koora.kora4live.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://koora.kora4live.com/matches-today-h2/
Submission: On June 17 via api (June 17th 2023, 2:59:19 pm UTC) from US — Scanned from NL

Summary HTTP 265 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 43 IPs in 11 countries across 46 domains to perform 265 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is koora.kora4live.com.
TLS certificate: Issued by GTS CA 1P5 on April 24th 2023. Valid for: 3 months.

This is the only time koora.kora4live.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:f800:a:e047:753:be1	() ()
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	54.229.146.125 54.229.146.125	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6814:41d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 44	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4 4	2606:4700:20:... 2606:4700:20::681b:4071	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	2606:4700:303... 2606:4700:3032::ac43:8365	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	149.56.240.129 149.56.240.129	16276 (OVH) (OVH)
1 7	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
7 36	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
4 4	52.59.0.175 52.59.0.175	16509 (AMAZON-02) (AMAZON-02)
3 3	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3 3	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	64.74.236.95 64.74.236.95	19024 (INTERNAP-...) (INTERNAP-BLK5)
1	18.180.242.12 18.180.242.12	16509 (AMAZON-02) (AMAZON-02)
2 3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
8 8	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 4	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:cc49:11d8:a79c:a08b	16509 (AMAZON-02) (AMAZON-02)
2 2	54.93.94.222 54.93.94.222	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	34.243.190.116 34.243.190.116	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:af59:edb8:6ff5:5fcc	16509 (AMAZON-02) (AMAZON-02)
1 2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
265	43

10 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

koora.kora4live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:f800:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.146.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-146-125.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:41d (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681b:4071 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

www.kooora4live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands) 4 redirects

ASN13335 (CLOUDFLARENET, US)

kooora4lives.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::ac43:8365 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

kooora4lives.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.129 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534297.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 172.217.18.2 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.0.175 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-0-175.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.167 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.16 (United States) 3 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.95 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.180.242.12 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-242-12.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.6.233 (Denmark) 8 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.7.11 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:cc49:11d8:a79c:a08b (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.94.222 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-94-222.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.190.116 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-190-116.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:af59:edb8:6ff5:5fcc (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155	660 KB
64	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359	439 KB
28	demand.supply live.demand.supply — Cisco Umbrella Rank: 40755	40 KB
17	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com fonts.gstatic.com	433 KB
13	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	271 KB
10	kora4live.com koora.kora4live.com	120 KB
8	adform.net 8 redirects c1.adform.net — Cisco Umbrella Rank: 635	6 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	8 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207 Failed	391 KB
7	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2114 dis.criteo.com — Cisco Umbrella Rank: 601	9 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	4 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	110 KB
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 361	2 KB
4	kooora4lives.io 4 redirects kooora4lives.io	1 KB
4	kooora4lives.tv 4 redirects kooora4lives.tv	1 KB
4	kooora4live.com 4 redirects www.kooora4live.com	1 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 874	824 B
3	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 772	2 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4988	1007 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	3 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 920 s.tribalfusion.com — Cisco Umbrella Rank: 2022	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1404	453 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	1 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 36977	1 KB
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 566	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1012	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 560	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 421	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 375	529 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 976	1 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12395 s4.histats.com — Cisco Umbrella Rank: 11738	5 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1538	335 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	12 KB
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3231	104 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1675	296 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44520	609 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 8176	44 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	553 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1832	248 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 583	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1509	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1408	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 379	896 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	81 KB
265	46

	Domain	Requested by
39	tpc.googlesyndication.com	1 redirects koora.kora4live.com securepubads.g.doubleclick.net 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
34	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
33	pagead2.googlesyndication.com	koora.kora4live.com securepubads.g.doubleclick.net pagead2.googlesyndication.com 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
28	live.demand.supply	koora.kora4live.com live.demand.supply client
17	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net koora.kora4live.com 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com www.googletagservices.com
11	s0.2mdn.net	koora.kora4live.com s0.2mdn.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com koora.kora4live.com
10	koora.kora4live.com	koora.kora4live.com
8	c1.adform.net	8 redirects
8	fonts.googleapis.com	securepubads.g.doubleclick.net 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com koora.kora4live.com s0.2mdn.net googleads.g.doubleclick.net
7	www.google.com	1 redirects tpc.googlesyndication.com 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com koora.kora4live.com googleads.g.doubleclick.net
7	www.gstatic.com	9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com koora.kora4live.com googleads.g.doubleclick.net
7	www.googletagservices.com	securepubads.g.doubleclick.net 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com koora.kora4live.com googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	dis.criteo.com	2 redirects
4	x.bidswitch.net	4 redirects
4	kooora4lives.io	4 redirects
4	kooora4lives.tv	4 redirects
4	www.kooora4live.com	4 redirects
3	onetag-sys.com	2 redirects 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
3	ap.lijit.com	3 redirects
3	d5p.de17a.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	r.scoota.co	2 redirects
2	sync.mathtag.com	2 redirects
2	pm.w55c.net	2 redirects
2	googleads4.g.doubleclick.net	koora.kora4live.com
2	b1sync.zemanta.com	2 redirects
2	eb2.3lift.com	2 redirects
2	match.adsrvr.org	9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	um.simpli.fi	2 redirects
2	encrypted-tbn3.gstatic.com	9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	esp.rtbhouse.com	invstatic101.creativecdn.com
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	cc.adingo.jp	9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	encrypted-tbn2.gstatic.com	9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
1	encrypted-tbn0.gstatic.com	9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s10.histats.com	koora.kora4live.com
1	mug.criteo.com	koora.kora4live.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	www.googletagmanager.com	koora.kora4live.com
265	62

This site contains links to these domains. Also see Links.

