aSOfjAIHUbCnkMaqEoxQsrbyqN-wOT7uhs9UAOAkkaUUh7oqNWvbHIlHWOpXzVZ3dBy6XHi5zpGiQCIULtGL2BZ_ZmJrRVa4ArEcfvz45UqYWjboVaA2E5Z__JVwl6wDCXdbr8OsPe468PIMB4gftEkyl1Ar0TRkdcYZMJmGBRfZHfFUpD01gMymBfABK6iMqLPv44yH335jf1V0icFe7_We77wvbm1O2sZ12-BChx8Lt5G8TpYx2ebGEcgH015M4yQM515MP-DppiYNttzI6dGUq9iRtJr4Pze4MFAIwYASZElfuMI0chvvUwq1ytGlUixcX33cJQlIYJ6mY3P_dtMDsFUcZ8Opb0bFrXivgfq3sQ4Aj-hG0kiWBAow9JelC9BD0d0HoTw9OlQZN-1KMTCVxvkEzJWFmEysNQ97ef5YoFrcJO_gmDL9nSc1ltBSMqlAIo6nVl-6HMqYIro62BbRmZnAx9RCTVYMjgppbW3-_Qf67jdEa5L6q451gdHmgzmH2MycEc3SEXjah_HAYuEHIrFqEnrnONq8OD-lfUM8BQy7Zx1kA7zdtPz9rxqJevNCiXcK6zBRYCOo6GYzdflTDvqlq-GY5i3eBIHUbJIQmpqb9671wBGWhSJGjth0UkGHhj1_XgXwaz2P2UnRoS-1XU9YirfyhVNWjFQuIo3xMEFJ32zRX0le5DtF4Ye-uM1msNpas9QZ9YTLBZAMmkOxL5QTO5lmKaQ32rTRuuw1n4qpUHvtLsIvupjjOcg1mCgNR-PBdv99IuCdoqpF0SpbNkjdPZ_mFCObMcryu39woDCNK_VI&cid=CAASJeRoVpv2lMTbHF2mNIHMf-3qB1a5TQdhRcaPWZqIehb3MkIszqo&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

cafe /

Resource Hash

352ee481b6b43b3d2af716daa64b971a673849d8089ae2f9846f165cff8f1cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14988
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FF72 0
0 71ms
71ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRtSGiFaYYp_DK4mR7_UPwYqD-Aqo6I6wareQsfWNELuJ27_wLhABIJWbyiFgkYSghYwYoAHnho2gAsgBBagDAaoE5AFP0Cn5yzqsEuOh0fJNn7jGYiLi36K23JhdIv-zvM9cq4LaW9Q73fzg30YhkWOE4F8tunOhZZzBgy4oJwzwL2EBPIKSK3AwKls-ZTSWQEe-OAIUSBZHkyl4m33sn6LTmVREW1PkGG2zIWpl-eaZpytGqFdwIaa__oOQDXs-ROTcZ46MvXyvyGuUQDa9m2iuDdKYglQjXfi_Vn9FGJSUL_LYTXoWCLWjtIXVHx8wIKmk8MCN5xiIpDO4NSc6swW2GAQxqPVwPeg-2bLeqAZr98rDWt53oR-CG_EoEJS6KBeEy4aDj2vABISJ84OdBOAEA4gFoducqUCSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB4H58t8BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQzoATGJbNn8oB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xNjk3NDcwMzc1Mzk2MDgwgAoDyAsBsBO4_KwPyBOZop7gA9ATANgTCogUBdgUAdAVAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=Gx6JtYq1UDU&uach_m=[UACH]&cid=CAQSPACNIrLM-IQATNE-GGPV9lGgxE27lZm9CTYEqdO2ZXj4DdZCfmTD7idOkJpKeSwucGuGu8ac8teJIPOnIQ&vt=10
Requested by: Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 51CA 1 KB
749 B 34ms
34ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 60821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 13:26:12 GMT
etag: 48472445140208031
expires: Thu, 02 Jun 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FF72 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8eb80fc1406d940d92493ed3e3ac5bfff4de8ec85b599bd9972ced0a4b43c2b0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 43ms
43ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
43ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
9 KB 326ms
325ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1738239888552833&correlator=780258592370536&eid=31065401%2C31064018&output=ldjh&gdfp_req=1&vrg=2022052601&ptt=17&impl=fifs&iu_parts=21939239661%3A21908094131%2Capl%2Caplmcm%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90&ifi=17&adks=2825964077&sfv=1-0-38&ecs=20220602&ris=1&rcs=1&fsapi=false&prev_scp=test%3Drefresh%26excl_cat%3DPREPOST&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&abxe=1&dt=1654150793289&lmt=1654150793&dlt=1654150791769&idt=360&biw=1600&bih=1200&adxs=315&adys=1110&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fgo4kora.com%2F&ref=https%3A%2F%2Fgo4kora.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&fws=512&ohw=0&psts=AGkb-H-z6a4-3snuwwxweKl9EVhPO6EJ6rH5nmkcAt5Hwbl0IDoNY0GWcK1COzgOgkCNy84HuEGony3fgjFAAf769nkz4ea25Tl7Nl8%2CAGkb-H8-ESFCirXuLKBknW8-ibQdJvlBmVDEcfX5rSMBj63yybz6iMEnUsQSybjDGNRk8L8DskC2awSf-EThh8WhVwG9UDpot00ERsQ%2CAGkb-H8EnZnfgtn671IjO0MaSuzJvsg_rz4Dm8xT7yYDZM6XFOBzzRJRFx53bT28Lcu3r-CMQWG_tttIDTZN2lQLxaj2bJvLu6nByaY%2CAGkb-H-vNFTiAbpuI-jhuo328R9HHvTBbRBqaVI1SVN_rktY4KmbaJD0c-Kfd_RKtk-X0ZY1B7oDXIqRCPAjEu0vuUrNSzMRno-Wu0g%2CAGkb-H-V4ec5TU4c5vqq6Ew2LtRQs9dsreC7wm4Or5ZuzEe6442cYJ-tgYY9fByIlTyN5hVurvKLX2i_Mb-2M9yKv9EpHsaCrDklkbw%2CAGkb-H9nU5hhr_LD3vmyEYW-UJGY1AJINbBZXEzxHJcEu5yvYqloDBKb9J_IwjTPDfGatakT9L5Fx3jfQylmbZzhUp1XE6rxaXx6eqg%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=45469320.1654150792&ga_sid=1654150792&ga_hid=1462188469&ga_fc=true&btvi=0&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

49fc3b6a51c6c7aea5c59e8f65f8b3f97ac306022ab29cdd901f826e799d3a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9144
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://go4kora.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 75F2 4 KB
5 KB 125ms
34ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT0S-SdWPCq7NCJgm4F68qsVx6Ny-urr-An1vDSkRrh58HW5r_B&usqp=CAI

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d63a0835d5a91bb2c9d64cdb65711bd7ac480c6daac8163ba01007d3973855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 21:38:20 GMT
x-content-type-options: nosniff
age: 204093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4536
x-xss-protection: 0
last-modified: Tue, 10 May 2022 03:11:32 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 May 2023 21:38:20 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 75F2 10 KB
10 KB 125ms
35ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS6Rb690-2GGglzVyMkOKHgZojNqLkm659vySNPxfCgJbyBYPs&usqp=CAI

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e3d50a9f8acf9b55cf781cce39289a0039996ab6d02febc414fd3d6d07d399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 05:42:06 GMT
x-content-type-options: nosniff
age: 88667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10386
x-xss-protection: 0
last-modified: Thu, 28 Mar 2019 20:11:25 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 01 Jun 2023 05:42:06 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 75F2 3 KB
4 KB 123ms
33ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQTovv46G_sFN_mycXz2fGYgO3n9wxycXc7kS2BRzfATsSXkB9S&usqp=CAI

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d70d496e847346b8c08debe6a4ff20760fbe37aebeff6aa406ea993abf10f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 19:47:50 GMT
x-content-type-options: nosniff
age: 383523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3097
x-xss-protection: 0
last-modified: Wed, 27 Jun 2018 00:36:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 28 May 2023 19:47:50 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 75F2 3 KB
3 KB 128ms
38ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ0Fh3B8mL_RMBVlpH95xyVMgtlSlFUAyJX8x0J6SPn0wp-gRgK&usqp=CAI

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3445150d22624c2efaf1df34fa8491562e8421a5f4be7e06226c08ca4b60b310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 08:14:39 GMT
x-content-type-options: nosniff
age: 79514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3105
x-xss-protection: 0
last-modified: Thu, 01 Aug 2019 09:12:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 01 Jun 2023 08:14:39 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 75F2 4 KB
5 KB 126ms
36ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSC9oXk7n7-sjydxzzTn-q6IdjQxwJBYBo0mkRQD_OBBcD8GN38&usqp=CAI

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea49165f8381e38fe6c60d67c0d5a79387188f28edc285d4e0a19d707d361f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 05:50:30 GMT
x-content-type-options: nosniff
age: 260963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4089
x-xss-protection: 0
last-modified: Sun, 22 Sep 2019 13:13:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 May 2023 05:50:30 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 75F2 5 KB
6 KB 124ms
34ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSLdfrFj9ifeByxI2p7He250rLpcZGzag8s04ndSkH2MkX1IPAp&usqp=CAI

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5edc47ef5eec83aef9e79b0e2f23e47324d0c27328b2f81c89d8c8a9dd093885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 18:28:46 GMT
x-content-type-options: nosniff
age: 215467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5036
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 02:07:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 30 May 2023 18:28:46 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 75F2 0
54 B 46ms
46ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3wmo8rv&c=4255484692107&slotId=2127742346053.5&qqid=CJvmnfOPjvgCFYKL_QcdOwEOQg&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c1187f9c406d7453d4f1a2621f2f7324.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

4283760800443958948
tpc.googlesyndication.com/simgad/ Frame 75F2
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_k6y8NRD6CBjYBDIIRJVc5WGWHu8
https://tpc.googlesyndication.com/simgad/4283760800443958948

63 KB
63 KB

36ms
35ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4283760800443958948

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7582b7baa8de18c3db3ecd10d8c275fb750d7941920db021fac05f7839ca3b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 15:51:50 GMT
x-content-type-options: nosniff
age: 570483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64099
x-xss-protection: 0
last-modified: Sun, 29 Aug 2021 10:50:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 May 2023 15:51:50 GMT

Redirect headers

date: Wed, 01 Jun 2022 11:28:16 GMT
x-content-type-options: nosniff
server: cafe
age: 67897
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4283760800443958948
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jul 2022 11:28:16 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 75F2 0
0 76ms
76ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxYEFiFaYYpuCK4KX9u8Pu4K4kASj2t2NaaaJ6pXpC8j1qPGBGxABIJWbyiFgkYSghYwYoAH_4_rpA8gBCakCi2NYnXfesT7gAgCoAwHIA8sEqgTiAU_QL240qoADmi_acUpMpbsYPlob-ujzSWxVJZa3BJtJWoqxiH9maAvriuU4gx1Jii42ICE0HlqjEmFXaeh6s5XOVfM9EmlDcQxDZ6Zvxh-nm_dM9ugvCvHyosJ0pi1nYaL9PZKX_KKTxzBbBAjvoNU4iF1TRFP89WP-NDwoGrRkrZT2BnWAbea62TDa-LUAC2F2esmVl863oXAgNs6PODIa-K9k6vKr6ngviPnW7-JxDFQMtvkktwjWGAg7la4JTX6BtEGCeRJN0v12pPGFaZPhWlteZPojTAeOwod_DXa5gOzABOP01cycA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfpm4UWqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEM7eDtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTY5NzQ3MDM3NTM5NjA4MIAKA8gLAdgTDtAVAZgWAYAXAbIXHgocCAASFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=Gfl6pD2FlLc&uach_m=[UACH]&template_id=499
Requested by: Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DA36 1 KB
749 B 33ms
32ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 60821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 13:26:12 GMT
etag: 48472445140208031
expires: Thu, 02 Jun 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET /
google2waycm.netmng.com/cm/ Frame 51CA 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 51CA
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEHiHVRoPSDN6i4AeJMEqOEo&google_cver=1&google_push=AYg5qPKowEK1CYVJ4V5p74zF7ztVV4Jn0gqSYf1gp38GXSSI-oic7qzxnDQ9SzcnqLDxArKhR29pD-YyMbI...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKowEK1CYVJ4V5p74zF7ztVV4Jn0gqSYf1gp38GXSSI-oic7qzxnDQ9SzcnqLDxArKhR29pD-YyMbIoh7IztMaqnrnSldfEEQ

170 B
329 B

45ms
45ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKowEK1CYVJ4V5p74zF7ztVV4Jn0gqSYf1gp38GXSSI-oic7qzxnDQ9SzcnqLDxArKhR29pD-YyMbIoh7IztMaqnrnSldfEEQ

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPKowEK1CYVJ4V5p74zF7ztVV4Jn0gqSYf1gp38GXSSI-oic7qzxnDQ9SzcnqLDxArKhR29pD-YyMbIoh7IztMaqnrnSldfEEQ
Date: Thu, 02 Jun 2022 06:19:53 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51CA
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMFWWb_0khf3myjmWwew_Hk&google_cver=1&google_push=AYg5qPKl_ah0LL73zAR0dMziuHD-QKpsMWP_Qt27kU6tpWzBjjv-fjJ6tALJYaAsmF66yc66KCLS2HvlNCjR4DIUv...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMFWWb_0khf3myjmWwew_Hk&google_cver=1&google_push=AYg5qPKl_ah0LL73zAR0dMziuHD-QKpsMWP_Qt27kU6tpWzBjjv-fjJ6tALJYaAsmF66yc66KCLS2HvlNCjR4DIUv...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKl_ah0LL73zAR0dMziuHD-QKpsMWP_Qt27kU6tpWzBjjv-fjJ6tALJYaAsmF66yc66KCLS2HvlNCjR4DIUvbJoheM9_ivT&google_hm=EvfbtGZHx0D3Kb_kQXKUJPCa

170 B
188 B

45ms
45ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKl_ah0LL73zAR0dMziuHD-QKpsMWP_Qt27kU6tpWzBjjv-fjJ6tALJYaAsmF66yc66KCLS2HvlNCjR4DIUvbJoheM9_ivT&google_hm=EvfbtGZHx0D3Kb_kQXKUJPCa

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Jun 2022 06:19:53 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPKl_ah0LL73zAR0dMziuHD-QKpsMWP_Qt27kU6tpWzBjjv-fjJ6tALJYaAsmF66yc66KCLS2HvlNCjR4DIUvbJoheM9_ivT&google_hm=EvfbtGZHx0D3Kb_kQXKUJPCa
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 51CA
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESECa-zPHGv7APFwtAwm8Gqd8&google_cver=1&google_push=AYg5qPITrFlsXlRa8pbn7oCOjE0rYOYnREAhc8hIr-O358wkKToH1vayqKDdwpJ4NyI7AWdXJ3M3AIqHuY9aGnZr...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPITrFlsXlRa8pbn7oCOjE0rYOYnREAhc8hIr-O358wkKToH1vayqKDdwpJ4NyI7AWdXJ3M3AIqHuY9aGnZr7DdO4_IGpC3FFQ

170 B
232 B

50ms
23ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPITrFlsXlRa8pbn7oCOjE0rYOYnREAhc8hIr-O358wkKToH1vayqKDdwpJ4NyI7AWdXJ3M3AIqHuY9aGnZr7DdO4_IGpC3FFQ

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Jun 2022 06:19:53 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPITrFlsXlRa8pbn7oCOjE0rYOYnREAhc8hIr-O358wkKToH1vayqKDdwpJ4NyI7AWdXJ3M3AIqHuY9aGnZr7DdO4_IGpC3FFQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 2wJUmFW-8R_9VYNu3QrVwKyAm1Wa2MWIjA1S6oFbWHrQop4afRNhRQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51CA
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFdZ9aIpjddAgst4XciJQeE&google_cver=1&google_push=AYg5qPIFAM3fRPIvbm9gfZAn0dOJr7RpBVQC36ajXPPVEZjHRhazUXoM3mzQ3yi5KpHtPbxO2jT9ng_U8vSshWNrnPkFuaaOt3...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPIFAM3fRPIvbm9gfZAn0dOJr7RpBVQC36ajXPPVEZjHRhazUXoM3mzQ3yi5KpHtPbxO2jT9ng_U8vSshWNrnPkFuaaOt31...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1OTkxNTc5OTk1OTE2NjI1MTgzOQ%3D%3D&google_push=AYg5qPIFAM3fRPIvbm9gfZAn0dOJr7RpBVQC36ajXPPVEZjHRhazUXoM...

170 B
188 B

122ms
44ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1OTkxNTc5OTk1OTE2NjI1MTgzOQ%3D%3D&google_push=AYg5qPIFAM3fRPIvbm9gfZAn0dOJr7RpBVQC36ajXPPVEZjHRhazUXoM3mzQ3yi5KpHtPbxO2jT9ng_U8vSshWNrnPkFuaaOt31T9Q

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY1OTkxNTc5OTk1OTE2NjI1MTgzOQ%3D%3D&google_push=AYg5qPIFAM3fRPIvbm9gfZAn0dOJr7RpBVQC36ajXPPVEZjHRhazUXoM3mzQ3yi5KpHtPbxO2jT9ng_U8vSshWNrnPkFuaaOt31T9Q
date: Thu, 02 Jun 2022 06:19:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51CA
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEOVgpXfLTXRyxgbtAyA_7z4&google_cver=1&google_push=AYg5qPJT2CHGcPfwKtvzQ3K-k4kqfoN9I-e85cXQ2bcSq2XHZB_ylthgJ1JwgKwC6ucrEAW_mDYyCGBsxRd-cFXNZ-g-p8t...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJT2CHGcPfwKtvzQ3K-k4kqfoN9I-e85cXQ2bcSq2XHZB_ylthgJ1JwgKwC6ucrEAW_mDYyCGBsxRd-cFXNZ-g-p8tcQUOuhQ&google_hm=NjU2MDQ4N...

170 B
188 B

46ms
45ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJT2CHGcPfwKtvzQ3K-k4kqfoN9I-e85cXQ2bcSq2XHZB_ylthgJ1JwgKwC6ucrEAW_mDYyCGBsxRd-cFXNZ-g-p8tcQUOuhQ&google_hm=NjU2MDQ4Njc5NjAzNTA0NDM2Mw==

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJT2CHGcPfwKtvzQ3K-k4kqfoN9I-e85cXQ2bcSq2XHZB_ylthgJ1JwgKwC6ucrEAW_mDYyCGBsxRd-cFXNZ-g-p8tcQUOuhQ&google_hm=NjU2MDQ4Njc5NjAzNTA0NDM2Mw==
Date: Thu, 02 Jun 2022 06:19:53 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 51CA
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEHMXQYxoiN1UJL_TB0huRIE&google_cver=1&google_push=AYg5qPKhSRGOG11heyukiYl3eghQldEHKaNdX9VI0bYNPdYjZ05AT-bwZSVe86O5ejM4HUV_MuCgLIOQOVGKXAS2DzMgK8yonvkNasM
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWE5NmNkYTItYTBiMi00Mzg4LWJlZDQtZGQ0ZGJhYTIxZDkx&google_push=AYg5qPKhSRGOG11heyukiYl3eghQldEHKaNdX9VI0bYNPdYjZ05AT-bwZSVe86O5ejM4HUV...

170 B
232 B

54ms
47ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWE5NmNkYTItYTBiMi00Mzg4LWJlZDQtZGQ0ZGJhYTIxZDkx&google_push=AYg5qPKhSRGOG11heyukiYl3eghQldEHKaNdX9VI0bYNPdYjZ05AT-bwZSVe86O5ejM4HUV_MuCgLIOQOVGKXAS2DzMgK8yonvkNasM

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=OWE5NmNkYTItYTBiMi00Mzg4LWJlZDQtZGQ0ZGJhYTIxZDkx&google_push=AYg5qPKhSRGOG11heyukiYl3eghQldEHKaNdX9VI0bYNPdYjZ05AT-bwZSVe86O5ejM4HUV_MuCgLIOQOVGKXAS2DzMgK8yonvkNasM
date: Thu, 02 Jun 2022 06:19:53 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 51CA 0
223 B 130ms
41ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K73sUsgw1sZvyDrFxd4b9rlLysko6XTWWn1hBu_7uYTyreAI_KiUcvzAA4WhNKAL9282_fY8I

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 75F2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0df904107eefe1451a7efc3f120b91d786bce5ce101ae2d89c775094907ea58

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

206

videoplayback
r4---sn-5hneknee.gvt1.com/ Frame 75F2
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=50b3c903ada673f6&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1654157993&sparams=ip,ipbits,expire,id,...
https://r2---sn-pouxga5o-vu2s.gvt1.com/videoplayback?id=50b3c903ada673f6&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654157993&sparams=expire,id,ip,ipbits,itag,mh,mip,mm...
https://r3---sn-axq7sn76.gvt1.com/videoplayback?id=50b3c903ada673f6&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654157993&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
https://r4---sn-5hneknee.gvt1.com/videoplayback?id=50b3c903ada673f6&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654157993&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

944 KB
944 KB

84ms
27ms

Media
video/mp4

2a00:1450:400e:8::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-5hneknee.gvt1.com/videoplayback?id=50b3c903ada673f6&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654157993&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=57B92CE63BF44DB895C99A7DEA9AEA7117AB33AF.28F38D0A0EE03465F1F5477CCC285F412A5C6120&key=cms1&mh=Ad&pl=32&cm2rm=sn-pouxga5o-vu2s7l,sn-axqd7s&req_id=9964fe9b914036e2&redirect_counter=2&cms_redirect=yes&mip=2a00:1630:2:608::2&mm=34&mn=sn-5hneknee&ms=ltu&mt=1654149965&mv=u&mvi=4

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:400e:8::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e26d2e29bb754910e0dd7d26c65d4e1fefc65e9a9c37b9c8abdc1b7a5773a3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Jun 2022 19:42:41 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-966728/966729
client-protocol: quic
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 966729
expires: Thu, 02 Jun 2022 06:19:54 GMT

Redirect headers

date: Thu, 02 Jun 2022 06:19:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/html
location: https://r4---sn-5hneknee.gvt1.com/videoplayback?id=50b3c903ada673f6&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1654157993&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=57B92CE63BF44DB895C99A7DEA9AEA7117AB33AF.28F38D0A0EE03465F1F5477CCC285F412A5C6120&key=cms1&mh=Ad&pl=32&cm2rm=sn-pouxga5o-vu2s7l,sn-axqd7s&req_id=9964fe9b914036e2&redirect_counter=2&cms_redirect=yes&mip=2a00:1630:2:608::2&mm=34&mn=sn-5hneknee&ms=ltu&mt=1654149965&mv=u&mvi=4
cache-control: private, max-age=900
content-length: 0
expires: Thu, 02 Jun 2022 06:19:53 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 75F2 17 KB
17 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 20:35:13 GMT
x-content-type-options: nosniff
age: 35080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17204
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 20:35:13 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 75F2 0
17 B 110ms
51ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l3wmo8s5&c=4255484692107&slotId=2127742346053.5&qqid=CJvmnfOPjvgCFYKL_QcdOwEOQg&umsem=0&ple=1&ape=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffa287546e1d5bd0678894d5c227e456c.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c1187f9c406d7453d4f1a2621f2f7324.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 75F2 0
17 B 122ms
63ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l3wmo8t7&c=4255484692107&slotId=2127742346053.5&qqid=CJvmnfOPjvgCFYKL_QcdOwEOQg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fc1187f9c406d7453d4f1a2621f2f7324.js%253Ftag%253Dgpa%252Fdynamic_fig_web_banner_v2&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c1187f9c406d7453d4f1a2621f2f7324.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 75F2 0
17 B 126ms
67ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l3wmo8t8&c=4255484692107&slotId=2127742346053.5&qqid=CJvmnfOPjvgCFYKL_QcdOwEOQg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F1a132ce94651f9fd8f1d4e10540034d5.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c1187f9c406d7453d4f1a2621f2f7324.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA36
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI9bspcIh15YhNgD10v5OUI&google_cver=1&google_push=AYg5qPIRNn6r-sfeABIb9ciwEJUVJv7FF3zwH6VnZ2gWYKzQQZHZO6gdilXzcaTOsDEityWbfAClhOl2WecyxB83Wtvb5Vq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIRNn6r-sfeABIb9ciwEJUVJv7FF3zwH6VnZ2gWYKzQQZHZO6gdilXzcaTOsDEityWbfAClhOl2WecyxB83Wtvb5VqEcLE4&google_hm=NjQ0MTEyMTM4MzQ5NjYxND...

170 B
188 B

46ms
46ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIRNn6r-sfeABIb9ciwEJUVJv7FF3zwH6VnZ2gWYKzQQZHZO6gdilXzcaTOsDEityWbfAClhOl2WecyxB83Wtvb5VqEcLE4&google_hm=NjQ0MTEyMTM4MzQ5NjYxNDExMg%3D%3D

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Jun 2022 06:19:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIRNn6r-sfeABIb9ciwEJUVJv7FF3zwH6VnZ2gWYKzQQZHZO6gdilXzcaTOsDEityWbfAClhOl2WecyxB83Wtvb5VqEcLE4&google_hm=NjQ0MTEyMTM4MzQ5NjYxNDExMg%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA36
Redirect Chain

https://google-sync.rutarget.ru/sync?google_gid=CAESEH228L0N9eF4kAA5zbV0xWM&google_cver=1&google_push=AYg5qPLIWbqN0ByvQy3Z2qh762qaZUbkxQHPG12sGPmM_k1JQ0nFLrl-pjD7DsmlDsdUjwpLfjgKAE4MgpgmvQRLghsXu52...
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=SlQ5a01QWXFvWjRt&google_ula=2046794&google_push=AYg5qPLIWbqN0ByvQy3Z2qh762qaZUbkxQHPG12sGPmM_k1JQ0nFLrl-pjD7DsmlDsdUjwpLfjgKAE4Mgp...

170 B
188 B

177ms
177ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=SlQ5a01QWXFvWjRt&google_ula=2046794&google_push=AYg5qPLIWbqN0ByvQy3Z2qh762qaZUbkxQHPG12sGPmM_k1JQ0nFLrl-pjD7DsmlDsdUjwpLfjgKAE4MgpgmvQRLghsXu52yjs29

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=SlQ5a01QWXFvWjRt&google_ula=2046794&google_push=AYg5qPLIWbqN0ByvQy3Z2qh762qaZUbkxQHPG12sGPmM_k1JQ0nFLrl-pjD7DsmlDsdUjwpLfjgKAE4MgpgmvQRLghsXu52yjs29
Date: Thu, 02 Jun 2022 06:19:53 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame DA36 0
478 B 153ms
35ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJvtIEcSWF8AXKwVz8zU5xhjoAoUpcz8qfFZN6gYFLkJXTG64yJLIwmAkTh0_kgNpo5tJH2RGCsJBvf_OewngfTaWtZ5NeOcw%26google_hm%3D%5BUID%5D&google_gid=CAESEAjspXRLd6pdVThvlWLyRGU&google_cver=1

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Jun 2022 06:19:53 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA36
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPn-q4r8wvPq8bGzNz-vAeI&google_cver=1&google_push=AYg5qPLVHRM8uvhfzPkLJfo7mVvao3rFgoXnpMGugNdl-GRSG8D3jHepd2RTPJ8oUraub3qNiwgPozhMP33ynZRFX...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPn-q4r8wvPq8bGzNz-vAeI&google_cver=1&google_push=AYg5qPLVHRM8uvhfzPkLJfo7mVvao3rFgoXnpMGugNdl-GRSG8D3jHepd2RTPJ8oUraub3qNiwgPozhMP33ynZRFX...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLVHRM8uvhfzPkLJfo7mVvao3rFgoXnpMGugNdl-GRSG8D3jHepd2RTPJ8oUraub3qNiwgPozhMP33ynZRFX6YskSU9MmvZkQ&google_hm=EvfbtGZHQCcxCnLVTcmB...

170 B
188 B

46ms
45ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLVHRM8uvhfzPkLJfo7mVvao3rFgoXnpMGugNdl-GRSG8D3jHepd2RTPJ8oUraub3qNiwgPozhMP33ynZRFX6YskSU9MmvZkQ&google_hm=EvfbtGZHQCcxCnLVTcmB7E7y

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Jun 2022 06:19:53 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLVHRM8uvhfzPkLJfo7mVvao3rFgoXnpMGugNdl-GRSG8D3jHepd2RTPJ8oUraub3qNiwgPozhMP33ynZRFX6YskSU9MmvZkQ&google_hm=EvfbtGZHQCcxCnLVTcmB7E7y
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DA36
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEyPClbYQEblA5abd5jqSUU&google_cver=1&google_push=AYg5qPKJML_hyNPqsy0IvoOwyAgO4afygAJ8hF-OiOtRrCXCqtlCcu0erT5GX6aMJwENBkMzYLp3007TU3ACA3c3...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKJML_hyNPqsy0IvoOwyAgO4afygAJ8hF-OiOtRrCXCqtlCcu0erT5GX6aMJwENBkMzYLp3007TU3ACA3c3E30JcSyWM_NSiQ

170 B
232 B

52ms
26ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKJML_hyNPqsy0IvoOwyAgO4afygAJ8hF-OiOtRrCXCqtlCcu0erT5GX6aMJwENBkMzYLp3007TU3ACA3c3E30JcSyWM_NSiQ

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 Jun 2022 06:19:53 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKJML_hyNPqsy0IvoOwyAgO4afygAJ8hF-OiOtRrCXCqtlCcu0erT5GX6aMJwENBkMzYLp3007TU3ACA3c3E30JcSyWM_NSiQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: _AuW4ZlLolgTuVPFvNQ1Kh7zpi9J2P98k9N6dl5GmBQDzDl9OzuTtQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA36
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA6RvxXvZbj5_TKPtQk0bls&google_cver=1&google_push=AYg5qPIUor1ppQVvxKLsLdNhIXgFd1kpSPUGhkewOYgDmKyZoDRGrNsmH1ms9XmOkRJbILNMVI...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEA6RvxXvZbj5_TKPtQk0bls&google_cver=1&google_push=AYg5qPIUor1ppQVvxKLsLdNhIXgFd1kpSPUGhkewOYgDmKyZoDRGrNsmH1ms9XmOkRJbILNMVI...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kYzEwMzN4RTJ1SG5HaEU5dFBnaldvazV1WE1qMWIwX35B&google_push=AYg5qPIUor1ppQVvxKLsLdNhIXgFd1kpSPUGhkewOYgDmKyZoDRGrNsmH...

170 B
188 B

45ms
44ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kYzEwMzN4RTJ1SG5HaEU5dFBnaldvazV1WE1qMWIwX35B&google_push=AYg5qPIUor1ppQVvxKLsLdNhIXgFd1kpSPUGhkewOYgDmKyZoDRGrNsmH1ms9XmOkRJbILNMVItnNRhHgMV-8i6poQ7cQQkFUq4hOaU

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kYzEwMzN4RTJ1SG5HaEU5dFBnaldvazV1WE1qMWIwX35B&google_push=AYg5qPIUor1ppQVvxKLsLdNhIXgFd1kpSPUGhkewOYgDmKyZoDRGrNsmH1ms9XmOkRJbILNMVItnNRhHgMV-8i6poQ7cQQkFUq4hOaU
date: Thu, 02 Jun 2022 06:19:53 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 um
cs.emxdgt.com/ Frame DA36 0
59 B 227ms
35ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEFAUX5ErD0Ycd7MtgxlP2eQ&google_cver=1&google_push=AYg5qPIMk7CRic_lVimPJV_o2dpDZsV5vd73BdhLbd0xSh6MQbnh-fkCUjBbTvBbie3AKTp_IiY0EA_WlGqX_h24a_-XmaetZrQfpjg
Requested by: Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-length: 0
content-type: text/html

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DA36 0
49 B 96ms
43ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXr0EXGLBgkR85S9Y8gfhHZcpcexztzT24UA0l0Q7d0CdjII5-s6HSsH7LlIJroMHT-eteDbM

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK 63079794 Show response
unified.adsafeprotected.com/v2/1011794/ Frame FF72 19 KB
5 KB 253ms
75ms XHR
text/xml 34.241.99.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unified.adsafeprotected.com/v2/1011794/63079794?mon=63079798&omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&blockedAdTracking=https://googleads4.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsts8GzUoqGec9NO9pu1-6isctQ0n-pAx1Khsu6K_jSxesILDu_RCk9oAn_qab-rtY961pu4OvkaHyP0T5C4raazTqJiFPokVTmiexIdksN4vFfzTfh0wGtgMVRKQa8vsQkuoOuAZfUFdiTLFcGm1Q%26sai%3DAMfl-YTx_IUpUDKTQmaYaS4osDmO3UB5nomxDsKv10UirBXImRW08-KLrdkXMFH7gvsxyo1Go3Xgrp_PKxMunHXtOaP3orzEJwYZ1Zcoyd_6Qc75L937_lCy6Z5iFrLb%26sig%3DCg0ArKJSzEvdoItmfKn4EAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26vt%3D13%26adurl%3D&redirectedRetries=0&ias_dspID=3&ias_campId=28545249&ias_pubId=pub-3831894559014614&ias_chanId=1&ias_placementId=17266322849&bidurl=https://go4kora.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ip53pt6TGib_VuY7oi3KYR&originalVast=https://ad.doubleclick.net/ddm/pfadx/N1313774.279382DBMBLIZZARDENTERT/B27602898.336226552%3Bsz%3D0x0%3Bdsp_id_0_%3D3%3Bdsp_campaignid_0_%3D28545249%3Bdsp_publisherid_0_%3Dpub-3831894559014614%3Bdsp_chanid_0_%3D1%3Bdsp_placementid_0_%3D17266322849%3Bdsp_bidurl_0_%3Dhttps://go4kora.com/%3Bdsp_dealid_0_%3D%3Bdsp_impid_0_%3Dv4~~ABAjH0ip53pt6TGib_VuY7oi3KYR%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://go4kora.com/%3Bdc_ves%3DdGltZXN0YW1wOiAxNjU0MTUwNzkzNDA3Cg%3Bdc_cid%3D170750073%3Bdc_adid%3D527155489%3Bdc_vpaid%3D0%3B
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.99.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-99-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e4f0b21790ad05bb8f0dc48cc043594e820d1fdd23ddd538ef8be20494149014

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:53 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4624

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 517B
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1654150793394-911564553145-...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1654150793394-9115645...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1654150793394-911564553145-006037-012-007319&key=41fd0c86-d88f-42e8-bb83-7c6a076e5301

0
37 B

268ms
105ms

Document
text/plain

52.55.132.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1654150793394-911564553145-006037-012-007319&key=41fd0c86-d88f-42e8-bb83-7c6a076e5301
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.132.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-132-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Thu, 02 Jun 2022 06:19:53 GMT

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/plain
date: Thu, 02 Jun 2022 06:19:53 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1654150793394-911564553145-006037-012-007319&key=41fd0c86-d88f-42e8-bb83-7c6a076e5301
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 /
sync.1rx.io/usersync2/ Frame 4202 0
0 99ms
27ms Document
text/plain 213.19.147.45
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1rx.io/usersync2/?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D13%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%5BRX_UUID%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
date: Thu, 02 Jun 2022 06:19:53 GMT
expires: 0
pragma: no-cache
server: Tengine

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame A695
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1654150793394-911564553145...
https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1654150793394-911564...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1654150793394-911564553145-006037-012-007319&key=OPTOUT

0
202 B

342ms
104ms

Document
text/plain

52.55.132.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1654150793394-911564553145-006037-012-007319&key=OPTOUT
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.132.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-132-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Thu, 02 Jun 2022 06:19:53 GMT

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html
date: Thu, 02 Jun 2022 06:19:53 GMT
etag: OPTOUT
expires: 0
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1654150793394-911564553145-006037-012-007319&key=OPTOUT
pragma: no-cache
server: Tengine

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 7A74
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=&uid=1654150793394-911564553145-006037-012-007319&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26b...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1654150793394-911564553145-006037-012-007319&key=GDPR

0
195 B

119ms
104ms

Document
text/plain

52.55.132.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1654150793394-911564553145-006037-012-007319&key=GDPR
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.132.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-132-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Thu, 02 Jun 2022 06:19:53 GMT

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
access-control-allow-origin: https://go4kora.com/
age: 0
content-length: 0
date: Thu, 02 Jun 2022 06:19:53 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1654150793394-911564553145-006037-012-007319&key=GDPR
server: nginx
via: 1.1 varnish
x-varnish: 174772803

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 39C4
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D55%26auid%3D1654150793394-911564553145-006037-012-007319%26key...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fservs.modoro360.com%252Fcookiesyncendpoint%253Fpid%253D59c9148628a0612da3689288%2526biddername%253D55%2526auid%253D1654150793394-9115...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=55&auid=1654150793394-911564553145-006037-012-007319&key=4239826597430955658

0
37 B

321ms
105ms

Document
text/plain

52.55.132.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=55&auid=1654150793394-911564553145-006037-012-007319&key=4239826597430955658
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.132.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-132-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Thu, 02 Jun 2022 06:19:53 GMT

Redirect headers

AN-X-Request-Uuid: 6a6c4975-2b4d-48cc-93b1-480d63245649
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Jun 2022 06:19:53 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=55&auid=1654150793394-911564553145-006037-012-007319&key=4239826597430955658
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 31.204.153.194; 31.204.153.194; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E7E9 15 KB
6 KB 128ms
33ms Document
text/html 23.35.228.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.228.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=79639
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 02 Jun 2022 06:19:53 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 03 Jun 2022 04:27:12 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame 65DD 49 KB
17 KB 219ms
102ms Document
text/html 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%7B%7BVID%7D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html
date: Thu, 02 Jun 2022 06:19:53 GMT
etag: W/"61c991db-c5bc"
last-modified: Mon, 27 Dec 2021 10:13:47 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: AcO1ry9n/oqh
x-77-nzt-ray: Emb6GIeCbUc
x-77-pop: frankfurtDE
x-accel-expires: @1655187593
x-cache: MISS

GET
H/1.1 200
OK user-matching Show response
ads.stickyadstv.com/ Frame 81B1 43 B
600 B 231ms
42ms Document
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/user-matching?id=&_fw_gdpr=1&_fw_gdpr_consent=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 02 Jun 2022 06:19:53 GMT
Expires: Thu, 02 Jun 2022 06:19:53 GMT
Pragma: no-cache
Server: nginx
x-sticky-vk: 1654150793531075-555

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 1EBD 0
0 93ms
31ms Document
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%24UID
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Date: Thu, 02 Jun 2022 06:19:53 GMT
X-Sovrn-Pod: ad_ap5ams1

GET
H2 204 /
onetag-sys.com/usync/ Frame D6C5 0
0 123ms
34ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 404 occ Show response
ups.analytics.yahoo.com/ups// Frame 35A6 0
183 B 49ms
36ms Document
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups//occ?gdpr=1&gdpr_consent=

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
content-length: 0
date: Thu, 02 Jun 2022 06:19:53 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.0.46
strict-transport-security: max-age=31536000

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 6FEF 43 B
305 B 111ms
41ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D23%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/eecec1e /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 56
content-type: text/html
date: Thu, 02 Jun 2022 06:19:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: OXGW/eecec1e
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 17FA
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east

281 B
554 B

118ms
32ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Jun 2022 06:19:53 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 02 Jun 2022 06:19:53 GMT
location: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
server: AkamaiGHost

GET
H2

200

cookiesyncendpoint Show response
servs.modoro360.com/ Frame 2E9C
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1654150793394-911564553145-006037-012-007319%26k...
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1654150793394-911564553145-006037-012-007319&key=1d94e503-2555-4b1a-9495-c4ac165f17bf

0
37 B

269ms
104ms

Document
text/plain

52.55.132.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1654150793394-911564553145-006037-012-007319&key=1d94e503-2555-4b1a-9495-c4ac165f17bf
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.132.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-132-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Thu, 02 Jun 2022 06:19:53 GMT

Redirect headers

content-length: 0
date: Thu, 02 Jun 2022 06:19:53 GMT
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1654150793394-911564553145-006037-012-007319&key=1d94e503-2555-4b1a-9495-c4ac165f17bf
server: _

GET
H2 200 avpb6.27.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame FFE5 183 KB
56 KB 40ms
35ms Script
application/javascript 2a02:26f0:3500:698::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:698::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d09f9aa913306a379f29c77e3e0cc42115da750e4ec48d0f8a53fe071393b862

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdskrl85x3O6kjfskuoKqMs3pb1DYL2aO71lqp5xwyGjw-yC72upb3ewTCLu5kitMYEv3Xzs5-HT6N9gnOa7tdB0M5jr_o3F
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 56982
last-modified: Wed, 01 Jun 2022 14:02:12 GMT
server: UploadServer
etag: "65ccce291915ae392284fa28e11153c2"
vary: Accept-Encoding
x-goog-hash: crc32c=kDw7eQ==, md5=ZczOKRkVrjkihPoo4RFTwg==
x-goog-generation: 1654092132554393
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 56982
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 02 Jun 2022 06:24:53 GMT

GET
H2 200 avpb6.27.0a6.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame FFE5 67 KB
19 KB 51ms
49ms Script
application/javascript 2a02:26f0:3500:698::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a6.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:698::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 40985f900d9d90bba5e72ca36833fe72d168ee240b51a8c48cc6361a13568887

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtxjFob6ebNOzlTNJeFdDZF7sNUzRnRNqhuciZZaMbriNl4GWHhUrYPcxxQ6UwGQuXi9ugyvmLiTNEAy4bgZBDDzhft1DUT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 19340
last-modified: Wed, 01 Jun 2022 14:02:12 GMT
server: UploadServer
etag: "105a911a0540a812f0bdcac3dfb0c310"
vary: Accept-Encoding
x-goog-hash: crc32c=xceReg==, md5=EFqRGgVAqBLwvcrD37DDEA==
x-goog-generation: 1654092132794506
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 19340
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 02 Jun 2022 06:24:53 GMT