Domain
kooora4lives.tv
go.yalla-shoot-matches.com
kooralive-tv.net
koraonline-tv.net
yalla-shoot-tv.net
fal3arda-new.com
yallakora-tv.net
koooralive-tv.com
bein-match.net
yalla-goalz.com
as-goal.io
kora-online-tv.net
yalla-shoots.co
yalla-lives.io
yalla-shoot-tv.io
kooora-lives.com
livesoccertv.tv
soccer-stream.tv
livehd7-tv.com
egylive-tv.com
korastar-tv.net
livekoora-tv.com
yallalive-tv.net
sulvo.com

Subject Issuer	Validity	Valid
kora4live.com GTS CA 1P5	`2023-04-24` - `2023-07-23`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-04-28` - `2023-07-28`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
histats.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M01	`2023-02-13` - `2023-11-11`	9 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 33 frames:

Primary Page: https://koora.kora4live.com/matches-today-h2/
Frame ID: BB5F34825E5569632DC6D1D59F76C0FD
Requests: 86 HTTP requests in this frame

Frame: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A980A24DFB0CF7DB5471CA2919980FDC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=koora.kora4live.com
Frame ID: 26424EDA0380C1A0E7E02B361DF11E52
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQBxmQ1Coct3yvZzccamz65FO-XzREBDlT1OLlxGQ5Ek0zggSCIbkgcntuuGAvKy4BwwMaVHt3Pn5TTkyhdQTdwW7cag8o3PODOjxD6nymoaEOBIFpOczvVylSRce3XbgyScsywvjFlY0ZylYS9uf2T8JU0ikWtqmOKzDxglb32m0XgjTPlu97nHpYkFWSIfBksaMxxP4PK_anGmSOyFHI-FhJN0qbW_xXNmUblAzNxtMnkTfPtmRmGXgEyKci__y9D38BEGOUbfGUMJI_vsOaz2odKVXrF8Bk6ANIhWT1ILwaajRljlwa0N_7aN8SLxVgaqXdow3QA7w2QxpeDtt7WohOO6_-UmpRdu9_OOLVpHOXbkeXhBifzUgAW7gtlbfZD6NW5dT_8wxz2cSt8Tw&sai=AMfl-YTxHhJ9QzmGErDFZfTyyxDF1wcoklP789wOppuw7aIippc2lPuWiNPR-EnDWD571lbI8n1AFjoglpuW4IF17pg4e2QRPEdLi4a0npB-TqPTYOiQ2YgoSRndeceUV6JzzJ1CGvenoFqg-qXz1HDy&sig=Cg0ArKJSzMt9AwxqNAELEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 90F39053C08C7AEC88654B9D499673AD
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV6ZMJU7iKjWqW0uF7bqNGSVaX33kyL6no007JpQeltOEXbCAE3WoIZs1fLHRNnGOFI5L1o5Isvu7QVQdoBOifB9IHmXMMJEQK5VSmmMrkvk-c9ZsJzKiZHtOKR4MVMSzEEzVIadpfqvdBuTY_78WuLGwZksCoSHK39XZUwi645-wramk8X5hsX00Wqpx4TKhM-MnW0GO4cqPHgxD2t3j3oJbWReQxF4qpM8bWwtnookg6V1USO1YD92oOwJVJNwpcm7os-8uOWxRKN6Zkvqx264edsxTuZtisqIExjMq6Jm0uz_QJK0mWxspULngUBt-9RSphzuqcqFjm_rafQR9t7rPd-j-KkhAxGTOGe3qkWP7o697KEz3X9HC5XLkCwEEFGL-ApAVBvUGMT31VOao&sai=AMfl-YRS03la3hJqu6MY25tvQYnLu8H8KLICf3byK0k-AMoH_bZZ9NRVew9PabHa_r2sG8kgaop6TkFMET5bRdP0yrvhUjp-AxqujxKEy0neBhv9M0kC4SjnVFMPfLXU2WVzW-2QrDUHAMlMLRx4tYWP&sig=Cg0ArKJSzOUSgx0AClT_EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2C532A311AD36C9D0C5615FA7CEE0577
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html
Frame ID: 5D56B38866751A765F99B412D551368B
Requests: 1 HTTP requests in this frame

Frame: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6804AD43DDCEC8463E8E1AB66EDFDF06
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Frame ID: D4D7C10B12CC2961A0D502C2ADCBA941
Requests: 15 HTTP requests in this frame

Frame: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B6273C6FCFE6DC074A96F432D06EF1BA
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AF184D561C3417D03AAE85C088E11F0F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C39D2AE8E7F821AB06D7380CD68B1446
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHu6N8EEK_W_eQEGNKywOwBMAE&v=APEucNW_fHbLvDDWBza1tFZYlgQPBXGXX5fqgHNB6vr5KEu1mAxBOPthSexYoiO4wk9dzktwxg-Zh-kA4gYmTGjrj322L1yIkcNip2CgykKagoAwXZPtQ-s7Leq_O5gU5a5qEavBjxTKQ2mFSBZ0xVt_e9UGvP2_bTV08bsm3jOkJjdmV6e0LJbzKM8_cS7-oUfKRiOnEnY2CSRyoeAKOFIRvwDd_dTFhg
Frame ID: 219CFF373CFC6EFC321E8CA296407DC6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=3025194257&lmt=1687012655&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013951704&bpp=2&bdt=1394&idt=412&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadffab67079b19b5%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MZN-dOYXTsfyUi4H9gZk25hvjIy4A&gpic=UID%3D00000c4a89933e43%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MZDA-P3tt0eSUOY44PSwqeNSu9HFA&nras=1&correlator=1423665143511&frm=20&pv=2&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31074580%2C42531706%2C44788442&oid=2&pvsid=824341492987063&tmod=152745476&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&dtd=453
Frame ID: 91A7A6376CF6356AB0CF054D6A5AB638
Requests: 1 HTTP requests in this frame