GET
H2 200 avpb6.27.0a4.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame FFE5 68 KB
23 KB 55ms
54ms Script
application/javascript 2a02:26f0:3500:698::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a4.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:698::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: fda753b016564ad52f7724bdbdf7ed9efa2afbf5e9ec9caa79e668b02513e9af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvKdaONIDCUR615izjk8YvhAl222Zfmq2Kxoo7RTdrW6gsvtvTZ5vCbzb5jOwM1O3A4YrN3BmrtQnlNEBo0zc8ppQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 22798
last-modified: Wed, 01 Jun 2022 14:02:12 GMT
server: UploadServer
etag: "c2875949d6078f71d08fe1d6b7b37d3d"
vary: Accept-Encoding
x-goog-hash: crc32c=mwQfaw==, md5=wodZSdYHj3HQj+HWt7N9PQ==
x-goog-generation: 1654092132789489
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 22798
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 02 Jun 2022 06:24:53 GMT

GET
H2 200 track
servt.modoro360.com/ 0
70 B 105ms
104ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236&&ppid=603b9ffff4babd238f32ea66&nid=60095c900c0799791c46d8d4&pcid=607d8fb337a8647f135f4f25&ncid=603ba08d7838bb0cfb4fcb54&pasid=603ba16fb889ef1ea87f5ac6&e=request&cb=1654150793564&asid=61b8974b41d4f33859638f1d%2C61b8974b41d4f33859638f2b%2C61b8974b41d4f33859638f1b%2C61b8974b41d4f33859638f21%2C61b8974c41d4f33859638f41%2C61b8974c41d4f33859638f3d%2C61b8974b41d4f33859638f15%2C61b8974d41d4f33859638f45%2C61b8974b41d4f33859638f17%2C61b8974c41d4f33859638f3b%2C61b8974b41d4f33859638f19&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 104ms
103ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236&&copid=60095c900c0799791c46d8d4&nid=59c9148628a0612da3689288&cocid=603ba08d7838bb0cfb4fcb54&ncid=6188f6678186692d1b57a0d4&coasid=6188f6fc4071e35134085f46&e=request&cb=1654150793564&asid=62690223d0ae5d4513326fb4%2C618b6e9c21f2e368dd4cd655&ofpr=1%2C&fpo=%2C
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 104ms
103ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236&&ppid=603b9ffff4babd238f32ea66&nid=60095c900c0799791c46d8d4&pcid=607d8fb337a8647f135f4f25&ncid=624ea6c72efae241432ed154&pasid=624ea6db5b0e04793c4a6f87&e=request&cb=1654150793564&asid=61827b62d74b9f2d535963dc&ofpr=0.5&fpo=
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 container.html Show response
30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 099A 6 KB
3 KB 33ms
32ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:19:52 GMT
expires: Fri, 02 Jun 2023 06:19:52 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
213 B 100ms
31ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=35038736497

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://go4kora.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://go4kora.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 93 B
741 B 44ms
43ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 80fce74c7c8dedcd04097f8de199c800f088bfaf437766ac9ab495f15a55ed7b

Request headers

Referer: https://go4kora.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 02 Jun 2022 06:19:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://go4kora.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E906 624 B
297 B 44ms
43ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCC4EIYu8mJDDAB&v=APEucNWBhVXLpD8rjgp5CrVOUI1H-m13wNuWYa7FKltpmDH_Bi49TU1d4sDxUbrZD09UxIIKFgFP2Nr2irIytTRgNIJnuC4wirEPPmSYQBQlHZ4SVMENlv9n-r00S4U1D2bzBT9oXTxfSXmVh4nbdVzhfThJbdadE-jRPoAubAfXIZcWwTvBmuk

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:19:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 099A 94 KB
34 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-tJlsOjrwxxnzi1afjsGIqesXT2r15bj4xVBThjislthQ-Q6XWGW67eLSd3AakOjqVSdzu62qWmRNpk3uT7YLTLIbMW8Hct2U3euB7IAEiwwV_rKXk_8479nNqMzX_YviH3jxPtXQSbPV8QqrtMfglq34IA&dbm_d=AKAmf-BYhb7KPsYAv4qexHQAmzsjeJ0cGzc0WQEDcH-Syzgx7gQ0qkMJo8MB9bQAtoPIFUhivDVJaLAXTvyPua0kq4Sd0mIyrQYgPOuZ4-Bum3gaHHTSjonlaMt1BHf8TKGM1sp_3BfRNuG3WrRHOGvCcxj-OrLPN2FdLezb9UuYwQ2W3IqDPhvMEQ2P6LspT559ZKepaxh46lDxcNJzq3oI0dnIfJ40sw0F4SLY4AGqSL-MiTg82OjFhx3JcHQbrlrEB5C6HxM_Ry8fPepsSN3Q7QxPrBzbPuPfaJnyk1Gwn_9c_SmysY6bzzUsJ8QjpAoz_MvvrSb705TxVAnOVnOoPSXvdBi_SyAYOAkoPpPTWqR7J_kdGJCmMKleW-7Bv5odfPGQyMWdhzhRCxvDNd4MtkKafc9Lx_-ldUatjxymGlcrnLkr5hjeTeYMo8t4E8JbXm0V5KV2QAPvBe99DSneiZ5agrnSWBEfidhrQnTQcsS6vlFvdKKZyLpnSLH9TP16dGIbg2x6PTFrGD0UCA9LImZipVWH1KFevVLUDENBOSp19k4JpVIz99ybEJRiXH9QnfegGp-_BijdQPezZNNwqiDRWlcTIanE1_SbTL_-l-bYRv_8eWJSqn8_wLv6SsBxI5lmVYfcZZb3he35rzeSjHNZgW78aBETrjCv5xyaysBqInOu96rjE0m20gyvB2aNKyNAgaaDjmCwiqV0lPVOanw4WZ7wKaRmOXxUBaMD1oa0ahVC36d3u-9TEU_4TUxMYAzdaKVzNXZ1362fMvqO8fuoWYuH7w-tZ3Iz1gkBkcL4ucqzO15dNr5n4NeXBBifnzUcqULnt8Hro8isnrGqOLkGWfPGhechaIlIiiW_ClfHBbOJRBxoGbiI7eimKvfgJaHPZbPIgvYxsGpqTKB7HSV5FufdgWL_BzYR9M8kht7LgGqKLHZIotTEjWAqmkTysVFscm1KeBhnWUOdoHwqa2Y3S3y1kJPqbFe9jQar8JWikZ3abxRFCR9lLeJ0zrW5uGolIQg8Km7rPFikPGwTZmyg0dgfhuB42uw80HEDmTZ9Hh5HxemCk6i2Uwg68wNaGQMuopjaNdK0VVQKvgh0j1Mo0mXSG07IYNOmx3sLrTuYLU7nNg_3edCG6jDTNS5sdRMLwLNtkIbpJEDp0vLlK2CHltm9yvghiPFi8idRTdLe3AxQin5mUM1tcT_WXnEWZO90vfLkCZUgCRjCBrnw595jByJp7h0J-rSzrM4noA886Q4O9xIMrVoaVtG4evDH8JhXQtOh_fGOdny4hP5ra2T0gERyPOOtu8LS0AExTmO3FqvEHPoLAv63S7vZlpqw93awrucKeiwg9qqqABIL5V9dOGEeE3IaiyKgYdXsbaLo8e6GBCKNgD4e20t7DBATm3-B_SMB0YhBAEtUJjH-dXRwz2vZ471UUre5knjbZHT1RXqa31XMJb5vbugPxfw1nLSfe8XIfcTQ6LuifB9QECOIeTTM7-II6cDAaHY-aOnLOTQubcBCeHb1iays5Ih5PtIEc7F7nAmIrFCB7WXznHtHzOxXoFCELHeqeBB5V3dd1zf71rBwcBx2t-ngS1osL1hZTn7BLVHKX4zvqoDRFjAKsi1_nJnYW5p4pmE7gk0AIEAzxS5JiPxcvjDCkZDvk4LYfF9LZNXHsA_S-tZltWzDH5pFtrku5wq3LLsIMmVg2mMIFPhRMHZBpohGsAhZfiI3mEu4lDRO0j4Mb5rIkrjerBJofYUTu1cApK2EWndxlSc1ockWgngSlnvl9tRRa2M9igL0iRp2J4pBysoPiNTIc32Bpu5S8uYiz24QP5sU_WKpeQkEBOoruvWz2Ftvo1u385pCaVRUBqp41AR4wvuAzmlNKVm_ju8GoOfnMcy-KeUUROAVgWMmFARD-UBclICJ7vfA4rbWKf4ORme6HXa4yJmyWswDxNfqWpAXoWtawnW-HBAipTt57OglZ7VLjIxLn-OD952IiQ4t9CsYl1DMiGu3S3kceCmlm7VUmE4Z30prSADAObskQCQ4cvSNqwRAJPmwWWYX9QZQtgvDm-BOCchy5G5Vz7LN5JH5eWq5UGPW-t4s-BtD2tz8MO8Dx8-AHVHfxfKWfshUHettxhzZzgIVhKjvQSoBAbyGOJRskVD0UmsvjC1AdgcvRqxzdd9Srd_g8rPiOereqjpc7Bx2eCKTX3if2p3tciUmSQIj-rJGRSjtz9UQe6DwwNOKzqr_8ozgey5OMObsfG8pXFAa0-6YL2bLXZzynjO6X2sEKJLsIPbgyXNuqxiAEaoMHM1XiRMMcCWGSVZ7kEYfeFFYFx-DRsKlJUD2NZ85NCMmmU5HQG97rcXmgoTC8jgg3zMAaQpypfaFi4XxKet3mhdAamF5RzsKgpmsL9QsoQKExKBm952gvfXBK4jaj35_OqHdtOMc0BhPRoOBVOlz0KbDNuhlXnzzpwbsWCLLDlH6VjaOKNZE_FUlcIweQNiqfJ9NJqROJrIB9rraHnNT1roORQhsVa2uuiR0gSc1tLA4t0FrCWpjeWRDiekXy0d-99iIsbTPVBS8dHpkzd6bZ9yg9BiqFOSsO7fCgua-S8jkREYRl1Grd1B-vNWcrlvQO0ADV3HsQFzclc496QRnYoZl_5CnZK440zGwGKw0JJml_qq0Xe0jl10OCasUBUK7Ro1Emlr0BaO4BaDKh6TbLB69zdz89ZTwnWkGED5n-fm0_XdQ4Zi37h4G0ifb91f1Xwgx_V7NY9OIKcjXIp_R575uwNnglVeFuPUDntkjF43qYL9CGUyGqXfDVeuJUkLJj8mG_YLey2seLZuDjJ9Vt3-3EYXK-eCR_MmhGIKTzZ6LKMYnRqq8vCWs5PUzC2Q-3BPuc2rSDGctcgUhMKt7sJlN6IUUXSZ_Q7XioBLm_Rht2jiPY8TvCyIEag7OzUa7N2JEXO5wKSuJ8JdCJJu6NudCaziBAAP5M9n_LH7dJNJ9h_AAISy53QCDB6bTeOqsnHO9IK7bZmWDjPKZQ6Zg643zvFscqEwaXbP_bUup6kWp2IcVULw5fFktb7sE9eS-HUmk-9UPngqCtirLy0U3sC-vRlDBecSZ4Ulqyz0JgrMkSMswblQZTZJu09iGACMktzUfryVcj40UdLZfw5w0pJr5OqN1Rg&cid=CAASJeRoWbUM_ltLTEq4rhIMk5j_tbKkPolnv66x_SmIRmK5twunKUA&rfl=1%2Chttps%253A%252F%252Fgo4kora.com%252F%240

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd3b40be5cc9c7a230210957fe0818b635aff3c40f0531db260ed2670b7f732c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34680
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 099A 42 B
63 B 66ms
66ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DdcD0NzNsqHSOQnxt_Ltw-4Q4Vxzlp-j_xfBVOAW3hzMYKEuc0w0emQ6ASYeGbedwoENY3d14cdqqmUn9aqYfyhJZGXs3dF0Pc0O0wGFwhAxfFjWU

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 099A 3 KB
1 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/window_focus_fy2019.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:03:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 099A 138 KB
42 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 06:19:53 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 099A 17 KB
7 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:05:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:05:41 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame FF72 41 KB
15 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 12:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 12:03:36 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-axq7sn7e.c.2mdn.net/videoplayback/id/c0e48fec2399ff7b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795435042/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame FF72
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/c0e48fec2399ff7b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795435042/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r3---sn-axq7sn7e.c.2mdn.net/videoplayback/id/c0e48fec2399ff7b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795435042/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

224ms
60ms

Fetch
video/mp4

2a00:1450:4012::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-axq7sn7e.c.2mdn.net/videoplayback/id/c0e48fec2399ff7b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795435042/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5937F9AAEF9F6849AC34CF12E3C5091AA10F7F42.30DB1AEBE7202495C8AA3E428E1E1C1E584B9824/key/cms1/cms_redirect/yes/mh/cq/mip/2a00:1630:2:608::2/mm/42/mn/sn-axq7sn7e/ms/onc/mt/1654150302/mv/u/mvi/3/pl/32/file/file.mp4

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

HTTP/1.1

Server

2a00:1450:4012::15 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:54 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2245961
Last-Modified: Tue, 26 Apr 2022 15:29:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 02 Jun 2022 06:19:54 GMT

Redirect headers

date: Thu, 02 Jun 2022 06:19:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 648
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-axq7sn7e.c.2mdn.net/videoplayback/id/c0e48fec2399ff7b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795435042/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5937F9AAEF9F6849AC34CF12E3C5091AA10F7F42.30DB1AEBE7202495C8AA3E428E1E1C1E584B9824/key/cms1/cms_redirect/yes/mh/cq/mip/2a00:1630:2:608::2/mm/42/mn/sn-axq7sn7e/ms/onc/mt/1654150302/mv/u/mvi/3/pl/32/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E7E9 0
42 B 86ms
26ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32705695&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E906
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHsU5dautx_gjTcY4VvH6U&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHsU5dautx_gjTcY4VvH6U&google_cver=1&C=1

43 B
1014 B

50ms
50ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHsU5dautx_gjTcY4VvH6U&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCC4EIYu8mJDDAB&v=APEucNWBhVXLpD8rjgp5CrVOUI1H-m13wNuWYa7FKltpmDH_Bi49TU1d4sDxUbrZD09UxIIKFgFP2Nr2irIytTRgNIJnuC4wirEPPmSYQBQlHZ4SVMENlv9n-r00S4U1D2bzBT9oXTxfSXmVh4nbdVzhfThJbdadE-jRPoAubAfXIZcWwTvBmuk
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Jun 2022 06:19:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 02 Jun 2022 06:19:53 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Jun 2022 06:19:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHsU5dautx_gjTcY4VvH6U&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 02 Jun 2022 06:19:53 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E906
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YphWiSLFJiGFoecr1gtKBAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHsU5dautx_gjTcY4VvH6U&google_cver=1

43 B
1014 B

38ms
38ms

Image
image/gif

23.35.228.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHsU5dautx_gjTcY4VvH6U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCC4EIYu8mJDDAB&v=APEucNWBhVXLpD8rjgp5CrVOUI1H-m13wNuWYa7FKltpmDH_Bi49TU1d4sDxUbrZD09UxIIKFgFP2Nr2irIytTRgNIJnuC4wirEPPmSYQBQlHZ4SVMENlv9n-r00S4U1D2bzBT9oXTxfSXmVh4nbdVzhfThJbdadE-jRPoAubAfXIZcWwTvBmuk
Protocol: HTTP/1.1
Server: 23.35.228.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Jun 2022 06:19:54 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 02 Jun 2022 06:19:54 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHHsU5dautx_gjTcY4VvH6U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E906
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEMMOOGX8Sod1ImnfkJYKHY&google_cver=1

43 B
1018 B

51ms
33ms

Image
image/gif

185.33.221.119
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEMMOOGX8Sod1ImnfkJYKHY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP3nKBCC4EIYu8mJDDAB&v=APEucNWBhVXLpD8rjgp5CrVOUI1H-m13wNuWYa7FKltpmDH_Bi49TU1d4sDxUbrZD09UxIIKFgFP2Nr2irIytTRgNIJnuC4wirEPPmSYQBQlHZ4SVMENlv9n-r00S4U1D2bzBT9oXTxfSXmVh4nbdVzhfThJbdadE-jRPoAubAfXIZcWwTvBmuk

Protocol

HTTP/1.1

Server

185.33.221.119 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Jun 2022 06:19:53 GMT
X-Proxy-Origin: 31.204.153.194; 31.204.153.194; 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6f5aaf11-0d97-4922-b960-e7d93397de5f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEMMOOGX8Sod1ImnfkJYKHY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E906
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzOTgyNjU5NzQzMDk1NTY1OA%3D%3D

170 B
188 B

46ms
46ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzOTgyNjU5NzQzMDk1NTY1OA%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Jun 2022 06:19:53 GMT
X-Proxy-Origin: 31.204.153.194; 31.204.153.194; 917.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5477bca6-36e5-490d-bd46-9eb8b89fad69
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzOTgyNjU5NzQzMDk1NTY1OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4915 23 KB
9 KB 33ms
33ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152177
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:36 GMT
expires: Wed, 31 May 2023 12:03:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 108ms
107ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236&&ppid=603b9ffff4babd238f32ea66&nid=60095c900c0799791c46d8d4&pcid=607d8fb337a8647f135f4f25&ncid=603ba08d7838bb0cfb4fcb54&pasid=603ba16fb889ef1ea87f5ac6&e=bid&cb=1654150793785&asid=61b8974b41d4f33859638f1d%2C61b8974b41d4f33859638f2b%2C61b8974b41d4f33859638f1b%2C61b8974b41d4f33859638f21%2C61b8974c41d4f33859638f41%2C61b8974c41d4f33859638f3d%2C61b8974b41d4f33859638f15%2C61b8974d41d4f33859638f45%2C61b8974b41d4f33859638f17%2C61b8974c41d4f33859638f3b%2C61b8974b41d4f33859638f19&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 105ms
104ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236&&copid=60095c900c0799791c46d8d4&nid=59c9148628a0612da3689288&cocid=603ba08d7838bb0cfb4fcb54&ncid=6188f6678186692d1b57a0d4&coasid=6188f6fc4071e35134085f46&e=bid&cb=1654150793786&asid=618b6e9c21f2e368dd4cd655&ofpr=&fpo=
Requested by: Host: go4kora.com
URL: https://go4kora.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 099A 170 KB
59 KB 137ms
34ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
Origin: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 11:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Jun 2022 11:10:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/ Frame 099A 8 KB
3 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-tJlsOjrwxxnzi1afjsGIqesXT2r15bj4xVBThjislthQ-Q6XWGW67eLSd3AakOjqVSdzu62qWmRNpk3uT7YLTLIbMW8Hct2U3euB7IAEiwwV_rKXk_8479nNqMzX_YviH3jxPtXQSbPV8QqrtMfglq34IA&dbm_d=AKAmf-BYhb7KPsYAv4qexHQAmzsjeJ0cGzc0WQEDcH-Syzgx7gQ0qkMJo8MB9bQAtoPIFUhivDVJaLAXTvyPua0kq4Sd0mIyrQYgPOuZ4-Bum3gaHHTSjonlaMt1BHf8TKGM1sp_3BfRNuG3WrRHOGvCcxj-OrLPN2FdLezb9UuYwQ2W3IqDPhvMEQ2P6LspT559ZKepaxh46lDxcNJzq3oI0dnIfJ40sw0F4SLY4AGqSL-MiTg82OjFhx3JcHQbrlrEB5C6HxM_Ry8fPepsSN3Q7QxPrBzbPuPfaJnyk1Gwn_9c_SmysY6bzzUsJ8QjpAoz_MvvrSb705TxVAnOVnOoPSXvdBi_SyAYOAkoPpPTWqR7J_kdGJCmMKleW-7Bv5odfPGQyMWdhzhRCxvDNd4MtkKafc9Lx_-ldUatjxymGlcrnLkr5hjeTeYMo8t4E8JbXm0V5KV2QAPvBe99DSneiZ5agrnSWBEfidhrQnTQcsS6vlFvdKKZyLpnSLH9TP16dGIbg2x6PTFrGD0UCA9LImZipVWH1KFevVLUDENBOSp19k4JpVIz99ybEJRiXH9QnfegGp-_BijdQPezZNNwqiDRWlcTIanE1_SbTL_-l-bYRv_8eWJSqn8_wLv6SsBxI5lmVYfcZZb3he35rzeSjHNZgW78aBETrjCv5xyaysBqInOu96rjE0m20gyvB2aNKyNAgaaDjmCwiqV0lPVOanw4WZ7wKaRmOXxUBaMD1oa0ahVC36d3u-9TEU_4TUxMYAzdaKVzNXZ1362fMvqO8fuoWYuH7w-tZ3Iz1gkBkcL4ucqzO15dNr5n4NeXBBifnzUcqULnt8Hro8isnrGqOLkGWfPGhechaIlIiiW_ClfHBbOJRBxoGbiI7eimKvfgJaHPZbPIgvYxsGpqTKB7HSV5FufdgWL_BzYR9M8kht7LgGqKLHZIotTEjWAqmkTysVFscm1KeBhnWUOdoHwqa2Y3S3y1kJPqbFe9jQar8JWikZ3abxRFCR9lLeJ0zrW5uGolIQg8Km7rPFikPGwTZmyg0dgfhuB42uw80HEDmTZ9Hh5HxemCk6i2Uwg68wNaGQMuopjaNdK0VVQKvgh0j1Mo0mXSG07IYNOmx3sLrTuYLU7nNg_3edCG6jDTNS5sdRMLwLNtkIbpJEDp0vLlK2CHltm9yvghiPFi8idRTdLe3AxQin5mUM1tcT_WXnEWZO90vfLkCZUgCRjCBrnw595jByJp7h0J-rSzrM4noA886Q4O9xIMrVoaVtG4evDH8JhXQtOh_fGOdny4hP5ra2T0gERyPOOtu8LS0AExTmO3FqvEHPoLAv63S7vZlpqw93awrucKeiwg9qqqABIL5V9dOGEeE3IaiyKgYdXsbaLo8e6GBCKNgD4e20t7DBATm3-B_SMB0YhBAEtUJjH-dXRwz2vZ471UUre5knjbZHT1RXqa31XMJb5vbugPxfw1nLSfe8XIfcTQ6LuifB9QECOIeTTM7-II6cDAaHY-aOnLOTQubcBCeHb1iays5Ih5PtIEc7F7nAmIrFCB7WXznHtHzOxXoFCELHeqeBB5V3dd1zf71rBwcBx2t-ngS1osL1hZTn7BLVHKX4zvqoDRFjAKsi1_nJnYW5p4pmE7gk0AIEAzxS5JiPxcvjDCkZDvk4LYfF9LZNXHsA_S-tZltWzDH5pFtrku5wq3LLsIMmVg2mMIFPhRMHZBpohGsAhZfiI3mEu4lDRO0j4Mb5rIkrjerBJofYUTu1cApK2EWndxlSc1ockWgngSlnvl9tRRa2M9igL0iRp2J4pBysoPiNTIc32Bpu5S8uYiz24QP5sU_WKpeQkEBOoruvWz2Ftvo1u385pCaVRUBqp41AR4wvuAzmlNKVm_ju8GoOfnMcy-KeUUROAVgWMmFARD-UBclICJ7vfA4rbWKf4ORme6HXa4yJmyWswDxNfqWpAXoWtawnW-HBAipTt57OglZ7VLjIxLn-OD952IiQ4t9CsYl1DMiGu3S3kceCmlm7VUmE4Z30prSADAObskQCQ4cvSNqwRAJPmwWWYX9QZQtgvDm-BOCchy5G5Vz7LN5JH5eWq5UGPW-t4s-BtD2tz8MO8Dx8-AHVHfxfKWfshUHettxhzZzgIVhKjvQSoBAbyGOJRskVD0UmsvjC1AdgcvRqxzdd9Srd_g8rPiOereqjpc7Bx2eCKTX3if2p3tciUmSQIj-rJGRSjtz9UQe6DwwNOKzqr_8ozgey5OMObsfG8pXFAa0-6YL2bLXZzynjO6X2sEKJLsIPbgyXNuqxiAEaoMHM1XiRMMcCWGSVZ7kEYfeFFYFx-DRsKlJUD2NZ85NCMmmU5HQG97rcXmgoTC8jgg3zMAaQpypfaFi4XxKet3mhdAamF5RzsKgpmsL9QsoQKExKBm952gvfXBK4jaj35_OqHdtOMc0BhPRoOBVOlz0KbDNuhlXnzzpwbsWCLLDlH6VjaOKNZE_FUlcIweQNiqfJ9NJqROJrIB9rraHnNT1roORQhsVa2uuiR0gSc1tLA4t0FrCWpjeWRDiekXy0d-99iIsbTPVBS8dHpkzd6bZ9yg9BiqFOSsO7fCgua-S8jkREYRl1Grd1B-vNWcrlvQO0ADV3HsQFzclc496QRnYoZl_5CnZK440zGwGKw0JJml_qq0Xe0jl10OCasUBUK7Ro1Emlr0BaO4BaDKh6TbLB69zdz89ZTwnWkGED5n-fm0_XdQ4Zi37h4G0ifb91f1Xwgx_V7NY9OIKcjXIp_R575uwNnglVeFuPUDntkjF43qYL9CGUyGqXfDVeuJUkLJj8mG_YLey2seLZuDjJ9Vt3-3EYXK-eCR_MmhGIKTzZ6LKMYnRqq8vCWs5PUzC2Q-3BPuc2rSDGctcgUhMKt7sJlN6IUUXSZ_Q7XioBLm_Rht2jiPY8TvCyIEag7OzUa7N2JEXO5wKSuJ8JdCJJu6NudCaziBAAP5M9n_LH7dJNJ9h_AAISy53QCDB6bTeOqsnHO9IK7bZmWDjPKZQ6Zg643zvFscqEwaXbP_bUup6kWp2IcVULw5fFktb7sE9eS-HUmk-9UPngqCtirLy0U3sC-vRlDBecSZ4Ulqyz0JgrMkSMswblQZTZJu09iGACMktzUfryVcj40UdLZfw5w0pJr5OqN1Rg&cid=CAASJeRoWbUM_ltLTEq4rhIMk5j_tbKkPolnv66x_SmIRmK5twunKUA&rfl=1%2Chttps%253A%252F%252Fgo4kora.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:05:47 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame 099A 27 KB
10 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10539
x-xss-protection: 0
server: cafe
etag: 1532328290632562463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 06:04:44 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 17FA 31 KB
10 KB 35ms
34ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 12b33ad08e44ee4fad671f0cad85bfb97960973cfe5fd50b1cc2dbeeb6f47401

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 06:19:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 May 2022 17:55:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=47000
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9453
Expires: Thu, 02 Jun 2022 19:23:13 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FFE5 377 KB
126 KB 117ms
47ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128968
x-xss-protection: 0
expires: Thu, 02 Jun 2022 06:19:53 GMT

GET
H3 200 2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js Show response
pagead2.googlesyndication.com/bg/ Frame 4915 35 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0486ac0154d88f65e2b5604a82fba1374e3908910560e97ee5f7915a001c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 06:17:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13827
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 06:17:23 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 17FA 284 B
536 B 159ms
33ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 099A 41 KB
15 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Jun 2023 06:18:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D72D 1 KB
749 B 34ms
34ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 60821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 13:26:12 GMT
etag: 48472445140208031
expires: Thu, 02 Jun 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 099A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41cde5d671325aa3ee2d6232340befabe0b74365271b3e227987fda940895591

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C62B 22 KB
8 KB 34ms
33ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:04:19 GMT
expires: Wed, 31 May 2023 12:04:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D72D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOFyUQA22rx7UtI-7P9McS4&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOFyUQA22rx7UtI-7P9McS4&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T0hZTnNUUnQxTldFYnc1&google_gid=CAESEOFyUQA22rx7UtI-7P9McS4&google_cver=1&google_push=AYg5qPJzNH0vKPTBnJUHsyyhEnue1z-1QxokyuHhWJ_IbSD...

170 B
188 B

44ms
44ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T0hZTnNUUnQxTldFYnc1&google_gid=CAESEOFyUQA22rx7UtI-7P9McS4&google_cver=1&google_push=AYg5qPJzNH0vKPTBnJUHsyyhEnue1z-1QxokyuHhWJ_IbSDlq8jibJvoF8yB45_zjkvj5TzIsYUHjB6OaLKKRWA9pKzYvFOZof4kbQ

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 02 Jun 2022 06:19:54 GMT
Server: PingMatch/bfc3242#bfc324243f5312950ec263cab8f0e25b6cfe09e3 i-025786580083fbd6c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T0hZTnNUUnQxTldFYnc1&google_gid=CAESEOFyUQA22rx7UtI-7P9McS4&google_cver=1&google_push=AYg5qPJzNH0vKPTBnJUHsyyhEnue1z-1QxokyuHhWJ_IbSDlq8jibJvoF8yB45_zjkvj5TzIsYUHjB6OaLKKRWA9pKzYvFOZof4kbQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D72D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAw8CpLeLwO8ibTjPFaRREw&google_cver=1&google_push=AYg5qPL856OufXScJokq70FZB5OzaHLTbCcZJFKPoevgj0m8rSAg3zWGBdD27LGav_dbSzPB2weBqxea3DN0LYe9...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL856OufXScJokq70FZB5OzaHLTbCcZJFKPoevgj0m8rSAg3zWGBdD27LGav_dbSzPB2weBqxea3DN0LYe93oUp9o4Bw0fAKw

170 B
188 B

46ms
45ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL856OufXScJokq70FZB5OzaHLTbCcZJFKPoevgj0m8rSAg3zWGBdD27LGav_dbSzPB2weBqxea3DN0LYe93oUp9o4Bw0fAKw

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Jun 2022 06:19:54 GMT
Server: MT3 4419 e1034d5 master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPL856OufXScJokq70FZB5OzaHLTbCcZJFKPoevgj0m8rSAg3zWGBdD27LGav_dbSzPB2weBqxea3DN0LYe93oUp9o4Bw0fAKw
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 02 Jun 2022 06:19:53 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D72D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEC63uvx6-PA7pXwzgplWMzU&google_cver=1&google_push=AYg5qPLlEYtsza65AWGa_kkmH_pmS-hleKderV5zUPrgVQ9kyC1sHpSXLYiWivXTT5omf2D_QcJiads2GkkQfQFzXfNx1kQ44venC...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC63uvx6-PA7pXwzgplWMzU&google_cver=1&google_push=AYg5qPLlEYtsza65AWGa_kkmH_pmS-hleKderV5zUPrgVQ9kyC1sHpSXLYiWivXTT5omf2D_QcJiads2GkkQfQFzXfNx1kQ44ve...

43 B
419 B

202ms
193ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC63uvx6-PA7pXwzgplWMzU&google_cver=1&google_push=AYg5qPLlEYtsza65AWGa_kkmH_pmS-hleKderV5zUPrgVQ9kyC1sHpSXLYiWivXTT5omf2D_QcJiads2GkkQfQFzXfNx1kQ44venCQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLlEYtsza65AWGa_kkmH_pmS-hleKderV5zUPrgVQ9kyC1sHpSXLYiWivXTT5omf2D_QcJiads2GkkQfQFzXfNx1kQ44venCQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 714e1480deba6b39-AMS
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 8719
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 714e147f0b526b39-AMS
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEC63uvx6-PA7pXwzgplWMzU&google_cver=1&google_push=AYg5qPLlEYtsza65AWGa_kkmH_pmS-hleKderV5zUPrgVQ9kyC1sHpSXLYiWivXTT5omf2D_QcJiads2GkkQfQFzXfNx1kQ44venCQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLlEYtsza65AWGa_kkmH_pmS-hleKderV5zUPrgVQ9kyC1sHpSXLYiWivXTT5omf2D_QcJiads2GkkQfQFzXfNx1kQ44venCQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D72D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECB9ESouGq_zynzTiDjqc1I&google_cver=1&google_push=AYg5qPJGoiOB-3TICZ0XnIU2wILgRdJ3KNzSZoQ9YUojJMAUY8Gp9s3NcdwtKevsGjDBqJ0NoItIB_Ew...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECB9ESouGq_zynzTiDjqc1I&google_cver=1&google_push=AYg5qPJGoiOB-3TICZ0XnIU2wILgRdJ3KNzSZoQ9YUojJMAUY8Gp9s3NcdwtKevsGjDBqJ0NoIt...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQxNzg4MjU5ODExMTM4NDkwMA&google_push=AYg5qPJGoiOB-3TICZ0XnIU2wILgRdJ3KNzSZoQ9YUojJMAUY8Gp9s3NcdwtKevsGjDBqJ0NoItIB_...

170 B
188 B

43ms
43ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQxNzg4MjU5ODExMTM4NDkwMA&google_push=AYg5qPJGoiOB-3TICZ0XnIU2wILgRdJ3KNzSZoQ9YUojJMAUY8Gp9s3NcdwtKevsGjDBqJ0NoItIB_Ew_rMEUzixifykMvkjGXvB3g

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQxNzg4MjU5ODExMTM4NDkwMA&google_push=AYg5qPJGoiOB-3TICZ0XnIU2wILgRdJ3KNzSZoQ9YUojJMAUY8Gp9s3NcdwtKevsGjDBqJ0NoItIB_Ew_rMEUzixifykMvkjGXvB3g
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D72D
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPn-q4r8wvPq8bGzNz-vAeI&google_cver=1&google_push=AYg5qPItXtVHUlLNj42nBerGGWzF0hhxlM8tCFpx-Mqx5Z0bNGuE7hZ1GoPVffz3Vr1SU64VayK6aKko4Ldd8-gnQ...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPItXtVHUlLNj42nBerGGWzF0hhxlM8tCFpx-Mqx5Z0bNGuE7hZ1GoPVffz3Vr1SU64VayK6aKko4Ldd8-gnQTqdlFeyMPvT_w&google_hm=EvfbtGZHQCcxCnLVTcmB...

170 B
188 B

45ms
45ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPItXtVHUlLNj42nBerGGWzF0hhxlM8tCFpx-Mqx5Z0bNGuE7hZ1GoPVffz3Vr1SU64VayK6aKko4Ldd8-gnQTqdlFeyMPvT_w&google_hm=EvfbtGZHQCcxCnLVTcmB7E7y

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Jun 2022 06:19:54 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPItXtVHUlLNj42nBerGGWzF0hhxlM8tCFpx-Mqx5Z0bNGuE7hZ1GoPVffz3Vr1SU64VayK6aKko4Ldd8-gnQTqdlFeyMPvT_w&google_hm=EvfbtGZHQCcxCnLVTcmB7E7y
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D72D 0
12 B 42ms
41ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IY1VEtw5KITJ26kOZFXjgk8KvCmua294smO_7233SCGg_sgLhcCZ6feSE

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 creative.html Show response
s0.2mdn.net/sadbundle/18178654731742740480/970x90/ Frame 1F54 1 KB
473 B 110ms
42ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4317cf568ce364f433b3d3654bd15634c4e32ab44c4691b3ae41bbde15ae2b7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 445
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:19:54 GMT
expires: Fri, 02 Jun 2023 06:19:54 GMT
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 099A 0
622 B 171ms
76ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyOwwl0NMu9Hx-6E4Ac_HQo1hODcF-fu_joxmjtkDX9_S5ePfOEvP-v7Qg3HkrYjMFA50LhmtHy2qQdzm6eleeAhrPPfXOwuEEXfKLf6DKeOQ0PItNDHQqz4scmLIp_bBOmNtkXHhwgOa5B3WA8Qp9ARk16xRbsEttux65YM6isJI8agRsliElizygdU2mMJBtaWGurM4k0LySv191M2diGjjw8QIWktPo2DzrSmyWDptR2MNdIuFQYVu1vLWV0RvRcZdKfPIMLhXLn8FBLUs6J4fwNiIdeCZqNQhQYgUiRc0-U8JZlIlt8ja-NIrD8iHirYE5bknErqkSFcW56h8bfMdTIKylmuzdaWC-ccOdbdwwA8kFvttMwTVhvkQ4KQ0NXqvhA6Cxi97CY20n874NEQfd1AcKOBg9m08hcGTlW8AeZP1RSXAP_VNfuayDZyrfe07Teb2CsLbX5k7z8_q2PYDWp2J00_TC9uWlzpqa4eDCCNVsHwlEilZDKHlsJY5Ce1QJvetp5z2DxDYTaxpEjMnQuS1dmxu5LT15u-zOM-Ctnt-FLPm5UvF-VERvCYelRVmCiZpCpaayG8CFmGyi75AtJv63oU9tDyvv-oENLJXT_3bpGdC6Njm-tkF6sUPNF5Q4uOBFZSncQyGV1wpaEXLdvC4InbuLiM6W6Pb3Z-JcUzLcl7qQH2v85HNLvDgRRiJCgym1tUFdypbmFPzPiTMSSdDuRqSsXJwaCBKlqpmOma0-UZmyw8Hx-f84o79pVXGQq8odc5Sbr5pGmtZ9WWQVT6Y4c2_T_sgTFZGAWfv2b1oKRp85SGL_5tsfDQxEZtp5CIyTQKAXT3tYJIBS-9QxvXSs9RvELTAiWZDS-0CDKsLKkw7WjAHiHAAUuJaHPsF3zYIEKmWj6yaN6Oftr3n5aNbzsig9XVbwzDxOqfx4GdceqW4tPdsSLgGh5FU2GHYW1tXWJDT4JHolMkRH0Exd2OPr0kf_A-91AIGMIeuiqX-EVIxgoszgKEVJcFrJUscH9rYj_FDcjqroulGO1EdeTbZRP3x5yxnRlEgzI_Uiqty80SFszFZEuNK90uDsnfdJuKg0jYRxx5WrUK-P3oCLvXxOnTPY3TUxWLq2raTmj8TaMddAuvAVrwBxk8FJbXRl0ZZNFSBg0blgJ5PfHbeSO8pP6zbKpa3Fb4BLBNdNDVIz7EBl8Dbu40GNuoJkuFTE&sai=AMfl-YQoeV3qo6pfnfVjriVo5v_HI5dviyhO868xiiFLZKXRpM87xcRQV_T5QC9035_WaYsqzJTdtsEh5kt1ZGQnGoSVKCyuMseldBEP-wuIA0WmWUnR3LIyP8sUX6oI58xVo1JJCbhWGrFr51JzlyBS1fSM3LagsETgMnZ3g2X2LgozKiXCoVaNwc4eIMPFtJYlKrLu7Ut1mjaX8gXC5dv95_EF&sig=Cg0ArKJSzEb1EdIGpbPJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=220&cbvp=1&cstd=214&cisv=r20220531.40494&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 02 Jun 2022 06:19:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js Show response
pagead2.googlesyndication.com/bg/ Frame C62B 36 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BlV8lHKGnk03wUyhHWlg9fV4CiK26Crs8dLo7bQbDuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 21:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13861
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 21:32:38 GMT

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 954B 635 KB
205 KB 36ms
35ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FFE5 44 KB
16 KB 60ms
48ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Jun 2022 06:19:54 GMT

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0AC4 635 KB
205 KB 36ms
35ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6A2A 635 KB
205 KB 52ms
52ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0AD4 635 KB
205 KB 50ms
49ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 68FB 635 KB
205 KB 46ms
45ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152180
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame FFE5 107 B
122 B 42ms
42ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 75F2 42 B
64 B 44ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjjjWiFaYYpuCK4KX9u8Pu4K4kASj2t2NaaaJ6pXpC8j1qPGBGxABIJWbyiFgkYSghYwYoAH_4_rpA8gBCakCi2NYnXfesT7gAgCoAwHIA8sEqgTlAU_QL240qoADmi_acUpMpbsYPlob-ujzSWxVJZa3BJtJWoqxiH9maAvriuU4gx1Jii42ICE0HlqjEmFXaeh6s5XOVfM9EmlDcQxDZ6Zvxh-nm_dM9ugvCvHyosJ0pi1nYaL9PZKX_KKTxzBbBAjvoNU4iF1TRFP89WP-NDwoGrRkrZT2BnWAbea62TDa-LUAC2F2esmVl863oXAgNs6PODIa-K9k6vKr6ngviPnW7-JxDFQMtvkktwjWGAg716wo38txTjRDgwmzDo6EUPOZYzvrdEOHjD5Qvvkk1KtnuqNb9S0_pTfABOP01cycA-AEAcAFBaAGLoAH6ZuFFqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTE2OTc0NzAzNzUzOTYwODCACgOYCwHICwGADAG4DAHgEuf8-vPPs-qF9AHYEw7QFQGYFgH4FgGAFwE&sigh=GPAE0fLKKoc&cid=CAQSPACNIrLMmj0bHSozYmsMZKeZJ7aPF7eitmsfgKn3PKlxsgNMLlzxBHdUAlEtI_DqjKpc73Xu80hUPUqejw&label=adresume

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1568 37 KB
13 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C21B 37 KB
13 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 84BA 37 KB
13 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame DE92 37 KB
13 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7E6C 37 KB
13 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H3 200 2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js Show response
pagead2.googlesyndication.com/bg/ Frame 37AF 35 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js

Requested by

Host: 30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
URL: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0486ac0154d88f65e2b5604a82fba1374e3908910560e97ee5f7915a001c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 06:17:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13827
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 06:17:23 GMT

GET
H3 206 file.mp4
r3---sn-axq7sn7e.c.2mdn.net/videoplayback/id/c0e48fec2399ff7b/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3795435042/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame FF72 2 MB
2 MB 123ms
60ms Media
video/mp4 2a00:1450:4012::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4012::15 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4f521847abb52f3823b69698fe5290026f5a87ab390cf0e88d842e7abc329eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 02 Jun 2022 06:19:54 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2245960/2245961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2245961
expires: Thu, 02 Jun 2022 06:19:54 GMT
last-modified: Tue, 26 Apr 2022 15:29:25 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 initial.css
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/css/ Frame 1F54 3 KB
1 KB 34ms
34ms Stylesheet
text/css 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/css/initial.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1350a0e4f8b6c22b6e7938ad9d13a7ec5cb3091823c0fcea09e757ef1695645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1028
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 03:46:59 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 1F54 118 KB
40 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 10:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Jun 2022 10:16:32 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ Frame 1F54 82 KB
29 KB 159ms
71ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 10:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 589303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 10:38:11 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/ Frame 1F54 233 KB
63 KB 122ms
34ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/jquery-ui.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 19:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63865
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 May 2023 19:06:39 GMT