Frame: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9C2C1CC501A2C0BB9BE683C78655A52B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 673D85CC0C604FEE58A54C5F44F5872A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DCA562F17A3CF65061C1F54A066476B7
Requests: 3 HTTP requests in this frame

Frame: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4DB6B6A7568759C032AD435EA8EF2E69
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/index.html?ev=01_250
Frame ID: 4348C006B7CEDD269314B02E8ADD5077
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html
Frame ID: B1A26B445E7E7609BB84904E1A6C8562
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DB63CF17A34AD22CF002F02940B03667
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F05F037DDCAF1B5638EA629BBCC69A07
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E9D28C92FC6A2BF690F2AC9B11D0E096
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 5B34EA6CA8DA2348F1C19E5B0DB1522E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 2046B5731220F407496AB4FB741F41D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Frame ID: BC0DE7770D49E56A34FF59AE053564DA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Frame ID: C16704A338E3B9095ADD2771214DB41B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2C3BDAE1A273E942EFE77733C01EA14D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51F95A5665FED33C0675E209E5F3E696
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51C73126F37DCBA3513405AE02706646
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B374060CC8BCC025396957107492D33F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: A7E9B373E27C53C29229604D415FAFEA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: F12978EC79FD361799FFC293AE82C38A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js
Frame ID: 9D6EF07AFA0BC1DBFB51020C94A8A986
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

مباريات اليوم بث مباشر - كورة 4 لايف – koora4live اهم مباريات اليوم kora4live

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

265
Requests

85 %
HTTPS

53 %
IPv6

46
Domains

62
Subdomains

43
IPs

11
Countries

2620 kB
Transfer

6547 kB
Size

44
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://kooora4lives.tv/
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://go.yalla-shoot-matches.com/h2/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooralive-tv.net/
Title: koora live

Search URL Search Domain Scan URL

URL: https://koraonline-tv.net/
Title: kora online

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.net/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://fal3arda-new.com/
Title: fal3arda

Search URL Search Domain Scan URL

URL: https://yallakora-tv.net/
Title: يلا كوره

Search URL Search Domain Scan URL

URL: https://koooralive-tv.com/bein-match/
Title: bein match

Search URL Search Domain Scan URL

URL: https://koooralive-tv.com/yalla-shoot/
Title: يلا شوت

Search URL Search Domain Scan URL

URL: https://koooralive-tv.com/fil3arda/
Title: fel3arda

Search URL Search Domain Scan URL

URL: https://bein-match.net/
Title: beinmatch

Search URL Search Domain Scan URL

URL: https://yalla-goalz.com/
Title: yalla goal

Search URL Search Domain Scan URL

URL: https://as-goal.io/
Title: as goal

Search URL Search Domain Scan URL

URL: https://kora-online-tv.net/
Title: kora online

Search URL Search Domain Scan URL

URL: https://yalla-shoots.co/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://yalla-lives.io/
Title: yalla live

Search URL Search Domain Scan URL

URL: https://yalla-shoot-tv.io/
Title: yalla shoot

Search URL Search Domain Scan URL

URL: https://kooora-lives.com/
Title: koora live

Search URL Search Domain Scan URL

URL: https://livesoccertv.tv/
Title: live soccer tv

Search URL Search Domain Scan URL

URL: https://soccer-stream.tv/
Title: soccer stream

Search URL Search Domain Scan URL

URL: https://livehd7-tv.com/
Title: الاسطورة لبث المباريات

Search URL Search Domain Scan URL

URL: https://egylive-tv.com/
Title: ايجي لايف

Search URL Search Domain Scan URL

URL: https://korastar-tv.net/
Title: كورة ستار

Search URL Search Domain Scan URL

URL: https://livekoora-tv.com/
Title: كوره لايف

Search URL Search Domain Scan URL

URL: https://yallalive-tv.net/
Title: يلا لايف

Search URL Search Domain Scan URL

URL: https://sulvo.com/?utm_source=https://koora.kora4live.com/matches-today-h2/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://gum.criteo.com/sid/json?origin=publishertagids&domain=kora4live.com&sn=ChromeSyncframe&so=0&topUrl=koora.kora4live.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ZdXzHHxvTnF6RFlKWk1ReHdQeTg3ejl5aFNrcUNNNndvcjlJR0pxcVdJNDBQZTBTWDVDWEhvZHd4dStsdjZuVHpBL09hd2xlcDB5QXhQRVM4bWI2ckpXSVRRdEEvOWUwQy9VSWh3N1RmUFE4eHNwYWZlWTJlT0x4UTlyNllOSTZsVlZnQnNkMVZIazVmSzhGRHBja005WVVTWWpqUEMvc1hpMjByR0xweGV4US9xMThhMFZnWGFRa2owSUJ5MW5LVGo3SkplR0xpcnZJMXAwU2d0M0UwS2tYcDhoRmlTMUljU0doM0owZ05JenVBLzg1NTRXbUVwSHJTUUZOTytsZmRjL01nRERPb0dKYnRuMmh3aW9BRDFrRDArdz09fA&cppv=2