GET
H3 200 initial.js Show response
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/ Frame 1F54 17 KB
3 KB 51ms
51ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/initial.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

238fd7ab0dd5fa0280ec9d686e10970d2466e89133314acbd01bc3d98dda7bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3031
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 03:46:59 GMT

GET
H3 200 logo.jpg
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/images/ Frame 1F54 3 KB
3 KB 34ms
34ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/images/logo.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:46:59 GMT
x-content-type-options: nosniff
age: 268375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2754
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 03:46:59 GMT

GET
H3 200 spinner.gif
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/images/ Frame 1F54 7 KB
7 KB 35ms
34ms Image
image/gif 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/images/spinner.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 18:01:06 GMT
x-content-type-options: nosniff
age: 389928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6841
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 May 2023 18:01:06 GMT

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame F537 0
0 81ms
29ms Document
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13525622
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Thu, 02 Jun 2022 06:19:54 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap5ams1

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4915 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BzTVYiVaYYprIF4WAbqeAk4AIAAAAADgB4AQC&bg=!oqGloeXNAAao8wy8iPM7ACkAdvg8Wp_pEsx-Xb2N0ZIW15f5N2MNGqe6UzTS3AU7VTDZ-bBqPQA3fAIAAAEYUgAAAAFoAQcKAEl1r1swXkosNttsjip9dLFhabTde4g7tKeQjT2AwEKsHXTzAX46S_m0BMjr2icive_oigOIA58wTrv71Vzjs_I88FDtyK6_qpi_mQMXvq85idLnxO0SlmAiVq7eH08dWtxEClAW-EPRDeUjaj4QrGMtTcOdLVV2FDUom1BbfEvTwMuNgb9raY0rsbAezmCFnSFlJ1TYdyq9PawWNQqYh83T6goSkGz92zCLrXdWRTyR5l3EOA9OirXpfKGYNLhGXyvYrNUUhufmGipYnqfmJY7CKNixkbDFI38yhmnKMbIXIbdSnig6EMWZDZ8W6RqLsgNE4XutgtKp9RSNvLsdfNfL7q6ghTPtYOEFZIbc5RD1yBAP3G4q0kw8plvOkk-FSPMXrVXYW5GWO-Ow4SwlrYgD3x53T0eIUck8TUk1fqmdB5_-VpMRwEQpWOLKAmVnjCpPBzTyCw7zhxeVqQkzFWaI2PVl86ptL5EHcBJnZEaR1GVdc0CWRKsDZs3FlebWTktTmLANTUDJLbgO--ABPXmQrziDdOnNX8F4qcjdFLsNwDRoB-RbelnklzxHMnGDf7KQKVbrOb_kmTSNGKpr5feDEzKaN2ZTgD3828ap8OdThLF-_NovI8_flKc_oUzuU7bgBe-kSs4Gr5X-fz0TdLzc3M-KqxM_PfiSnYSVjY2zNTFWMGsyG2MGqAGsd59tUIcU2b6rIpQP1VP6B3IbeT8Pqojq7s6LLJ_zxaKJcbWzcKWt8ekXOE1qXkqzYLC8jD0KwUUZUZ5kEqo3SiYSigg9vH3ifisZ5gZEZeOPCpsM7ZsptswPLDMYOaNvMt-MgW3mtK760VnBDX0ytAJXyNmg9p5uDuojmdxg7-suZ_gynK4QC6vESJCWoXC5Nn02sn-6FgfTngOX8wVsArI9NmDtslZ__HxJgtp4eZW2SJZUMnWITnj2SKKNTFWXPpqP4FBs5Azy8stMMVsEU-3mmCymkXHqtopLXkfM9pJbc_jpvl1CMOwht8oowgYTUnb-2K208285T3OeW0tFCOZQO6mSn1qnAOmopC4bqsUqLDX3EK_K8KrvkOVkskda_3AYFPAoJushBatZa0TomJ9IX1hZwg_91xayEf11ovLEKgVwnna7RFNzzlFVkNnpwXPw-nc0PP8

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame FF72 0
17 B 48ms
48ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l3wmo8pr&c=2195964878557&slotId=1097982439278.5&qqid=CJ-nnvOPjvgCFYnIuwgdQcUArw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=999&mt=video%2Fmp4&vs=360x640&ulv=1&cll=0&vast_v=2.0&vmfc=13&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 75F2 42 B
64 B 46ms
45ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 954B 156 B
185 B 311ms
310ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C21908094131%2Fapl%2Faniplay%2Faniplay_400&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1910992011313251&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=4156593300&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150794884&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=1219672141751441&ged=ve4_td2_tt1_pd2_la2000_er853.129.1013.429_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0AC4 156 B
523 B 83ms
83ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22652678936%2FSMG_Aniview%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fgo4kora.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3160346230634667&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2164876430&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150794899&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=1292248016072154&ged=ve4_td2_tt1_pd2_la2000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6A2A 156 B
185 B 322ms
322ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C21908094131%2Fapl%2Faniplay%2Faniplay_200&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3237525691294193&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=150406322&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150794904&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=243035962054321&ged=ve4_td2_tt1_pd2_la2000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 0AD4 156 B
185 B 251ms
250ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C21908094131%2Fapl%2Faniplay%2Faniplay_170&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2319190595745110&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=4014069180&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150794913&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=2742080331431235&ged=ve4_td2_tt1_pd2_la2000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 68FB 156 B
185 B 298ms
298ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C21908094131%2Fapl%2Faniplay%2Faniplay_150&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4294459466224628&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1106259718&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150794918&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=2968178820258127&ged=ve4_td2_tt1_pd2_la2000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1F54 7 KB
5 KB 46ms
45ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8997cbc9b57abebb7d2c833f8aa91aaec29aa339ef5d243fb4d966e3f0c361e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5575
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 099A 0
26 B 136ms
69ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstyOwwl0NMu9Hx-6E4Ac_HQo1hODcF-fu_joxmjtkDX9_S5ePfOEvP-v7Qg3HkrYjMFA50LhmtHy2qQdzm6eleeAhrPPfXOwuEEXfKLf6DKeOQ0PItNDHQqz4scmLIp_bBOmNtkXHhwgOa5B3WA8Qp9ARk16xRbsEttux65YM6isJI8agRsliElizygdU2mMJBtaWGurM4k0LySv191M2diGjjw8QIWktPo2DzrSmyWDptR2MNdIuFQYVu1vLWV0RvRcZdKfPIMLhXLn8FBLUs6J4fwNiIdeCZqNQhQYgUiRc0-U8JZlIlt8ja-NIrD8iHirYE5bknErqkSFcW56h8bfMdTIKylmuzdaWC-ccOdbdwwA8kFvttMwTVhvkQ4KQ0NXqvhA6Cxi97CY20n874NEQfd1AcKOBg9m08hcGTlW8AeZP1RSXAP_VNfuayDZyrfe07Teb2CsLbX5k7z8_q2PYDWp2J00_TC9uWlzpqa4eDCCNVsHwlEilZDKHlsJY5Ce1QJvetp5z2DxDYTaxpEjMnQuS1dmxu5LT15u-zOM-Ctnt-FLPm5UvF-VERvCYelRVmCiZpCpaayG8CFmGyi75AtJv63oU9tDyvv-oENLJXT_3bpGdC6Njm-tkF6sUPNF5Q4uOBFZSncQyGV1wpaEXLdvC4InbuLiM6W6Pb3Z-JcUzLcl7qQH2v85HNLvDgRRiJCgym1tUFdypbmFPzPiTMSSdDuRqSsXJwaCBKlqpmOma0-UZmyw8Hx-f84o79pVXGQq8odc5Sbr5pGmtZ9WWQVT6Y4c2_T_sgTFZGAWfv2b1oKRp85SGL_5tsfDQxEZtp5CIyTQKAXT3tYJIBS-9QxvXSs9RvELTAiWZDS-0CDKsLKkw7WjAHiHAAUuJaHPsF3zYIEKmWj6yaN6Oftr3n5aNbzsig9XVbwzDxOqfx4GdceqW4tPdsSLgGh5FU2GHYW1tXWJDT4JHolMkRH0Exd2OPr0kf_A-91AIGMIeuiqX-EVIxgoszgKEVJcFrJUscH9rYj_FDcjqroulGO1EdeTbZRP3x5yxnRlEgzI_Uiqty80SFszFZEuNK90uDsnfdJuKg0jYRxx5WrUK-P3oCLvXxOnTPY3TUxWLq2raTmj8TaMddAuvAVrwBxk8FJbXRl0ZZNFSBg0blgJ5PfHbeSO8pP6zbKpa3Fb4BLBNdNDVIz7EBl8Dbu40GNuoJkuFTE&sai=AMfl-YQoeV3qo6pfnfVjriVo5v_HI5dviyhO868xiiFLZKXRpM87xcRQV_T5QC9035_WaYsqzJTdtsEh5kt1ZGQnGoSVKCyuMseldBEP-wuIA0WmWUnR3LIyP8sUX6oI58xVo1JJCbhWGrFr51JzlyBS1fSM3LagsETgMnZ3g2X2LgozKiXCoVaNwc4eIMPFtJYlKrLu7Ut1mjaX8gXC5dv95_EF&sig=Cg0ArKJSzEb1EdIGpbPJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1077&vt=11&dtpt=857&dett=3&cstd=214&cisv=r20220531.40494&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: go4kora.com
URL: https://go4kora.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 47ms
47ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

2b9e7e6af8c8590a8ebc1f7b4efdf9962bbec4f57ec35e730bf50c01e3277ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10620
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/css/ Frame 1F54 22 KB
2 KB 34ms
34ms Stylesheet
text/css 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de8a66f01623e08572708da88309a0aaa41ca92452c58f71f8c1d87e58962562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2420
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 03:46:59 GMT

GET
H3 200 jquery.textfit.min.js Show response
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/ Frame 1F54 1 KB
677 B 35ms
35ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/jquery.textfit.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 648
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 03:46:59 GMT

GET
H3 200 nhdynamic.js Show response
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/ Frame 1F54 36 KB
6 KB 35ms
35ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/nhdynamic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd67d3ef1a4202a1c67fe1c79bab8338c13d5df2bce075a40fedc3bdd930518b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5742
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 03:46:59 GMT

GET
H3 200 youtubeApi.js Show response
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/ Frame 1F54 1 KB
474 B 36ms
36ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/youtubeApi.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/initial.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 445
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 03:46:59 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 099A 42 B
64 B 72ms
72ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstXSo0SCa9ZpYqYFPoaBkL-iEJ1a0tnfnqwqmMQ0fZ_cNwLW02D_rO4uVH7AO30FVvSfFPNqkZiCAR93JuEn2FfwfnFCj52ARBHw7pe2bMTN4fWhdKaRTAD5N1n&sai=AMfl-YRb2-meGiVK77XUb8582n3wfq6OEAgOYqNFkr375kxXV2t-GhGUBOJhwr_acYzdm_bDpsGt6vWLus81ZiwgVfJ3W7e7TlFvc2H3o8V1mJQN7hnz43z3U1VmaZZY&sig=Cg0ArKJSzPkSuXyXYNtTEAE&cid=CAASJeRoWbUM_ltLTEq4rhIMk5j_tbKkPolnv66x_SmIRmK5twunKUA&id=lidar2&mcvt=1003&p=1110,315,1200,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2825964077&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654150793626&rpt=315&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1F54 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 06:19:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Jun 2022 06:19:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C62B 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3JXPiVaYYr_6LJGT7_UPlpSo-AUAAAAAOAHgBAI&bg=!8_Cl8LTNAAao8wy8iPM7ACkAdvg8WqoayNKLATq9cS2ZKeelBRST-QATCmLNSKpokxJR95FPLBmKCgIAAAKEUgAAAApoAQeZAzt6GhMDKRuouc-hglYah97Lb7ETAaSSHoK73uoqaODlsK0M2uMpY7mBZO5NnyL4DNbi9oq8jNPQAHswysLKgRNEBepFZlsrJwozn_IAZFTV148hQLj77QfaEZVG82qBxK5ocGbckXaStr_hEydaWfwxLgQvCfZENU1-xmeSSLVgTZ21Dvk0U8bZEaKVh65gQx74_yr98mMMy-7kN0UCREtTSVeA2ajAxtvlFEQeRG_-191ZY-QZhASNw0z0EegZuDpHSfJjKnZB9bEswVPyAPbFieRd3N6esZ24AgRYjAK7wZT36SkQXDQhAvSCXNdQIDC4KyfO5zIFZYZ_eAn2gLbIDbItlbzONtQ1fZl2FqGAy27ZNCc-zqBRL9Jw8QkilpVJQ27C5VUqRJ92NlRtiX9smL-z4iNSjnTA_Sg9KaI8SlIqPjN9_oX4rDPNdNYNgIa2ndRPO71LiDxp51cSSDFOLJlefMP1AK-JRkSGBxqDQH31AxxKMBzZXfE8fDg0qF4CP48-q5lHqS-ULcua--wlRsAh6kr0pNuri6ExqmYM1KMk69KOb2tcbZBw83D9CuiJyLZkoQfsCgsEWUlkv2WNclyrht7-eE4BHWn_MGOMrAnfB-yyFbxSzJVzOswBbRsRH7ZWLZXG7cn7BMBY7C7XkxjEWBQfoluL6KkOV-bKgAWWMrDYuBzNqXgL92y991dAnQFPDXLDNEQppSg1pslKsdiqRsq4d9vroYrk2SrilTTOYdY9muFPr0MjVJ9Wpld4QQxpnCL3HHRkiN1kzJxbpyMCLWjydTv9f4wwWdCGUGXqlTqSGRTmbCNmHKxpmYPKmuiJdqmaBexCHKQUQGmcJi-pti6hC452CNG-OulKzjEGawvGClPuhA066_Bg51S13Fke4c8yFoXYoV131cmHbxXY38BQuFL7Q8SWDtHxZD8jlTv7dXhof5Wp5nb15Fg8EzJNUEWpxNpzYMKFqZaiyZuJlX4gAm4U_EFnsbsMk07ngJuShe_n7J5eBHKo3HKAqvCVU8bluJPs1Jk5kPyaBdTOsgh1is-TJ86pZK0X0JCX_l7lf-piPvZ7TJHJk9p6pxdzCNxcZPOUOg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 1F54 980 B
2 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/js/youtubeApi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

88ba15c9bc1ab764a5d87136d8ce4db46e53073f7463d91e8f5050a40545d5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 02 Jun 2022 06:19:55 GMT

GET
H3 200 63009_20220325045454196_background_970x90_1.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 1F54 27 KB
27 KB 35ms
34ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045454196_background_970x90_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a21237e89a64f21361e672891781da93ad6b81f3f92fc68002215336812f91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 05:58:46 GMT
x-content-type-options: nosniff
age: 1269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28125
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 11:54:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Jun 2022 05:58:46 GMT

GET
H3 200 63009_20220325045457324_background_970x90_2.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 1F54 27 KB
27 KB 111ms
111ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045457324_background_970x90_2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a21237e89a64f21361e672891781da93ad6b81f3f92fc68002215336812f91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 05:58:46 GMT
x-content-type-options: nosniff
age: 1269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28125
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 11:54:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Jun 2022 05:58:46 GMT

GET
H3 200 63009_20220325045500297_background_970x90_3.jpg
s0.2mdn.net/ads/richmedia/studio/63009/ Frame 1F54 27 KB
27 KB 108ms
107ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/63009/63009_20220325045500297_background_970x90_3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a21237e89a64f21361e672891781da93ad6b81f3f92fc68002215336812f91b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 05:58:46 GMT
x-content-type-options: nosniff
age: 1269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28125
x-xss-protection: 0
last-modified: Fri, 25 Mar 2022 11:55:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 03 Jun 2022 05:58:46 GMT

GET
H3 200 GothamNarrow-Bold.woff
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/fonts/ Frame 1F54 80 KB
80 KB 43ms
43ms Font
font/woff 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/fonts/GothamNarrow-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/css/style.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:46:59 GMT
x-content-type-options: nosniff
age: 268376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81884
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 03:46:59 GMT

GET
H3 200 GothamNarrow-Medium.woff
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/fonts/ Frame 1F54 81 KB
81 KB 36ms
36ms Font
font/woff 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/fonts/GothamNarrow-Medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/css/style.css
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:46:59 GMT
x-content-type-options: nosniff
age: 268376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82744
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 03:46:59 GMT

GET
H3 200 flecha.png
s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/images/ Frame 1F54 1 KB
1 KB 115ms
115ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/assets/images/flecha.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3042250e6e9ece43bc139bb6a515d7e75012e511f655015d64798a84e8e1cf0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18178654731742740480/970x90/creative.html?e=69&leftOffset=0&topOffset=0&c=cFjQG6kAJh&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 03:46:59 GMT
x-content-type-options: nosniff
age: 268376
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 20:07:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 May 2023 03:46:59 GMT

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame DEBF 635 KB
205 KB 34ms
34ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame FFE5 107 B
122 B 43ms
42ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CDB8 37 KB
13 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H3 200 2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7789 35 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0486ac0154d88f65e2b5604a82fba1374e3908910560e97ee5f7915a001c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 06:17:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13827
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 06:17:23 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/02208bb4/www-widgetapi.vflset/ Frame 1F54 157 KB
51 KB 107ms
33ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05bc542bcd29803a843c851c578dda9c21c9d6fddb1d360f9c297838f720460f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 04:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5943
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52200
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 02 Jun 2023 04:40:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CA9A 13 KB
5 KB 34ms
34ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 25532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:14:23 GMT
expires: Thu, 01 Jun 2023 23:14:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A221 783 B
533 B 45ms
44ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

60d2894aee443999f4d7c45136bb36bebff6eb5703723c2bfb8b010d1ba17176

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wBKzGfA-wK0cpxArCTptJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-wBKzGfA-wK0cpxArCTptJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:19:55 GMT
expires: Thu, 02 Jun 2022 06:19:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 75F2 42 B
64 B 73ms
72ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbIWT7LHfUtfDk3Na7iU2r7Gp57C9YfC7jJPw0oZMEKoYt0RLJ-y2NU5-9JmBa3vJrD0qfGoGCMvlB875oGWVDTPSZtIKrNOa0RmCFuKzP6yUZw38mrllBULkr&sai=AMfl-YShcH1eFhRZXG5UGKLw0YNJpBc_44A9aw9vrn3SIRsDruK2gi3iEfKM1kZ31n6xVgWcL0CCLXCzdm0-h5NCnvOgMt6t_T11ri8ggXB_bT2h-QzlEZ1zxTOHYz0T&sig=Cg0ArKJSzJnfDURosNQPEAE&cid=CAASF-RohvcDEyDZZZ4krV3CYSVtRpwOIPmu&id=lidar2&mcvt=1037&p=176,230,776,1370&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1841013479&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654150793122&rpt=1059&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
servt.modoro360.com/ 0
94 B 317ms
106ms XHR
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go4kora.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 02 Jun 2022 06:19:55 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 75F2 0
17 B 47ms
47ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~l3wmo8t8&c=4255484692107&slotId=2127742346053.5&qqid=CJvmnfOPjvgCFYKL_QcdOwEOQg&dm=28000&event_name=first_play&asset_bytes=20557&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=8&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l3wmo9ud
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/c1187f9c406d7453d4f1a2621f2f7324.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame A775 635 KB
205 KB 38ms
38ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame FFE5 107 B
122 B 43ms
42ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame DEBF 156 B
144 B 305ms
304ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C21908094131%2Fapl%2Faniplay%2Faniplay_130&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3791469107396553&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1149592592&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dlt=1654150792832&idt=2390&dt=1654150795336&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=593590997013879&ged=ve4_td2_tt1_pd2_la2000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A221 0
0 95ms
94ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022052601&jk=1738239888552833&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A31D 37 KB
13 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 37EA 635 KB
205 KB 37ms
36ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 82A4 635 KB
205 KB 35ms
35ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js Show response
pagead2.googlesyndication.com/bg/ Frame CA9A 35 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0486ac0154d88f65e2b5604a82fba1374e3908910560e97ee5f7915a001c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 06:17:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13827
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 06:17:23 GMT

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 276F 635 KB
205 KB 34ms
34ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 258E 37 KB
13 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 49C4 37 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1C1E 37 KB
13 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H2 200 cookiesyncendpoint Show response
servs.modoro360.com/ Frame 65DD 0
237 B 104ms
104ms Document
text/plain 52.55.132.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1654150793394-911564553145-006037-012-007319&key=695888fedbd905725c7435d47f09da36
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1654150793394-911564553145-006037-012-007319%26key%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.132.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-132-212.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vid.vidoomy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-length: 0
date: Thu, 02 Jun 2022 06:19:55 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A775 156 B
145 B 231ms
230ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C21908094131%2Fapl%2Faniplay%2Faniplay_130&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4500833020436193&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=535328560&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150795873&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=1424948661110033&ged=ve4_td3_tt2_pd3_la3000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts1_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 37EA 156 B
145 B 219ms
219ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C21908094131%2Fapl%2Faniplay%2Faniplay_100&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2938954791121648&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3178365477&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150795906&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=1059852490555104&ged=ve4_td3_tt2_pd3_la3000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 82A4 73 KB
16 KB 321ms
321ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C21908094131%2Fapl%2Faniplay%2Faniplay_075&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2453108145776872&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2296217666&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150795913&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=4204771377624142&ged=ve4_td3_tt2_pd3_la3000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