Request Chain 86

https://www.kooora4live.com/wp-content/uploads/2019/03/1377540149.png HTTP 301
https://kooora4lives.tv/wp-content/uploads/2019/03/1377540149.png HTTP 301
https://kooora4lives.io/wp-content/uploads/2019/03/1377540149.png HTTP 301
https://koora.kora4live.com/wp-content/uploads/2019/03/1377540149.png

Request Chain 87

https://www.kooora4live.com/wp-content/uploads/2019/03/1377540190.png HTTP 301
https://kooora4lives.tv/wp-content/uploads/2019/03/1377540190.png HTTP 301
https://kooora4lives.io/wp-content/uploads/2019/03/1377540190.png HTTP 301
https://koora.kora4live.com/wp-content/uploads/2019/03/1377540190.png

Request Chain 88

https://www.kooora4live.com/wp-content/uploads/2019/03/1377539853.png HTTP 301
https://kooora4lives.tv/wp-content/uploads/2019/03/1377539853.png HTTP 301
https://kooora4lives.io/wp-content/uploads/2019/03/1377539853.png HTTP 301
https://koora.kora4live.com/wp-content/uploads/2019/03/1377539853.png

Request Chain 89

https://www.kooora4live.com/wp-content/uploads/2019/03/1401137791.png HTTP 301
https://kooora4lives.tv/wp-content/uploads/2019/03/1401137791.png HTTP 301
https://kooora4lives.io/wp-content/uploads/2019/03/1401137791.png HTTP 301
https://koora.kora4live.com/wp-content/uploads/2019/03/1401137791.png

Request Chain 108

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCsivfrDxDgARjgATIIShPuJ_drUMc HTTP 301
https://tpc.googlesyndication.com/simgad/14222798899374047344

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFF4Kdt_qmmvAaTenpFdmDY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFF4Kdt_qmmvAaTenpFdmDY&google_cver=1&C=1

Request Chain 126

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI3KQCkE-9z92xsLSQHkmAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFF4Kdt_qmmvAaTenpFdmDY&google_cver=1

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENMD1qWepG0zfmJZxwED8gI&google_cver=1

Request Chain 128

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY0ODM4MjcxOTMzMTM4Njg2OA%3D%3D

Request Chain 152

https://um.simpli.fi/gp_match?google_gid=CAESEDm6ChzIcrdxJkPxUyehptg&google_cver=1&google_push=ATf1kGN1g1I0z-o3KW6yCcPyOn3-KCYk6_8cK-i0PoBLUXoZuw4HuNbXpFa0OydcAnzh3eiOv3Drerig6n-5uxl3E9Y1whZAqFr5cRWh1koP0-vCiUgIKXGH93Ru2mhb6ik43-wJnT525LfE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7D68715625AF4450B50C70D793506259&google_push=ATf1kGN1g1I0z-o3KW6yCcPyOn3-KCYk6_8cK-i0PoBLUXoZuw4HuNbXpFa0OydcAnzh3eiOv3Drerig6n-5uxl3E9Y1whZAqFr5cRWh1koP0-vCiUgIKXGH93Ru2mhb6ik43-wJnT525LfE

Request Chain 154

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELafphvotlVx8jklaYfN_9c&google_cver=1&google_push=ATf1kGNr4BuUqCHpL6enYEaJ9t0dvdmfO6B-3ouyF_zYBpipvp6JXsa-fOkuI7L0DRyqi9liqPL6wgnBe2mrCg_wkjFXGTUMxz4BVK0SXqev841Utec7deoQEtm_9Lgza-b88umqvXkklN4W HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELafphvotlVx8jklaYfN_9c&google_cver=1&google_push=ATf1kGNr4BuUqCHpL6enYEaJ9t0dvdmfO6B-3ouyF_zYBpipvp6JXsa-fOkuI7L0DRyqi9liqPL6wgnBe2mrCg_wkjFXGTUMxz4BVK0SXqev841Utec7deoQEtm_9Lgza-b88umqvXkklN4W HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNr4BuUqCHpL6enYEaJ9t0dvdmfO6B-3ouyF_zYBpipvp6JXsa-fOkuI7L0DRyqi9liqPL6wgnBe2mrCg_wkjFXGTUMxz4BVK0SXqev841Utec7deoQEtm_9Lgza-b88umqvXkklN4W&google_hm=VNxChZtwRfeI4aDJaSZbCg==

Request Chain 155

https://d5p.de17a.com/cookies/google?google_gid=CAESECK2SKa9-S0joiK7E4cg_5g&google_cver=1&google_push=ATf1kGPHSiIK-jI33Pqd_QXQ-nHRLsm8NOem1ic61ih-Oe7jGbuty5x-apvGxYI60zXLe3kUb_sJhlv5jYMPsLrL8XZC-LT8e97uZrZ1BxW222W9etp8SNgS6wKXKyp70psr31SOoMzzcnkN HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECK2SKa9-S0joiK7E4cg_5g&google_cver=1&google_push=ATf1kGPHSiIK-jI33Pqd_QXQ-nHRLsm8NOem1ic61ih-Oe7jGbuty5x-apvGxYI60zXLe3kUb_sJhlv5jYMPsLrL8XZC-LT8e97uZrZ1BxW222W9etp8SNgS6wKXKyp70psr31SOoMzzcnkN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPHSiIK-jI33Pqd_QXQ-nHRLsm8NOem1ic61ih-Oe7jGbuty5x-apvGxYI60zXLe3kUb_sJhlv5jYMPsLrL8XZC-LT8e97uZrZ1BxW222W9etp8SNgS6wKXKyp70psr31SOoMzzcnkN

Request Chain 156

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDADW5wA0b_eLCs4ru-6BvI&google_cver=1&google_push=ATf1kGNkeAbrKXAOZs5BaJOsDQoG9o_pNA7jajyTprzZFWV-SjCUjadaFAse1Csxv7ZxyrpNgZM87FV3NJFhopnuzVf7JbKojUWFixdorG3Oiddt3p7INQlffCem6cIMztBH6TDD6hCh6kV4 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDADW5wA0b_eLCs4ru-6BvI&google_cver=1&google_push=ATf1kGNkeAbrKXAOZs5BaJOsDQoG9o_pNA7jajyTprzZFWV-SjCUjadaFAse1Csxv7ZxyrpNgZM87FV3NJFhopnuzVf7JbKojUWFixdorG3Oiddt3p7INQlffCem6cIMztBH6TDD6hCh6kV4&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNkeAbrKXAOZs5BaJOsDQoG9o_pNA7jajyTprzZFWV-SjCUjadaFAse1Csxv7ZxyrpNgZM87FV3NJFhopnuzVf7JbKojUWFixdorG3Oiddt3p7INQlffCem6cIMztBH6TDD6hCh6kV4&google_hm=G1NjrGZHv9by5NE6TSyD2GY3

Request Chain 157

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEqHo5rasnh1-9q99VnlAd0&google_cver=1&google_push=ATf1kGOlC8wDopcR6ovSm8WNmYZXFIDj4JVTfW615tuZuFhVGOdV4Tl-aKa7QdcZ_dQc_N06K8UBlwBruv2w9kJWPyPZlLr3Bsw7K4KKsvPciqc2gDJapyUkt4_s-80NE8S3bPzHl96Rqpdv HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOlC8wDopcR6ovSm8WNmYZXFIDj4JVTfW615tuZuFhVGOdV4Tl-aKa7QdcZ_dQc_N06K8UBlwBruv2w9kJWPyPZlLr3Bsw7K4KKsvPciqc2gDJapyUkt4_s-80NE8S3bPzHl96Rqpdv&google_gid=CAESEEqHo5rasnh1-9q99VnlAd0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY3NDYwNTg1NTUwOTI3MDM2NzMwOA%3D%3D&google_push=ATf1kGOlC8wDopcR6ovSm8WNmYZXFIDj4JVTfW615tuZuFhVGOdV4Tl-aKa7QdcZ_dQc_N06K8UBlwBruv2w9kJWPyPZlLr3Bsw7K4KKsvPciqc2gDJapyUkt4_s-80NE8S3bPzHl96Rqpdv

Request Chain 158

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEEY58-jRMpLwsM7x9EamLrw&google_cver=1&google_push=ATf1kGMroxnr1Qr03gOkq7t9sTL8zM6ZDBom24-tIB-8KevQemFFa672mGQ7lwfNcqh7-yZmxAUrtQ8hBReImdOrqk1KLZ4F5yodJxDmLwNZkR-3EN_FPdePLrQCyBpr-LhWZXF4CL_b7eMMJQ HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEEY58-jRMpLwsM7x9EamLrw&google_push=ATf1kGMroxnr1Qr03gOkq7t9sTL8zM6ZDBom24-tIB-8KevQemFFa672mGQ7lwfNcqh7-yZmxAUrtQ8hBReImdOrqk1KLZ4F5yodJxDmLwNZkR-3EN_FPdePLrQCyBpr-LhWZXF4CL_b7eMMJQ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGMroxnr1Qr03gOkq7t9sTL8zM6ZDBom24-tIB-8KevQemFFa672mGQ7lwfNcqh7-yZmxAUrtQ8hBReImdOrqk1KLZ4F5yodJxDmLwNZkR-3EN_FPdePLrQCyBpr-LhWZXF4CL_b7eMMJQ&google_hm=ZmliUnNlSGlaSGZnR3Q0bk1sSEw=

Request Chain 182

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDADW5wA0b_eLCs4ru-6BvI&google_cver=1&google_push=ATf1kGNcR5HNJ2S-ivW5CKbd3gc7d9v-sZXL3aaMEt_RH4xSKJyoPp9-i4cYZhN5oz4dSNxmS77Pt6_CoPX8zDfNeJQWnuzhDZ4 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNcR5HNJ2S-ivW5CKbd3gc7d9v-sZXL3aaMEt_RH4xSKJyoPp9-i4cYZhN5oz4dSNxmS77Pt6_CoPX8zDfNeJQWnuzhDZ4&google_hm=G1NjrGZHv9by5NE6TSyD2GY3