76d65157f9610829cb35486215ea8ce54e33472af03af02bfdb144561dbc5c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15896
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 276F 156 B
145 B 192ms
192ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C21908094131%2Fapl%2Faniplay%2Faniplay_075&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1469783599534585&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2130913052&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150795921&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=1119960547813591&ged=ve4_td3_tt2_pd3_la3000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8F84 635 KB
205 KB 34ms
34ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152181
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame FFE5 107 B
122 B 42ms
42ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 930F 37 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CA9A 0
10 B 34ms
33ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CsK7Lg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8F84 73 KB
16 KB 208ms
208ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7047%2C21908094131%2Fapl%2Faniplay%2Faniplay_050&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1382201900102202&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=3642632956&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150796067&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=1934268276999620&ged=ve4_td3_tt2_pd3_la3000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

c5fd189d680898294e002cd911f354f2a6a495cb3079f22f7f381a1a4d654715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15940
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bridge3.517.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6A20 635 KB
205 KB 34ms
34ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 152182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210269
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 12:03:34 GMT
expires: Wed, 31 May 2023 12:03:34 GMT
last-modified: Mon, 23 May 2022 16:49:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame FFE5 107 B
122 B 43ms
42ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=go4kora.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Jun 2022 06:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H2 200 track Show response
servt.modoro360.com/ 0
93 B 105ms
104ms XHR
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=603b9ffff4babd238f32ea66
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go4kora.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 02 Jun 2022 06:19:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4BC5 37 KB
13 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 02 Jun 2022 07:16:42 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 82A4 0
17 B 47ms
46ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3wmoald&c=4413790304206&slotId=2206895152103&qqid=CLGz5fSPjvgCFdHqdwodr4UAAw&gqid=i1aYYqDNOcWLjuwPkpG04Ag&fb=ima_html5-lima&sdkv=h.3.517.2&mrd=6&aab=0&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44715336%2C44737475%2C44760950%2C44761692%2C44762462&met.4=ghmsh_s.l3wmob15~ghmsh_s.l3wmob16&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=6sG6EUPfTm-4PhDy
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 simid_trueview_en.html Show response
imasdk.googleapis.com/js/simid/ Frame E1A8 143 KB
44 KB 47ms
46ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/simid/simid_trueview_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eafd2117751071219c64580e1803f55c461ce55f03cbe0fc34a33d766270b31

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-mfR6-7w0H-bsR3iuKJLEbw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'nonce-mfR6-7w0H-bsR3iuKJLEbw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static; base-uri 'none'
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:19:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 8F84 0
17 B 46ms
46ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3wmoav4&c=4413790304206&slotId=2206895152103&qqid=COzH7vSPjvgCFZGzdwodIfEBIQ&gqid=jFaYYuf6BYTs3wPE9ZrAAQ&fb=ima_html5-lima&sdkv=h.3.517.2&mrd=6&aab=0&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44715336%2C44737475%2C44760950%2C44761692%2C44762462&met.4=ghmsh_s.l3wmob32~ghmsh_s.l3wmob33&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=icBc3Mi8JQRZz-ig
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 simid_trueview_en.html Show response
imasdk.googleapis.com/js/simid/ Frame 8477 143 KB
44 KB 43ms
43ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/simid/simid_trueview_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ab4ebd99c00edf86e467f13914aadca158f04769aeba663a348b39f8f247e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-47H0x6PODBp6FiBquJtuWw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static; base-uri 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'nonce-47H0x6PODBp6FiBquJtuWw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static; base-uri 'none'
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:19:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 82A4 453 B
478 B 35ms
34ms Image
image/png 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-8604995772899639

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 05:47:13 GMT
x-content-type-options: nosniff
age: 1963
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 06:37:13 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 82A4 42 B
64 B 44ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CyQQXi1aYYvHBO9HV3wOvi4IYhZyfhGqnu-uO9g_i3OiZywEQASCZi70vYJGEoIWMGKABrcipvgPIAQXgAgCoAwGYBACqBPMBT9B32K6ZjR6skexBj5Yw7IWOpqPvp2U4CNu_UBuqABGpWznN5DldaLool_KUXd_49mA88exwSFYI6hVZLlfsJ69L-faBAfaZbFA8EOM_ie6p35MBTbZ0y7KVZNplCGNCapPhrBP4d4i9hys13rWSK0GZZI6NhJd4HbAa2dlRszLBrdM9V8IhBjEVnc6SP3mAmgeu2w0fNlDJlRd08w_AecxQ9yKeKv4hKEFgv5LL2BLfL6ul7SSn6X8ncPRtyS5o3OTrQckzSQ821_1A27Ph5Cr62pr3jr9NUdfEYADx63kvHeAPs8ouskoM0OivfcrreQJSwASqn5Gk-gPgBAGIBZDIhe4_kgUICAMQARgBUAGgBlSAB7u31kGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzM4ODU4NjgyMzU0ODU0OLEJiIDpaSVh96KACgOYCwHICwHQCw64DAHYEwzQFQGYFgHiFgIIAfgWAYAXAQ&sigh=BvAokFPqA7Q&label=show_ad&acvw=&sdkv=h.3.517.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzEwMjU4MDEzNTIMNTk3OTc4MzkyMDU1QMUCUiMQDyUAAHBBKAE6CzY1d3FIWi1zRVlZQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 82A4 0
0 71ms
70ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CpV3ci1aYYvHBO9HV3wOvi4IYhZyfhGqnu-uO9g_i3OiZywEQASCZi70vYJGEoIWMGKABrcipvgPIAQXgAgCoAwGYBACqBPABT9B32K6ZjR6skexBj5Yw7IWOpqPvp2U4CNu_UBuqABGpWznN5DldaLool_KUXd_49mA88exwSFYI6hVZLlfsJ69L-faBAfaZbFA8EOM_ie6p35MBTbZ0y7KVZNplCGNCapPhrBP4d4i9hys13rWSK0GZZI6NhJd4HbAa2dlRszLBrdM9V8IhBjEVnc6SP3mAmgeu2w0fNlDJlRd08w_AecxQ9yKeKv4hKEFgv5LL2BLfL6ul7SSn6X8ncPRtyS5o3OTrQckzSVc3TQjTSeRzLuxf9mBSnlTiXzxDkzTZ4lc31QCynzCpVlwgyBxcysQAwASqn5Gk-gPgBAGgBlSAB7u31kGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO6nJ6gIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzM4ODU4NjgyMzU0ODU0OIAKA8gLAcITBhityKm-A9gTDNAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTQ5MDM0NTM5NzQ3NDU1MzAY5MMO&sigh=GIGxruZ0WrQ&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.517.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzEwMjU4MDEzNTIMNTk3OTc4MzkyMDU1QMUCUiMQDyUAAHBBKAE6CzY1d3FIWi1zRVlZQglnb29nbGVhZHNQABgB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6A20 156 B
145 B 464ms
464ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21939239661%2C21908094131%2Fapl%2Faniplay%2Faniplay_050&description_url=go4kora.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1055081855549629&sdkv=h.3.517.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=2462548267&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=E6AB9EB0-8067-464D-95FD-F9672B1E221C&a3p=EiAKDGlkNS1zeW5jLmNvbRj8i8iYkjBFAAAAAEgAUgIIag..&nel=0&eid=44715336%2C44737475%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fgo4kora.com%2F&url=https%3A%2F%2Fgo4kora.com%2F&dt=1654150796429&cookie=ID%3D9b623ba2ddfc33e3%3AT%3D1654150792%3AS%3DALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA&scor=981056479243048&ged=ve4_td3_tt2_pd3_la3000_er853.129.1013.429_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame FFE5 0
17 B 47ms
47ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3wmo9do&c=4413790304206&slotId=2206895152103&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-x2pm-3ufr.googlevideo.com/ 3 MB
3 MB 454ms
152ms Media
video/mp4 185.48.9.141
EPIX-KTW-GLOBALMIX

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-x2pm-3ufr.googlevideo.com/videoplayback?expire=1654179596&ei=jFaYYu35Ccuc8gPdorCACQ&ip=31.204.153.194&id=eb9c2a1d9fac1186&itag=22&source=youtube&requiressl=yes&mh=gp&mm=31&mn=sn-x2pm-3ufr&ms=au&mv=m&mvi=2&pl=22&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.418&lmt=1652460559850480&mt=1654150399&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgKQyvm6v5B_PaXWrqJsURG9ZzXoa5H68sHM4QYUKCW0cCIQCqEECAFn0LzLh2ZjOKEEINwlGGJeG1RWzPQDDtclSjTQ==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAIVGyGS2p1qrt4Js0Pc1MDraGOlUO643xG7rFmpE88IZAiEAg7IXJ2qQsy9MHRauaiYY2pAqUGZztYUA6CIeTmFMlEs=&cpn=6sG6EUPfTm-4PhDy

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.48.9.141 Brzeznica, Poland, ASN50607 (EPIX-KTW-GLOBALMIX, PL),

Reverse DNS

cache.google.com

Software

gvs 1.0 /

Resource Hash

790e21247bf22087a15e0da8bfbb1ac55c7ec90deb11d38e6ab05875b7553fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go4kora.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 02 Jun 2022 06:19:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 13 May 2022 16:49:19 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-3653328/3653329
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3653329
Expires: Thu, 02 Jun 2022 06:19:56 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/65wqHZ-sEYY/ Frame E1A8 45 KB
46 KB 108ms
33ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/65wqHZ-sEYY/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12e54a20f038aac1bb5e22da187cec2d506661f571fb56dbd7a611d2fe14b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:18:40 GMT
x-content-type-options: nosniff
age: 76
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46312
x-xss-protection: 0
server: sffe
etag: "1651715376"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jun 2022 08:18:40 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/65wqHZ-sEYY/ Frame 8477 45 KB
45 KB 112ms
70ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/65wqHZ-sEYY/hqdefault.jpg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/simid/simid_trueview_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12e54a20f038aac1bb5e22da187cec2d506661f571fb56dbd7a611d2fe14b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:18:40 GMT
x-content-type-options: nosniff
age: 76
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46312
x-xss-protection: 0
server: sffe
etag: "1651715376"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 Jun 2022 08:18:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 84ms
84ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022052601&jk=1738239888552833&bg=!oKOlo-fNAAao8wy8iPM7ACkAdvg8WssTvi6SoPLYGQb79mbCfZK1LmT_QBvADGQE_ZJR_y_y2lUTnAIAAAFfUgAAAAJoAQeZArpk3TXACB3f1Eo4K0S1lrJXWYZhsS32yMD7Wt6_X1QXHNYc95rlKf5XaLplIWtvGrx4xvk8E9hWFNVlZjBNoKShSwNQnJBzs7jeU4Qi4UjvOHOYtuQHFBEF8tyL4l8sW4_yXRkIwhLT7YJgEWTqmO_kSQu_5vevMh6LZXjMLtZF6bCeqCL9yT8wW51VvlAr80qHSL9huw9ozSlVZyBueb5VbPhXy9h1H8ITofnqcHhW-4HKm486uyhDQNQgc1x7EcCDuNN_TjbQspDDN_s9ywLEuFAjIBF1ELU0iMXP6w6uE8kArLWpFhpTj85K03aMW_rBva7Sfswq9Mzsk5ubK2dEXMnyV2JlZUK5fQ3e8zLOPqev5k2cinubiZBxHXYAK688O3H9uxWWFdhCC6ri3af83UY9Fz1tYbCYI0tjG3PYaRSibgMjPwScRYje5Vy4ZDMruJmkNuCmKcUAenJ4jbQUH19Tb0mKsckDMqCFQEAB2QvWPkUcCmFDoNkBt9vJMJlw2h3lsumty-78N7AuO2CLgVzt8lKLajrmtHvFZXvL0K5U_QEl1DT_LP4f0x0AAXvanYkqfgVGLWppwNxlwByULbNDUjZ_bQCm66waZx0BqEv1vudQwMTwsChZPTXORbvKN2Qi0wtD5aM4rEnL5daNPWnsajbjznAI2740oaTZ0sCRpYdRec_cjak2Pt8bRSQCMoKLxZWUj7fuY3BfeLf8KQlamlWbfE0h5wK9EVV3NHmaJcsF41ZJ8pQjakjN9ulbyPvRedzztFG8bMKKD3RNeUGptp2WKPQNbDGnogiNeCD6-_gOlrlNf1JffA4sreXGBXCCQYICZp-z364YT0LlmV85047Pa-F-cOwmRwn0m2utF62e5fsh3c-rERQKcjzK1I3_823hu50UyeO57D64NenDymX-__P_JQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 82A4 0
17 B 47ms
46ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l3wmob1m&c=4413790304206&slotId=2206895152103&qqid=CLGz5fSPjvgCFdHqdwodr4UAAw&gqid=i1aYYqDNOcWLjuwPkpG04Ag&fb=ima_html5-lima&sdkv=h.3.517.2&mrd=6&aab=0&itv=1&met.4=ghmsh_s.l3wmob1o
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 82A4 42 B
64 B 44ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CyQQXi1aYYvHBO9HV3wOvi4IYhZyfhGqnu-uO9g_i3OiZywEQASCZi70vYJGEoIWMGKABrcipvgPIAQXgAgCoAwGYBACqBPMBT9B32K6ZjR6skexBj5Yw7IWOpqPvp2U4CNu_UBuqABGpWznN5DldaLool_KUXd_49mA88exwSFYI6hVZLlfsJ69L-faBAfaZbFA8EOM_ie6p35MBTbZ0y7KVZNplCGNCapPhrBP4d4i9hys13rWSK0GZZI6NhJd4HbAa2dlRszLBrdM9V8IhBjEVnc6SP3mAmgeu2w0fNlDJlRd08w_AecxQ9yKeKv4hKEFgv5LL2BLfL6ul7SSn6X8ncPRtyS5o3OTrQckzSQ821_1A27Ph5Cr62pr3jr9NUdfEYADx63kvHeAPs8ouskoM0OivfcrreQJSwASqn5Gk-gPgBAGIBZDIhe4_kgUICAMQARgBUAGgBlSAB7u31kGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAagIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzM4ODU4NjgyMzU0ODU0OLEJiIDpaSVh96KACgOYCwHICwHQCw64DAHYEwzQFQGYFgHiFgIIAfgWAYAXAQ&sigh=BvAokFPqA7Q&label=video_ad_loaded&acvw=&sdkv=h.3.517.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzEwMjU4MDEzNTIMNTk3OTc4MzkyMDU1QMUCUiMQDyUAAHBBKAE6CzY1d3FIWi1zRVlZQglnb29nbGVhZHNQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame 82A4 41 KB
15 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 10:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 31 May 2023 10:58:43 GMT