Request Chain 184

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIUwzafO9VSdxWYcHbtgKrM&google_cver=1&google_push=ATf1kGOAhauuH_sSG2mp_yhtOc9yxDV7t8eoehkalLsF1x-s--LqJrN67RRP_gAU4O7AQRSiRz5EWAJXi1NoOyVp7VPX3jkbR2Xy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOAhauuH_sSG2mp_yhtOc9yxDV7t8eoehkalLsF1x-s--LqJrN67RRP_gAU4O7AQRSiRz5EWAJXi1NoOyVp7VPX3jkbR2Xy HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 186

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 239

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMC_nf7FdOs3inRwzi9hnhQ&google_cver=1&google_push=ATf1kGPwKaOdWqt0Q_dV6guTeB418OqUGqJneU850Ftdvfu7VTG1nBlqrEHsk8wwl_NBDlo6ib0yp-8dGtQgiYtnWDmCgYmfiz-zKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPwKaOdWqt0Q_dV6guTeB418OqUGqJneU850Ftdvfu7VTG1nBlqrEHsk8wwl_NBDlo6ib0yp-8dGtQgiYtnWDmCgYmfiz-zKg&google_hm=nL-K6ZrvSkWzv2ivrAFV85E

Request Chain 240

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGNVjc-CrECjdApm-v8PkGWDrJu8JXXNy9nNux2ORyL3VtYI4YBVr8P-QasP7wD8_imoLCRkr5ZJFIZiXkLaPJX-qutTM0cd HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGNVjc-CrECjdApm-v8PkGWDrJu8JXXNy9nNux2ORyL3VtYI4YBVr8P-QasP7wD8_imoLCRkr5ZJFIZiXkLaPJX-qutTM0cd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA2NzgzMzY3MjIyNjI2NTU0MA&google_push=ATf1kGNVjc-CrECjdApm-v8PkGWDrJu8JXXNy9nNux2ORyL3VtYI4YBVr8P-QasP7wD8_imoLCRkr5ZJFIZiXkLaPJX-qutTM0cd

Request Chain 241

https://d5p.de17a.com/cookies/google?google_gid=CAESECK2SKa9-S0joiK7E4cg_5g&google_cver=1&google_push=ATf1kGPiL9L-r4dldE_2jp8i6PSOFVkZrrallpUc2xGgcX7QZhvzlBuTxXtKMX-FDse6lLvsn5TSngBGPuqas4OU0Q0AgUGajMpyqA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPiL9L-r4dldE_2jp8i6PSOFVkZrrallpUc2xGgcX7QZhvzlBuTxXtKMX-FDse6lLvsn5TSngBGPuqas4OU0Q0AgUGajMpyqA

Request Chain 242

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENRxt-bU_uZijAeXcLkDNbA&google_cver=1&google_push=ATf1kGNzmAxEzjmeXVb9b3UBsogXWsSp-077Wjk_LrKob1HIX4moHKmCpjgJjV3XmZ9w6qVvwZKL63gdbcpD1al45gHRgVJUUN6NDg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Y9w4utAY70b8JFjpLWxH9ylK3I2S21TAvkmRmQ&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 243

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGMya93yK6sBYpTp9oYF320cjcxp-vVyT74CR7fNmExw2TMKIkiYIdJqhZ2WgOCFbRtZ1zwKrkmT5YR_zehDA84lTffoGvLGKQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGMya93yK6sBYpTp9oYF320cjcxp-vVyT74CR7fNmExw2TMKIkiYIdJqhZ2WgOCFbRtZ1zwKrkmT5YR_zehDA84lTffoGvLGKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzNTM0OTI3MjI1MTc4NzE4OQ&google_push=ATf1kGMya93yK6sBYpTp9oYF320cjcxp-vVyT74CR7fNmExw2TMKIkiYIdJqhZ2WgOCFbRtZ1zwKrkmT5YR_zehDA84lTffoGvLGKQ

Request Chain 245

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIUwzafO9VSdxWYcHbtgKrM&google_cver=1&google_push=ATf1kGNj6hItqhBtfvjsZW8CsTPtGJyWzyUTvcYTCX4GXm-ZS9ao_NOreEy74UR7wC-38O9JXKWaFpD3l214dsfn9ldwa0QQOFOeNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNj6hItqhBtfvjsZW8CsTPtGJyWzyUTvcYTCX4GXm-ZS9ao_NOreEy74UR7wC-38O9JXKWaFpD3l214dsfn9ldwa0QQOFOeNg

Request Chain 247

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELrR9Vur7vmXBI0xiMuRLpI&google_cver=1&google_push=ATf1kGMHLsC9saBW_OGd5O_53nxDYy8bxspR7yLBWvs-a8woGigsmc6cLXaQGUmQFkgnaSoEWvc0sP9wK9hEY3zGcX7Z-i8idYnSX3M HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELrR9Vur7vmXBI0xiMuRLpI&google_cver=1&google_push=ATf1kGMHLsC9saBW_OGd5O_53nxDYy8bxspR7yLBWvs-a8woGigsmc6cLXaQGUmQFkgnaSoEWvc0sP9wK9hEY3zGcX7Z-i8idYnSX3M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VnBnMTFEaEExUWF4b3Q1&google_gid=CAESELrR9Vur7vmXBI0xiMuRLpI&google_cver=1&google_push=ATf1kGMHLsC9saBW_OGd5O_53nxDYy8bxspR7yLBWvs-a8woGigsmc6cLXaQGUmQFkgnaSoEWvc0sP9wK9hEY3zGcX7Z-i8idYnSX3M