GET
H3 200 adview
pubads.g.doubleclick.net/pagead/ Frame 82A4 0
0 77ms
76ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CpV3ci1aYYvHBO9HV3wOvi4IYhZyfhGqnu-uO9g_i3OiZywEQASCZi70vYJGEoIWMGKABrcipvgPIAQXgAgCoAwGYBACqBPABT9B32K6ZjR6skexBj5Yw7IWOpqPvp2U4CNu_UBuqABGpWznN5DldaLool_KUXd_49mA88exwSFYI6hVZLlfsJ69L-faBAfaZbFA8EOM_ie6p35MBTbZ0y7KVZNplCGNCapPhrBP4d4i9hys13rWSK0GZZI6NhJd4HbAa2dlRszLBrdM9V8IhBjEVnc6SP3mAmgeu2w0fNlDJlRd08w_AecxQ9yKeKv4hKEFgv5LL2BLfL6ul7SSn6X8ncPRtyS5o3OTrQckzSVc3TQjTSeRzLuxf9mBSnlTiXzxDkzTZ4lc31QCynzCpVlwgyBxcysQAwASqn5Gk-gPgBAGgBlSAB7u31kGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO6nJ6gIAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzM4ODU4NjgyMzU0ODU0OIAKA8gLAcITBhityKm-A9gTDNAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTQ5MDM0NTM5NzQ3NDU1MzAY5MMO&sigh=GIGxruZ0WrQ&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.517.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 82A4 42 B
64 B 46ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ctv57i1aYYvHBO9HV3wOvi4IYhZyfhGqnu-uO9g_i3OiZywEQASCZi70vYJGEoIWMGKABrcipvgPIAQXgAgCoAwGYBACqBPABT9B32K6ZjR6skexBj5Yw7IWOpqPvp2U4CNu_UBuqABGpWznN5DldaLool_KUXd_49mA88exwSFYI6hVZLlfsJ69L-faBAfaZbFA8EOM_ie6p35MBTbZ0y7KVZNplCGNCapPhrBP4d4i9hys13rWSK0GZZI6NhJd4HbAa2dlRszLBrdM9V8IhBjEVnc6SP3mAmgeu2w0fNlDJlRd08w_AecxQ9yKeKv4hKEFgv5LL2BLfL6ul7SSn6X8ncPRtyS5o3OTrQckzSVc3TQjTSeRzLuxf9mBSnlTiXzxDkzTZ4lc31QCynzCpVlwgyBxcysQAwASqn5Gk-gPgBAGIBZDIhe4_oAZUgAe7t9ZBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTczODg1ODY4MjM1NDg1NDiACgPICwHYEwzQFQGYFgHiFgIIAfgWAYAXAQ&sigh=eutCEsfj7pM&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D926%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D853,9,1089,429%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15348%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D693%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D218732983%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1654150794109%26ptlt%3D1654150797090%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.05%26t%3D1654150796372&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzEwMjU4MDEzNTIMNTk3OTc4MzkyMDU1QMUCUiYQDyUAAHBBKAE6CzY1d3FIWi1zRVlZQglnb29nbGVhZHNImQVQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 82A4 42 B
68 B 71ms
70ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8SjJ2M6noae_hGg2fXV5E9anRk-jue_lyAG2xKuUal4oPNWx0AUMpW_KaytXLpaF7VFqjEpXErNFUokFjhWhZGd6YnRQTUwjlrWxewuJiF1L5xTaNKvoD2E2s&sai=AMfl-YRwRitPlq-nSV_w23N2FncXXatm_fDoexD6SdCReqwCW6qe1JileRBqVJYNZ779Ndk2zhYxIq94Q86le22Q1pHZ_FRmko9J8ZTYcxgfJ4l1kk-xl7aA19yjOhHP&sig=Cg0ArKJSzJ7wbSrFdkA4EAE&cid=CAASF-RouxRqv9WUbPfRYo0HiREyYK-LTNOd&id=lidarv&acvw=sv%3D926%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D853,9,1089,429%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15348%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D693%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D218732983%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1654150794109%26ptlt%3D1654150797091%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1654150796372&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 82A4 42 B
64 B 46ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ctv57i1aYYvHBO9HV3wOvi4IYhZyfhGqnu-uO9g_i3OiZywEQASCZi70vYJGEoIWMGKABrcipvgPIAQXgAgCoAwGYBACqBPABT9B32K6ZjR6skexBj5Yw7IWOpqPvp2U4CNu_UBuqABGpWznN5DldaLool_KUXd_49mA88exwSFYI6hVZLlfsJ69L-faBAfaZbFA8EOM_ie6p35MBTbZ0y7KVZNplCGNCapPhrBP4d4i9hys13rWSK0GZZI6NhJd4HbAa2dlRszLBrdM9V8IhBjEVnc6SP3mAmgeu2w0fNlDJlRd08w_AecxQ9yKeKv4hKEFgv5LL2BLfL6ul7SSn6X8ncPRtyS5o3OTrQckzSVc3TQjTSeRzLuxf9mBSnlTiXzxDkzTZ4lc31QCynzCpVlwgyBxcysQAwASqn5Gk-gPgBAGIBZDIhe4_oAZUgAe7t9ZBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTczODg1ODY4MjM1NDg1NDiACgPICwHYEwzQFQGYFgHiFgIIAfgWAYAXAQ&sigh=eutCEsfj7pM&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D926%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D853,9,1089,429%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15348%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D693%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D218732983%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1654150794109%26ptlt%3D1654150797092%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1654150796372&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzEwMjU4MDEzNTIMNTk3OTc4MzkyMDU1QMUCUiYQDyUAAHBBKAE6CzY1d3FIWi1zRVlZQglnb29nbGVhZHNImQVQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 82A4 42 B
64 B 46ms
45ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ctv57i1aYYvHBO9HV3wOvi4IYhZyfhGqnu-uO9g_i3OiZywEQASCZi70vYJGEoIWMGKABrcipvgPIAQXgAgCoAwGYBACqBPABT9B32K6ZjR6skexBj5Yw7IWOpqPvp2U4CNu_UBuqABGpWznN5DldaLool_KUXd_49mA88exwSFYI6hVZLlfsJ69L-faBAfaZbFA8EOM_ie6p35MBTbZ0y7KVZNplCGNCapPhrBP4d4i9hys13rWSK0GZZI6NhJd4HbAa2dlRszLBrdM9V8IhBjEVnc6SP3mAmgeu2w0fNlDJlRd08w_AecxQ9yKeKv4hKEFgv5LL2BLfL6ul7SSn6X8ncPRtyS5o3OTrQckzSVc3TQjTSeRzLuxf9mBSnlTiXzxDkzTZ4lc31QCynzCpVlwgyBxcysQAwASqn5Gk-gPgBAGIBZDIhe4_oAZUgAe7t9ZBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTczODg1ODY4MjM1NDg1NDiACgPICwHYEwzQFQGYFgHiFgIIAfgWAYAXAQ&sigh=eutCEsfj7pM&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=admute&ad_mt=0&acvw=sv%3D926%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D853,9,1089,429%26tos%3D9,0,0,0,0%26mtos%3D9,9,9,9,9%26amtos%3D0,0,0,0,0%26mcvt%3D9%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D9%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D9%26pst%3D-1%26dur%3D15348%26vmtime%3D-1%26dvs%3D9%26dfvs%3D9%26dvpt%3D9%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D693%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D218732983%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1654150794109%26ptlt%3D1654150797095%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,9&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.05%26t%3D1654150796372&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzEwMjU4MDEzNTIMNTk3OTc4MzkyMDU1QMUCUiYQDyUAAHBBKAE6CzY1d3FIWi1zRVlZQglnb29nbGVhZHNImQVQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
servt.modoro360.com/ 0
70 B 103ms
103ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236&asid=603ba16fb889ef1ea87f5ac6%7C61b8974b41d4f33859638f17&pid=603b9ffff4babd238f32ea66%7C60095c900c0799791c46d8d4&cid=607d8fb337a8647f135f4f25%7C603ba08d7838bb0cfb4fcb54&h=ca20c00f7fa9df10949a8b392dbfe6e1b7d98025&d9=1000&ad=15&vi=100&ofpr=0.75&imid=25e043b96e73b752dc1ca93d6f2a144f_1723150105_2993699_1&e=impression&cb=1654150793563&ad=15&vi=100&d4=1&d5=4&d1=vpaid&fv=1&cb=1654150793785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 103ms
103ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236&asid=603ba16fb889ef1ea87f5ac6%7C61b8974b41d4f33859638f17&pid=603b9ffff4babd238f32ea66%7C60095c900c0799791c46d8d4&cid=607d8fb337a8647f135f4f25%7C603ba08d7838bb0cfb4fcb54&h=ca20c00f7fa9df10949a8b392dbfe6e1b7d98025&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=0.75&imid=25e043b96e73b752dc1ca93d6f2a144f_1723150105_2993699_[AVC_WFCYCLE]&e=start&d1=vpaid&fv=1&cb=1654150793785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 6DEF 23 KB
9 KB 35ms
35ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 520480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 27 May 2022 05:45:17 GMT
expires: Sat, 27 May 2023 05:45:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 8F84 0
17 B 50ms
50ms Ping
image/gif 2a00:1450:4013:c05::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l3wmob55&c=4413790304206&slotId=2206895152103&qqid=COzH7vSPjvgCFZGzdwodIfEBIQ&gqid=jFaYYuf6BYTs3wPE9ZrAAQ&fb=ima_html5-lima&sdkv=h.3.517.2&mrd=6&aab=0&itv=1&met.4=ghmsh_s.l3wmob57
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DEF 35 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0486ac0154d88f65e2b5604a82fba1374e3908910560e97ee5f7915a001c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 06:17:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13827
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 06:17:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DEF 0
24 B 68ms
68ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.517.2&bgai=BYhDAi1aYYvHBO9HV3wOvi4IYAAAAADgBugUTCOC-4_SPjvgCFcWFgwcdkggNjA&bg=!bW6lbirNAAao8wy8iPM7ACkAdvg8Wu-DXRj5V2bbHdt1-QG6d-ubUZWh2DD_BYl0518tqcF5C71N0AIAAACUUgAAAAJoAQeZAn6RwhQWOlrselCqWBHm8OCM4UtYgAG05clqWS11NRm3UjXB_Vjvl9w_tDStiA7MrvxtIm1VLKeWjIoMTvg5pD8OFWxggFUZcK8DQYmv556eqbUonc3jxXzjdC5RRzAs3ipIiIpBCGuQxJD9gExihWSEsC2eeWYMWhelz3zW1BBrXNneh9driyCqMvz03wgXKdwiPhXzmICanK5xknEtkjTzprJRvy8dtJWol35c85vCV41r-oJVFegnvN06UwtxdpF2rAAEANe7TJsF0wwJ89IzHmadbg32PqF_BBXxb34ILpWcKGIcWAi_YhtBmTYKmyBJGHV6P076xkB_YSGmvo9kYCSFFz9Sm7_VjU0OOIaQfeRsDAESXfhRoOW9RMbZm5Qwe7Rcf8I3nAg57spOsSCzA5a3mBu3otNOKgAkriB0G2vw33egZTCVSmk90nbHn9y-HE0i4JikGCZuD75zi2ZNaRkX_sxkGLlulJmOUd9wYqGLx4GBksdfLwvcusG9pWIHo8-yWGgkUvvYCR3d0uhVJkTke5ZbwwvVQe6ACFxgOlXUjykT3T_jpsj1_YUBO48u8wDySfNawp4UvbFd1hUvtq_05Z1B4MK-DE0OJGmgHYTuEMtyO6NsUs0LyuRPyZmp3wKjgFGG9wVOf2aZWHw4jEgw4jJq14PzaHgqchbrhZBgrLB66ddTpGshVUpxt9OJFQsTMm5xAcZGz0mRA2dUEICybxW0Pi6Z-R04P7kFh1jEOy-DWOWg9aIvxmc_5yRafG0Le2MTOU0FgIEB048dQJVFA42iY_0AljtJDqCSt_sR9xBun7IX_mJ-zjK56yOMBWZQyL3ULk--xCMsjQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 82A4 42 B
70 B 73ms
72ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8SjJ2M6noae_hGg2fXV5E9anRk-jue_lyAG2xKuUal4oPNWx0AUMpW_KaytXLpaF7VFqjEpXErNFUokFjhWhZGd6YnRQTUwjlrWxewuJiF1L5xTaNKvoD2E2s&sai=AMfl-YRwRitPlq-nSV_w23N2FncXXatm_fDoexD6SdCReqwCW6qe1JileRBqVJYNZ779Ndk2zhYxIq94Q86le22Q1pHZ_FRmko9J8ZTYcxgfJ4l1kk-xl7aA19yjOhHP&sig=Cg0ArKJSzJ7wbSrFdkA4EAE&cid=CAASF-RouxRqv9WUbPfRYo0HiREyYK-LTNOd&id=lidarv&acvw=sv%3D926%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D853,9,1089,429%26tos%3D2069,0,0,0,0%26mtos%3D2069,2069,2069,2069,2069%26amtos%3D0,0,0,0,0%26mcvt%3D2069%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2069%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D455%26pst%3D448%26dur%3D20697%26vmtime%3D1953%26dtos%3D2069%26dtoss%3D1%26dvs%3D2060%26dfvs%3D2060%26dvpt%3D2060%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D693%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D14,0,0,0,0%26avms%3Dexc%26qi%3D218732983%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1654150794109%26ptlt%3D1654150799154%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2069&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1654150796372

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
servt.modoro360.com/ 0
70 B 103ms
103ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236&asid=603ba16fb889ef1ea87f5ac6%7C61b8974b41d4f33859638f17&pid=603b9ffff4babd238f32ea66%7C60095c900c0799791c46d8d4&cid=607d8fb337a8647f135f4f25%7C603ba08d7838bb0cfb4fcb54&h=ca20c00f7fa9df10949a8b392dbfe6e1b7d98025&d9=1000&ad=15&vi=100&ofpr=0.75&imid=25e043b96e73b752dc1ca93d6f2a144f_1723150105_2993699_1&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=1&cb=1654150793785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:19:59 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
servt.modoro360.com/ 0
70 B 104ms
104ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236&asid=603ba16fb889ef1ea87f5ac6%7C61b8974b41d4f33859638f17&pid=603b9ffff4babd238f32ea66%7C60095c900c0799791c46d8d4&cid=607d8fb337a8647f135f4f25%7C603ba08d7838bb0cfb4fcb54&h=ca20c00f7fa9df10949a8b392dbfe6e1b7d98025&d9=1000&ad=15&vi=100&ofpr=0.75&imid=25e043b96e73b752dc1ca93d6f2a144f_1723150105_2993699_1&e=sec3&vi=100&d1=vpaid&fv=1&cb=1654150793785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:20:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame FFE5 87 KB
28 KB 105ms
33ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:20:00 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Jun 2022 06:20:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C8BC 15 KB
6 KB 96ms
33ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=go4kora.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c -, , ASN (),

Reverse DNS

Software

Resource Hash

9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://go4kora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Jun 2022 06:20:00 GMT
server-processing-duration-in-ticks: 1963
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 110ms
38ms XHR
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:20:00 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Jun 2022 06:20:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C8BC
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=go4kora.com&sn=ChromeSyncframe&so=0&topUrl=go4kora.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=s5K5_HxOdnE5ZUxpZmhSSVh0aXMrMVN5aDcwUEFiMXF4dnJwTU92anhmU2gzUDdaNVkzYkpJYlBJdnJOazNzUVkwR3RQWUFVcTRoVFR6U1pxdnlmaEM1Uk1veGZqL2Eydk1SWk9OSFBBYWNSMmwxZkZyTThhNzNXSEZCdT...

422 B
629 B

378ms
28ms

Fetch
application/json

178.250.2.146

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=s5K5_HxOdnE5ZUxpZmhSSVh0aXMrMVN5aDcwUEFiMXF4dnJwTU92anhmU2gzUDdaNVkzYkpJYlBJdnJOazNzUVkwR3RQWUFVcTRoVFR6U1pxdnlmaEM1Uk1veGZqL2Eydk1SWk9OSFBBYWNSMmwxZkZyTThhNzNXSEZCdTROU3VTSWZwMjFIOUhrYUlyMndEV21qNUpTeTJQNWk1ZDNmM0FoeTk0Z3B3blZ2eGhvR0krZG1yU0dVbUFLRVgvdTV6MlVvcUpoRFJUNGt2OEZ1TGhXQUFFM3RKcGlCbStMcTdVTktzTXhwTXB1QVNDb2R1SkdIWFArYUlJSkhlWE14am9UdHMzVzhxcW1YVGtLcFdJUm5NdU9LNFlvQT09fA&cppv=2

Protocol

Server

178.250.2.146 -, , ASN (),

Reverse DNS

Software

Resource Hash

a7a1f384af23156f238ad1fe1757ac1a19a1b91269bca054fe60e0796770e5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:20:01 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4110
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:19:59 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=s5K5_HxOdnE5ZUxpZmhSSVh0aXMrMVN5aDcwUEFiMXF4dnJwTU92anhmU2gzUDdaNVkzYkpJYlBJdnJOazNzUVkwR3RQWUFVcTRoVFR6U1pxdnlmaEM1Uk1veGZqL2Eydk1SWk9OSFBBYWNSMmwxZkZyTThhNzNXSEZCdTROU3VTSWZwMjFIOUhrYUlyMndEV21qNUpTeTJQNWk1ZDNmM0FoeTk0Z3B3blZ2eGhvR0krZG1yU0dVbUFLRVgvdTV6MlVvcUpoRFJUNGt2OEZ1TGhXQUFFM3RKcGlCbStMcTdVTktzTXhwTXB1QVNDb2R1SkdIWFArYUlJSkhlWE14am9UdHMzVzhxcW1YVGtLcFdJUm5NdU9LNFlvQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1441
content-length: 541
expires: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 82A4 42 B
64 B 45ms
44ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Ctv57i1aYYvHBO9HV3wOvi4IYhZyfhGqnu-uO9g_i3OiZywEQASCZi70vYJGEoIWMGKABrcipvgPIAQXgAgCoAwGYBACqBPABT9B32K6ZjR6skexBj5Yw7IWOpqPvp2U4CNu_UBuqABGpWznN5DldaLool_KUXd_49mA88exwSFYI6hVZLlfsJ69L-faBAfaZbFA8EOM_ie6p35MBTbZ0y7KVZNplCGNCapPhrBP4d4i9hys13rWSK0GZZI6NhJd4HbAa2dlRszLBrdM9V8IhBjEVnc6SP3mAmgeu2w0fNlDJlRd08w_AecxQ9yKeKv4hKEFgv5LL2BLfL6ul7SSn6X8ncPRtyS5o3OTrQckzSVc3TQjTSeRzLuxf9mBSnlTiXzxDkzTZ4lc31QCynzCpVlwgyBxcysQAwASqn5Gk-gPgBAGIBZDIhe4_oAZUgAe7t9ZBqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTczODg1ODY4MjM1NDg1NDiACgPICwHYEwzQFQGYFgHiFgIIAfgWAYAXAQ&sigh=eutCEsfj7pM&cmd=Ch1jYS12aWRlby1wdWItNDkwMzQ1Mzk3NDc0NTUzMBAAGAI&label=videoplaytime25&ad_mt=3955&acvw=sv%3D926%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D853,9,1089,429%26tos%3D4014,0,0,0,0%26mtos%3D4014,4014,4014,4014,4014%26amtos%3D0,0,0,0,0%26mcvt%3D4014%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4014%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D857%26pst%3D448%26dur%3D20697%26vmtime%3D3954%26dtos%3D1945%26dtoss%3D2%26dvs%3D1945%26dfvs%3D1945%26dvpt%3D1945%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4014,4014,4014,4014,4014%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D693%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D24,0,0,0,0%26avms%3Dexc%26qi%3D218732983%26psm%3D-2147483633%26psv%3D-2147483633%26psfv%3D-2147483633%26psa%3D0%26pnmm%3D1654150794109%26ptlt%3D1654150801099%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4014&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.05%26t%3D1654150796372&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU0NzEwMjU4MDEzNTIMNTk3OTc4MzkyMDU1QMUCUiYQDyUSyqJBKAE6CzY1d3FIWi1zRVlZQglnb29nbGVhZHNImQVQABgB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:20:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
servt.modoro360.com/ 0
70 B 103ms
103ms Image
text/plain 52.206.189.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236&asid=603ba16fb889ef1ea87f5ac6%7C61b8974b41d4f33859638f17&pid=603b9ffff4babd238f32ea66%7C60095c900c0799791c46d8d4&cid=607d8fb337a8647f135f4f25%7C603ba08d7838bb0cfb4fcb54&h=ca20c00f7fa9df10949a8b392dbfe6e1b7d98025&d9=1000&ad=15&vi=100&ofpr=0.75&imid=25e043b96e73b752dc1ca93d6f2a144f_1723150105_2993699_1&e=firstQuartile&ad=15&vi=100&d1=vpaid&fv=1&cb=1654150793785
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.189.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-189-87.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://go4kora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 06:20:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 75F2 42 B
64 B 45ms
45ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Jun 2022 06:20:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST track
servt.modoro360.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022053101.js?cb=31067847

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=go4kora.com

Domain: live.demand.supply
URL: https://live.demand.supply/cpi/go4kora.com_auto_interstitial_desktop?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly9nbzRrb3JhLmNvbS8=

Domain: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/459486/hbw_master_323494_13494.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics&cls=0.000&mls=0.000&nls=2&cas=0.000&nas=0&wls=0.000&tls=1191.400&was=0.000&lcp=1025&lcps=9840&cbt=0&mbt=0&nlt=0&nif=0&ifi=0&eid=31067847%2C21065725%2C31067487&top=1&pvsid=3651429455707908&gpt=1

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEHGFHN96Ga5mzXhpN0PGmHo&google_cver=1&google_push=AYg5qPK1oCbD1LMEJwK_phM9k4tXKnmaM2gWjXqLUEan-m8hn3M-mYeQnSW525xlewKwwwIuX1phf-02R8Fs4Ok1THQFtrPcKOLjSA

Domain: servt.modoro360.com
URL: https://servt.modoro360.com/track?d=Chrome&cou=NL&cos=Windows&r=go4kora.com&rs=go4kora.com&sid=66798&t=1654150793&cip=31.204.153.194&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=603b9ffff4babd238f32ea66&test=&aafaid=&proto=https&uid=1654150793394-911564553145-006037-012-007319&cha=0.1&stagid=61b8979becdbe44a0161df9a&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.25&cb=49723556839&d9=1000&d37=realtime&AV_WIDTH=420&AV_HEIGHT=236

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
news4koora.ga/	1970-01-20 03:29:17	Name: ci_ses_ Value: r6dm41fi9vvf3vighiha56uko9bgc3r2
go4kora.com/	1970-01-20 03:29:17	Name: ci_ses_ Value: 51s0qj8spmsr1dm5jmts630c246of7tn
go4kora.com/	1969-12-31 23:59:59	Name: offset Value: 0
live.demand.supply/	1970-01-20 21:00:22	Name: demandSupplyTi Value: a3538840-e543-4084-a0fb-8ac2d3565e43
.go4kora.com/	1970-01-20 21:00:22	Name: _ga_5QKX54JRFP Value: GS1.1.1654150791.1.0.1654150791.0
.go4kora.com/	1970-01-20 21:00:22	Name: _ga Value: GA1.2.45469320.1654150792
.go4kora.com/	1970-01-20 03:30:37	Name: _gid Value: GA1.2.2093944220.1654150793
.go4kora.com/	1970-01-20 03:29:10	Name: _gat_gtag_UA_117897648_1 Value: 1
.go4kora.com/	1970-01-20 03:29:12	Name: __cf_bm Value: Ta_cnk.oZY3PHXAfS0KRQCyJF_iCvjyeU4pMMnQKY3M-1654150792-0-AeyI4nIgrFR/Ij8BVJfVXtHjYgLwXq0bt2cqmcke0ArMWumv4aNIOPcr3UwO4xQR+gJqXV5KJOSpo5KUiG6SuiC9u3pBeBVG1DR5cd4taLq64+q4zJXSZcDvXfyMKpOJcg==
.go4kora.com/	1970-01-20 12:50:46	Name: __gads Value: ID=9b623ba2ddfc33e3:T=1654150792:S=ALNI_MbCAoRKFRMs4QUpdc-wDFEBRIn5TA
.doubleclick.net/	1970-01-20 03:29:14	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 12:50:46	Name: IDE Value: AHWqTUncMbRPChFo_wM4MpbDc3b2VQwCuuCbNBg-kmnfyfAWEPA2qaERssTQLDnOLOQ
.adsby.bidtheatre.com/	1970-01-20 03:39:15	Name: __kuid Value: 7e586937-67cf-4846-8116-9f97ac6dd391.423364793
.3lift.com/	1970-01-20 05:38:46	Name: tluid Value: 1659915799959166251839
.ads.avads.net/	1970-01-20 13:09:29	Name: av-mid Value: 9a96cda2-a0b2-4388-bed4-dd4dbaa21d91
.ads.avads.net/	1970-01-20 03:49:20	Name: av-tp-gadx Value: 1
.modoro360.com/	1970-01-20 03:57:58	Name: aniC Value:
.rfihub.com/	1970-01-20 12:50:46	Name: rud Value: H4sIAAAAAAAAAOMSNjM1MzCxMDO3NDMwNjUwMTE2MxbiM9RNCw8MsbQ0NnUKLTMBAMvCWxklAAAA
.rfihub.com/	1970-01-20 12:50:46	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA129Q9LL4hI8wmJCKqsSE8qcax0jDevMgniNTQzNTE0NTC3NDY1NnzFiMoHAOhiXGs9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjM1MzCxMDO3NDMwNjUwMTE2MxbiM9RNCw8MsbQ0NnUKLTMBAMvCWxklAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA129Q9LL4hI8wmJCKqsSE8qcax0jDevMgEA5ceQbB4AAAA
.yahoo.com/	1970-01-20 12:15:08	Name: A3 Value: d=AQABBIlWmGICEO2okHtpP0daDyy6sHbVhpIFEgEBAQGomWKiYgAAAAAA_eMAAA&S=AQAAAqSQzWbaOAvOTdn9Ghc_MLk
.lijit.com/	1970-01-20 12:14:46	Name: ljt_reader Value: EvfbtGZHQCcxCnLVTcmB7E7y
.analytics.yahoo.com/	1970-01-20 12:14:46	Name: IDSYNC Value: 18yx~2586
.rutarget.ru/	1970-01-20 07:48:22	Name: userId Value: JT9kMPYqoZ4m
.adnxs.com/	1970-01-20 05:38:46	Name: uuid2 Value: 4239826597430955658
go4kora.com/	1970-01-20 04:12:22	Name: _pbjs_userid_consent_data Value: 3524755945110770
.360yield.com/	1970-01-20 05:38:46	Name: tuuid Value: 41fd0c86-d88f-42e8-bb83-7c6a076e5301
.360yield.com/	1970-01-20 05:38:46	Name: tuuid_lu Value: 1654150793
ads.stickyadstv.com/	1970-01-20 04:12:22	Name: UID Value: 8ca5881959eafc5bb5aa1bfecbcf07c
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 8e4944ef5a592ff2efa0a61bb6935c14
.technoratimedia.com/	1970-01-21 23:17:10	Name: tads_uid Value: GDPR
.casalemedia.com/	1970-01-20 05:38:46	Name: CMPS Value: 3176
.adnxs.com/	1970-01-20 05:38:46	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C'!jyNCp!]tbPl1M>e)ZlrFUfJ+tGXxpC^LTcYLaAm/M^xm6HM0QXA2@?vYi7.xPNzmRbpRzqF1`*b^yc)wGx5
.casalemedia.com/	1970-01-20 12:14:46	Name: CMID Value: YphWiYaal8lOGvfv6sAbDQAA
.casalemedia.com/	1970-01-20 05:38:46	Name: CMPRO Value: 1126
.modoro360.com/	1970-01-20 03:30:37	Name: 2_C_200 Value: OPTOUT
servs.modoro360.com/	1970-01-20 03:30:37	Name: 2_C_200 Value: OPTOUT
.modoro360.com/	1970-01-20 03:30:37	Name: 2_C_3 Value: GDPR
servs.modoro360.com/	1970-01-20 03:30:37	Name: 2_C_3 Value: GDPR
.casalemedia.com/	1970-01-20 03:30:37	Name: CMST Value: YphWiWKYVooA
.casalemedia.com/	1970-01-20 12:14:46	Name: CMRUM3 Value: 2d6298568a2760CAESEHHsU5dautx_gjTcY4VvH6U
.mathtag.com/	1970-01-20 12:55:05	Name: uuid Value: 2b206298-5689-4500-a65e-aac612d6fea8
.mathtag.com/	1970-01-20 04:12:22	Name: mt_mop Value: 4:1654150793
.w55c.net/	1970-01-20 12:57:58	Name: wfivefivec Value: OHYNsTRt1NWEbw5
.adform.net/	1970-01-20 04:12:22	Name: C Value: 1
.w55c.net/	1970-01-20 04:12:22	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 04:55:34	Name: uid Value: 2417882598111384900
.tribalfusion.com/	1970-01-20 05:38:46	Name: ANON_ID Value: a5nseFsjyDimTFM6F0kZbRsXoBwx64Jdn4DmVaZaicwBwIvkV7IDVWhxdLeZbeqswAZdfxNHBHMrqTylMoTjqkFW
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 1FP2zt7Pb7Y
.youtube.com/	1970-01-20 07:48:22	Name: VISITOR_INFO1_LIVE Value: MET_Jw3RxNo
.modoro360.com/	1970-01-20 03:30:37	Name: 2_C_133 Value: 695888fedbd905725c7435d47f09da36
servs.modoro360.com/	1970-01-20 03:30:37	Name: 2_C_133 Value: 695888fedbd905725c7435d47f09da36