Request Chain 248

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMaVhMIyNNsz8Y1XPlGJSRo&google_cver=1&google_push=ATf1kGO0_s-tS72SLwHeKXQ-bd8R0o9yNvQjoA3rSikis2YWehMx00d7w6GH9Gl67Q6zoiz2AL0c7bWH-ebfiCDnNhvtlZZpCMdohsA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO0_s-tS72SLwHeKXQ-bd8R0o9yNvQjoA3rSikis2YWehMx00d7w6GH9Gl67Q6zoiz2AL0c7bWH-ebfiCDnNhvtlZZpCMdohsA

Request Chain 249

https://um.simpli.fi/gp_match?google_gid=CAESEDm6ChzIcrdxJkPxUyehptg&google_cver=1&google_push=ATf1kGNppk1a1uN8QwfQyYl0lbNxldpEqp-Pdjik4WAkDFyZPAFR79qboUQ-BgYS0W-MP0bkSSwHwR0DvAn-ECiOgXsCQgY4B_mOp1E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7D68715625AF4450B50C70D793506259&google_push=ATf1kGNppk1a1uN8QwfQyYl0lbNxldpEqp-Pdjik4WAkDFyZPAFR79qboUQ-BgYS0W-MP0bkSSwHwR0DvAn-ECiOgXsCQgY4B_mOp1E

Request Chain 250

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELafphvotlVx8jklaYfN_9c&google_cver=1&google_push=ATf1kGPNU4Nkg9zZ4KsTYkh7fJepOkGOsOzv0Eqm7R-CB-H0XLd0ls06phHiaW4UqT9F1BMG5Vxkfvg9mU3VwCItLj9F38UFqy-sPw HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d00e2773-ff3f-45df-9dad-220c3d70dda3&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPNU4Nkg9zZ4KsTYkh7fJepOkGOsOzv0Eqm7R-CB-H0XLd0ls06phHiaW4UqT9F1BMG5Vxkfvg9mU3VwCItLj9F38UFqy-sPw&google_hm=VNxChZtwRfeI4aDJaSZbCg==

Request Chain 251

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIUnAsBYNOAcKflbvx2T2tU&google_cver=1&google_push=ATf1kGMXcEZzJmBGPg4CWy6bkmOLvWYbS58JQPyobvFte6KGp-Tik0ldDSWqPQefg4DrG8c-ORsFJs-BsDT_Dbu-M4NANyJ6LmR2OOI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMXcEZzJmBGPg4CWy6bkmOLvWYbS58JQPyobvFte6KGp-Tik0ldDSWqPQefg4DrG8c-ORsFJs-BsDT_Dbu-M4NANyJ6LmR2OOI&google_hm=eS1hSmowX29kRTJwSE9lYXEzVXFCSEg5Z3hjcktrdm9jen5B

Request Chain 252

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGOTCd0Kl8Jrn4EFcnhz5O6KEKVYzReTpR5Ndu1U9Q8OGPNzqoKvDLiHxoL12b13EIi8ihyApEBpttKHsjKwIprmA3HVMTWqyQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGOTCd0Kl8Jrn4EFcnhz5O6KEKVYzReTpR5Ndu1U9Q8OGPNzqoKvDLiHxoL12b13EIi8ihyApEBpttKHsjKwIprmA3HVMTWqyQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4ODMxNTM2NDI0NDE0NDU4NQ&google_push=ATf1kGOTCd0Kl8Jrn4EFcnhz5O6KEKVYzReTpR5Ndu1U9Q8OGPNzqoKvDLiHxoL12b13EIi8ihyApEBpttKHsjKwIprmA3HVMTWqyQ

Request Chain 253

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDTKDzSnoQ41bYerud9IuAU&google_cver=1&google_push=ATf1kGPXc2XY2D8zbXujjCkj5UdYdkMQDPVNniSKEUsTtinP4OZMgzwvN5_b-_fQhxOffMJZgrRPzlFgMoLu0B1bGchW_FwPZLXx2R_5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPXc2XY2D8zbXujjCkj5UdYdkMQDPVNniSKEUsTtinP4OZMgzwvN5_b-_fQhxOffMJZgrRPzlFgMoLu0B1bGchW_FwPZLXx2R_5 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 256

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMaVhMIyNNsz8Y1XPlGJSRo&google_cver=1&google_push=ATf1kGO9kegsNF1XuYDhS7n7WDfoYLyKMo3TS_kL43N3Ynv7LP8qO9tfMPpGt12AGDOCqrmpnkBDnnuilZfg2rJc_j1WP3f8r3_d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO9kegsNF1XuYDhS7n7WDfoYLyKMo3TS_kL43N3Ynv7LP8qO9tfMPpGt12AGDOCqrmpnkBDnnuilZfg2rJc_j1WP3f8r3_d

Request Chain 257

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGsRdIqgDQL3IwkyfZWl-jE&google_cver=1&google_push=ATf1kGNFuHqrvUw80XVSBDsRymD27IrVHuDSHL80Bd-X9LgI1H6DB1FlT9OM4uNXGfZ-9-XxWbcNzJxODH-bPdlvFv3KNuIR5yR2SQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNFuHqrvUw80XVSBDsRymD27IrVHuDSHL80Bd-X9LgI1H6DB1FlT9OM4uNXGfZ-9-XxWbcNzJxODH-bPdlvFv3KNuIR5yR2SQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGsRdIqgDQL3IwkyfZWl-jE&google_cver=1&google_push=ATf1kGNFuHqrvUw80XVSBDsRymD27IrVHuDSHL80Bd-X9LgI1H6DB1FlT9OM4uNXGfZ-9-XxWbcNzJxODH-bPdlvFv3KNuIR5yR2SQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNFuHqrvUw80XVSBDsRymD27IrVHuDSHL80Bd-X9LgI1H6DB1FlT9OM4uNXGfZ-9-XxWbcNzJxODH-bPdlvFv3KNuIR5yR2SQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 259