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ups.analytics.yahoo.com/ups//occ?gdpr=1&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30dd6248877c3949a4ef2a0f8d851d61.safeframe.googlesyndication.com
a.rfihub.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.avads.net
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.nl
ajax.googleapis.com
ap.lijit.com
bid.g.doubleclick.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
cs.emxdgt.com
csi.gstatic.com
csync.loopme.me
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
ghb.aplhb.adipolo.com
go4kora.com
google-sync.rutarget.ru
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
jscdn.greeter.me
live.demand.supply
match.adsby.bidtheatre.com
maxcdn.bootstrapcdn.com
mug.criteo.com
news4koora.ga
onetag-sys.com
pagead2.googlesyndication.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
r2---sn-pouxga5o-vu2s.gvt1.com
r3---sn-axq7sn76.gvt1.com
r3---sn-axq7sn7e.c.2mdn.net
r4---sn-5hneknee.gvt1.com
redirector.gvt1.com
rr2---sn-x2pm-3ufr.googlevideo.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
signup.adipolo.com
static.criteo.net
storage.de.cloud.ovh.net
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.technoratimedia.com
tg1.modoro360.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
unified.adsafeprotected.com
ups.analytics.yahoo.com
vid.vidoomy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
google2waycm.netmng.com
live.demand.supply
pagead2.googlesyndication.com
player.aplhb.adipolo.com
securepubads.g.doubleclick.net
servt.modoro360.com
103.145.13.87
13.248.245.213
141.95.4.200
141.95.98.65
142.250.185.194
142.250.185.66
150.136.25.38
159.65.197.210
172.217.16.130
178.162.133.149
178.250.0.165
178.250.2.146
18.193.44.114
18.195.155.181
185.29.132.245
185.33.221.119
185.33.221.50
185.48.9.141
193.0.160.128
198.47.127.19
2.18.234.233
2001:4de0:ac18::1:a:3a
205.185.216.42
213.19.147.45
216.52.2.48
23.205.235.133
23.35.228.201
23.35.228.247
23.75.240.210
23.88.75.189
2600:9000:223f:2800:1b:5138:8a40:93a1
2606:4700:3037::ac43:b587
2606:4700:4400::ac40:98f5
2606:4700::6810:8516
2606:4700::6810:f34e
2606:4700::6812:bcf
2a00:1450:4001:800::200e
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2006
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2016
2a00:1450:400e:8::9
2a00:1450:4012:4::13
2a00:1450:4012::15
2a00:1450:4013:c05::78
2a00:ff0:1234:3::d
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:698::2c79
2a02:26f0:3500:c::5c7b:680c
2a02:26f0:3500:c::5c7b:6837
2a02:6ea0:c700::2
2a03:2880:f007:8:face:b00c:0:1
2a05:d018:d29:3605:8660:50c1:ac48:83f2
2a0c:5c81:5142::2
3.126.56.137
34.241.99.155
34.98.64.218
35.205.207.25
37.157.4.23
45.133.44.3
45.9.24.193
46.105.202.126
51.89.9.254
52.206.189.87
52.222.209.55
52.55.132.212
54.239.38.253
54.247.7.78
54.85.47.27
69.173.144.165
74.125.133.157
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
05bc542bcd29803a843c851c578dda9c21c9d6fddb1d360f9c297838f720460f
06557c9472869e4d37c14ca11d6960f5f5780a22b6e82aecf1d2e8edb41b0ee0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06bccf28d3c0bc88ee52a454fdf140ddb2085f308dd18ea7279bee1471900350
0adf45ed6d157c9460d611d0be6e8380722abfef91c2d393c6655e13da4432ea
0b07f50b601b63273ca08da35705892868cce6c3293386097c79b976c352c930
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b33ad08e44ee4fad671f0cad85bfb97960973cfe5fd50b1cc2dbeeb6f47401
13d2393b2f7728d3474768349cd3aa24eab85de54c1541a56d887829b53e4173
15ceb163867a9019d0259a656d7298fb92c2678fe0d8a8cd12a0225c577e00c3
1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9
173e5608ba7209b8ac19f3119aaced7f46fbc278c6f7575a435106885bbb6406
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b5d6db36aafbc4d353dc2838a78108f28a29eba4ea7b57367ffc334b8d91ea
1a729543bf3f1dea35f0b5c2c43e45345da48396b5642552a59f8599ed2dc668
1dd433708cb7ca53a7ac9c6b88da2081520d809dd296b45cd54eaac443a12923
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1eabadac42cf734244db7ffc1ccbe12580ef8574ca267ca2f106439d9eb6169e
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
230b6af0dad07b2ae460899e8d590b66e0587883d4120db9723bddec619be5ae
23229beed834a4ea7199399a8cda7d3d3355099c25e1cda56c7181b0d8ceeb8a
233e6a52c742763b998f8b21cd5867a6006c99b9dd62d84d88a2877d579f3ec2
238fd7ab0dd5fa0280ec9d686e10970d2466e89133314acbd01bc3d98dda7bf9
243f9298fdf5ae6543d77968111398d390d9adf0115d11d0f2f1692695088176
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b9e7e6af8c8590a8ebc1f7b4efdf9962bbec4f57ec35e730bf50c01e3277ba8
2db6f197eee163bea53c66d338b49105218a6e4cf99b2f21b46d4983bea81956
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3042250e6e9ece43bc139bb6a515d7e75012e511f655015d64798a84e8e1cf0c
3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c
3445150d22624c2efaf1df34fa8491562e8421a5f4be7e06226c08ca4b60b310
34f2c76afbba2ec6294fc0ceaf7bf796c8b6796105305b7068f7391290ef325b
352ee481b6b43b3d2af716daa64b971a673849d8089ae2f9846f165cff8f1cdb
35697d74383d976566f50c4ea14e4fb2fa04efa4c25ae33584da0921341339fb
36ef75ac599a1d85560cfcc80d139dbd755596ae4cd9e55b65ce0d4330079cb8
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40985f900d9d90bba5e72ca36833fe72d168ee240b51a8c48cc6361a13568887
40ee46e5a289b1189c04a015f0f14cdc0984814fd1a4b69b1bf1ce0193066c5f
41a4650481e83752c89317b3896df89e49ce56b09ab272c963a7ac7f795dbfe9
41bb128c325348bfd33d56b491dcb95d8aab85265b135bd227bb11aa272b5d70
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
41cde5d671325aa3ee2d6232340befabe0b74365271b3e227987fda940895591
41e3d50a9f8acf9b55cf781cce39289a0039996ab6d02febc414fd3d6d07d399
4317cf568ce364f433b3d3654bd15634c4e32ab44c4691b3ae41bbde15ae2b7d
44d70d496e847346b8c08debe6a4ff20760fbe37aebeff6aa406ea993abf10f1
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49fc3b6a51c6c7aea5c59e8f65f8b3f97ac306022ab29cdd901f826e799d3a2c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4f521847abb52f3823b69698fe5290026f5a87ab390cf0e88d842e7abc329eab
4fb0201eb648ada7265dc5c9bb6c5a4cfcf49364b4a9bec976557bb6c2369a18
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
550c08aebd5519d84edf7466eef34e117380ae5e198b8653a3e6eb392b147ab7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f87ec06fcd0c33b1ec53009d060a1082b2a649280a9fbc2cf7b4921c444c01
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
590c9c8a499bf5bd52784c2bbbe0c69bc4f2f8c2ed0cc0e44c3cdaa62e1d672b
5af3a3fc8e80f50f581c3fcf3fa485cbf523ed683107d1de599f2770193bd28f
5c0892888c6ab8a6845d63d520728c85bf3df8a8229c815efb36302117685cda
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eb91ace0a49779892a90aaad182b91b9a065f54d71348f6f229c25c0f9a7199
5edc47ef5eec83aef9e79b0e2f23e47324d0c27328b2f81c89d8c8a9dd093885
5fe2c91e401a2966029b07099d138f903d3bfcfad86da5a7c33d85c548b303af
601f6f5eb8b14d43a44a24e2a46bf878a90fbf4e4e35fb2dd62d80df8f4ba4af
60d2894aee443999f4d7c45136bb36bebff6eb5703723c2bfb8b010d1ba17176
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f2cc8fb4cd401218078d4d1229f089370c1246fa43542fae0d64414afa5480
65b52fc9a44ec50580e99081b1c01ba7f67c05b33148b3cae47eeb926755f888
663c9b9be1fae766b50858e1ac11f67d14d4921f41d2b294f8d485979b080f9b
6a7b3c6dd66c88e7db6eeb6ca64342e2256a61bcd96889b2f6337aca61a0237a
6b10905e00c5413c589e84b0d29d2381ef19ceec5ebe77c9c4e04b7dff26b797
6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ed20cb52595f6abbc5bdd2c52fa323c05120aeee11dfd9ad8401883bd7b4909
6fb71c26f6b5c42a6342209c15dc7f51e8f4e55126e3e39b7df73a11ca744566
6fe5ed249e779d6c96662d73a680ada1af0b1a94a78bbc8762301e59e128c377
703e7eb45e4bfc281f6dac1b7b0602925272ae5ce9bc8153ecf999b109cc520c
736d370b1cb50f0e26baa7009a8c0b7cff5a2718276f58d9b2d494f40568e5f8
757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701
75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362
7582b7baa8de18c3db3ecd10d8c275fb750d7941920db021fac05f7839ca3b37
76d65157f9610829cb35486215ea8ce54e33472af03af02bfdb144561dbc5c54
777c66e7fd3952024a5974c723f88ebb6e5bfb1477279e7582ae74264a38e230
78ab4ebd99c00edf86e467f13914aadca158f04769aeba663a348b39f8f247e0
790e21247bf22087a15e0da8bfbb1ac55c7ec90deb11d38e6ab05875b7553fcf
794d61e219331f90223f84b6f7806082dd2fb5388d3c74af6bab63ad2ce022bb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
80fce74c7c8dedcd04097f8de199c800f088bfaf437766ac9ab495f15a55ed7b
81f81876b4387198404355d437528c0b4c15d91fad02096d161dbdc8cfdbe731
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8373a220c22784bfc135ba3ff7aa1286fc3b665130b212e5f5dc95b1db3bee6f
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88ba15c9bc1ab764a5d87136d8ce4db46e53073f7463d91e8f5050a40545d5d8
88f7dbf7396bb8012ca9177de615c473347785e0dc0788f62fd4800534d1dc11
8997cbc9b57abebb7d2c833f8aa91aaec29aa339ef5d243fb4d966e3f0c361e1
89fcef2fe8204ec89e703202f4313758021687559f6216a92b5379a753015e9e
8a1baca9226cd9ae32c72f4e6ddfa87a809617baa7dd7657779df0ca4eb153fc
8a21237e89a64f21361e672891781da93ad6b81f3f92fc68002215336812f91b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8eb80fc1406d940d92493ed3e3ac5bfff4de8ec85b599bd9972ced0a4b43c2b0
8ebd937e5d2d3acb67115d6d6ae97b998bd52f351f984a0a31fb35e65efcba71
8f0ba891ef90a7614caa05b8fc18000f0dea75f166c699e221bcb808cb0e0f19
8fe34b8c3a1a835c88704434df8c2964215ccfda96757e381bf483ccf34f329c
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98da03860bbe1f8591d94c443c38930324298709b9218d0a3ad51106903d14bd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adcbce27a94f1a18dbded1b0024b427af2f13ae66d9390dacae83017cd3e460
9c5caf538a167657e5b5f8ce0c9b8e1ddcaf025f2ccb00060ecb155d13f03090
9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec
9eafd2117751071219c64580e1803f55c461ce55f03cbe0fc34a33d766270b31
9faf9d5aeedfcc89838a101d4992ccec87b9c0d02772d33bc329c1aa21bcd96c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2adb68c76e2735e5002496994c321df068c41203f4735db7c6ffb047a869b05
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50a6489d99ed5dff7d450ea7d70f359957d679d68a70c62de36f8acf7a1f86a
a5d958be76e970124b20b9d17b84962fae1ad78a436652cf10194ac5fb3ab27f
a60d2c15272c40286cf94695f6d5ead357cfa56def46fbe4f8278a31182e7a40
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a1f384af23156f238ad1fe1757ac1a19a1b91269bca054fe60e0796770e5cd
aa7fdfa58b30ccdefdd8f99a40cd0c78aecb8e858b5256d07fec8eefa95518a6
acbdabb44d595f9c93d60914b66a77fc7ed21c673e99f22f7a660ef028ed93c3
acff2f7ced83945dfb1b2227c926ec6a29d4c9ef436b6cd78a0d0d7447286a09
ad32401f29b9ea729eb994242dbd572f62d7605bbbfd4d95bdccd1a13c02aba9
b1350a0e4f8b6c22b6e7938ad9d13a7ec5cb3091823c0fcea09e757ef1695645
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a
b4d63a0835d5a91bb2c9d64cdb65711bd7ac480c6daac8163ba01007d3973855
b699fd06e3bd1d4364be9deaf4d28449e0549e99264e6fcb58a84366a433bd3d
b90325364e7412e76f70735b18e3ed69f30b50f8f12275d7df1270b6f50f8df0
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2
baa169a81f2edffe08083e5bf322df3813055d81e60a8c91e1d9f1b8bdf425dd
bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f
bc8ebf0e68e90c9cfed71f96856097eeecf54d0927c9a1c6d1af947d08ceebbb
bcc5de0f53784c98bf4b3345b43f7d95736bd096e7ce0b8132a0555624adc13a
bd3b40be5cc9c7a230210957fe0818b635aff3c40f0531db260ed2670b7f732c
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
be1a9703d742d9e1ca36a740c33fcc122d01a0e5cba8328d1e140c1aee3f8d81
be59918da7b51426f1c69a4cd89123cdbc9e74f16d358e9b681df36fed20a4d8
bed6129de6971105a37364241ab873900d32ac346c9ab5709d7143999c3660d3
bfbbd3a1a2be3136cb41e4a75909e46ea1a7ea09fe9039b7cff18f1326224054
c08e77a12a044bad312740ff5e3aed24540728976f798a2584d6d9f7795b37da
c12e54a20f038aac1bb5e22da187cec2d506661f571fb56dbd7a611d2fe14b57
c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a
c4b2bb9f7daf4f2f3ef930ec5eccec7ef32af9930cd2e454fb51fb1bf26bb2e8
c5a8e407b43247b83adf478ea8dcc988109ba6d0441b17a252af4ea1164e89b2
c5fd189d680898294e002cd911f354f2a6a495cb3079f22f7f381a1a4d654715
c83c3fde7d39843c4ff04bd8f1c944876dcfdb4410b1df84606ae767ef31ef24
c9daa60c6cdb7d7a2a1682e44e5496699038360f2c147b26b2363c7cab33a85e
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
cc3868a6bacbf59075594685e6e11d3e9760bbc9a8a3a577a0700a15b802b586
cd67d3ef1a4202a1c67fe1c79bab8338c13d5df2bce075a40fedc3bdd930518b
cf99cfb5ddd705ffb0ca32e221ab207947968503732683f40f6751a40baf1898
cfdf5cfd7a8fe4da417f41dafe2b7779c714fcca9776bb473b71b37180e4c640
d04270929a7b55e11bad5612cec9a0bc6f99aa203065ebb49282a8e10ed3f897
d09f9aa913306a379f29c77e3e0cc42115da750e4ec48d0f8a53fe071393b862
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
d79ce60440e1bc506cdf3ebc5117ab489e530785849e14acd469d1928c6a6b5f
d7b5fa13bd81fd1487b8937803682d44be1edf981ce7deecb9bfa5f916cdeda0
db0486ac0154d88f65e2b5604a82fba1374e3908910560e97ee5f7915a001c0c
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
dbef19932cd9ceb0a0f5d162179f3e59b8df6dcc0e435b9d3343c5808f034936
ddb78e39ef01880fa4142076ce7d168155adf8d351849e7ea631cfbb1902ae84
de8a66f01623e08572708da88309a0aaa41ca92452c58f71f8c1d87e58962562
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
dfc31b51a4d9c52eb921adffb63bfc82ecd08595535975ead89c6d8908601a92
e09639315704980552b92eaae21f66af00a6e8a371f757f76b0b12420c2ed2a7
e0df904107eefe1451a7efc3f120b91d786bce5ce101ae2d89c775094907ea58
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e26d2e29bb754910e0dd7d26c65d4e1fefc65e9a9c37b9c8abdc1b7a5773a3c0
e2c471bddbb30ec6344269a7933251cf844921f046f12eb21babb3e84b7e754c
e2c5aae989ebecc48aa3e455d9e066b4f90add7ecafef55cef8fce5a5823a735
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e36a62172d00dfe1ffb8e7de83875e80e7b90eccfd6ccb4b04af19bb887e697a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f0b21790ad05bb8f0dc48cc043594e820d1fdd23ddd538ef8be20494149014
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8c287537c67708aa38e91a2bd427e8ee691ca7ac3a264a2640eb6e36a72f811
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ea043c9b1b53c6ddb9afe4bdd8d9838b54fe54435d9f6ea140ebe80478264b2d
ea49165f8381e38fe6c60d67c0d5a79387188f28edc285d4e0a19d707d361f71
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23a79d0f7a1525618b8df0c196c65fad4d42afd4eafa80fae381cdf8404e268
f23ce3a908dabd98caaa52aaa2681fb06ed05811d0fbfe00d5d16374a181b73c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5eed8da5303f6480c04b010ca505967485e334cd44aa7eaadabc051d4baca26
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8d0316531921bb0101f713b682b6027d2f2abca1be2a858f52da2838926083c
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fd3d0f04744e340aaffb9cf9f76a4a90a07e63f268a8930f9cb02d53f7ad261b
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
fd4ddd446917b19e6b522a553cbbfa3f9ae1893ab2d96010048582bd1edcbf9f
fda753b016564ad52f7724bdbdf7ed9efa2afbf5e9ec9caa79e668b02513e9af
fe92c85ce0dabbeb56c9aa54bd9ac8f625305572d23fd573756afac0a9e0fa91

go4kora.com Open in urlscan Pro 2606:4700:3037::ac43:b587 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

466 Requests

93 %HTTPS

49 %IPv6

60 Domains

96 Subdomains

74 IPs

12 Countries

15081 kBTransfer

28390 kBSize

53 Cookies

6 Outgoing links

Page URL History

Redirected requests

466 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go4kora.com Open in urlscan Pro
2606:4700:3037::ac43:b587 Public Scan

Screenshot
Live screenshot

Full Image

466
Requests

93 %
HTTPS

49 %
IPv6

60
Domains

96
Subdomains

74
IPs

12
Countries

15081 kB
Transfer

28390 kB
Size

53
Cookies

466 HTTP transactions
9 data transactions