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIUnAsBYNOAcKflbvx2T2tU&google_cver=1&google_push=ATf1kGMT1YdUFSNdVeFrAkdw81wZd9D3cMIpH0ozAvSqlAGwpQVT2CF4tykzPzBZ9tdBIkYFSVS-NV5YP5WI2TLRiXyvYdAX3QEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMT1YdUFSNdVeFrAkdw81wZd9D3cMIpH0ozAvSqlAGwpQVT2CF4tykzPzBZ9tdBIkYFSVS-NV5YP5WI2TLRiXyvYdAX3QEw&google_hm=eS1adVNManN0RTJwRW5jUGxabl94Q0VGSE9OSGltOVNKZ35B

Request Chain 260

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESENRxt-bU_uZijAeXcLkDNbA&google_cver=1&google_push=ATf1kGMRD_24Llp3cuvKyW7PqNgU75BhqBFqg8SFkKKrzrLUCwelywK5_Z744ZqLVbdAIsCB-Iq21mtpFuGIF5ajH8wERJi9Rzr-9g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Y9w4utAY70b8JFjpLWxH9ylK3I2S21TAvkmRmQ&google_push=PUSH_DATA HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Request Chain 261

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGN5j3qEN7M6eXAodpZDbFSkG9ULt3Pk0s3NfxCgy0UlW17bV2dPhiTfYFyPVXuKfRIkLqXenkoEVYAHN7MbF3Asum10m7VRVQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGN5j3qEN7M6eXAodpZDbFSkG9ULt3Pk0s3NfxCgy0UlW17bV2dPhiTfYFyPVXuKfRIkLqXenkoEVYAHN7MbF3Asum10m7VRVQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEwNzM1NTQ3MzQ4OTI4OTM2Ng&google_push=ATf1kGN5j3qEN7M6eXAodpZDbFSkG9ULt3Pk0s3NfxCgy0UlW17bV2dPhiTfYFyPVXuKfRIkLqXenkoEVYAHN7MbF3Asum10m7VRVQ

265 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
koora.kora4live.com/matches-today-h2/ 84 KB
17 KB 218ms
122ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e2e0c0e3c6f71f0fbbc772350e2e7d5c085d8d1384faede59a37f626ac11c47

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d8c27a4bbea1cb6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 14:59:10 GMT
last-modified: Sat, 17 Jun 2023 14:37:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZEoobwNroWFeg57A%2BnzkttX4lUO77ppus8x2e3b6GncDOCx5ubceoBXV%2F5%2B2M4k%2B7qDMN6eTISFUhRvEqPq0h6vh54rYXqE4mszi6vvNGu4ALZy2xjk%2F4S3BP%2F0x0iTvZvi5lNwBnZ%2FtSHgNspFeBz1"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Cookie

GET
H2 200 classic-themes.min.css
koora.kora4live.com/wp-includes/css/ 291 B
603 B 35ms
32ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koora.kora4live.com/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/matches-today-h2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97298
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 30 Mar 2023 05:03:39 GMT
server: cloudflare
etag: W/"6425182b-123"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kv8KndcvBDLan6uM1kCQgRpNYiYMOx2Dg1il9vM3gu5Uu9h04O60bLuWrMRaHCgPcKtDwh6FHndTBJyW931JdoiTjUWgWoEgEq9jJkOT4IfZhnPU9veF6Cxddv9%2BH8ghFTBobkLndWr3tIUzD8POUZ3f"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 7d8c27a5ad5b1cb6-AMS
expires: Sun, 16 Jul 2023 11:57:32 GMT

GET
H2 200 NeoSansArabic.woff
koora.kora4live.com/wp-content/themes/AlbaKora4Live-v6/fonts/ 56 KB
56 KB 34ms
33ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koora.kora4live.com/wp-content/themes/AlbaKora4Live-v6/fonts/NeoSansArabic.woff
Requested by: Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer: https://koora.kora4live.com/matches-today-h2/
Origin: https://koora.kora4live.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 14:24:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6648
etag: "636fac87-e014"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ln1wefsKJi0vNgai8HX9x5Gonwx56WJaHI0a5T%2FZItJEieJs8c0fUW1imkEGdQUz1JF12g3ANrsqaVP%2FRJPFjh5jUZIuUACeLauHQeJ1XLzJN8DaGyqCckQy9%2FSK6zcvuTKPNCBTSZ%2Bv%2B6iRd3bMMNwy"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7d8c27a5ad5c1cb6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 57364

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 242ms
177ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0cc4e848bfbd95a66b4db3142f5faaca233257aed50da86341c70e5c740c5e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2V30QS4Q66T0GN5T2PCPHXV
date: Sat, 17 Jun 2023 14:59:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 874
cf-polished: origSize=4393
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"6cd3e47d51f2768bca99c60a1b340133-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7d8c27a60d3bb969-AMS
link: <https://live.demand.supply/impl.v16.16.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/a29vcmEua29yYTRsaXZlLmNvbS8=>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 kooora4live.png
koora.kora4live.com/wp-content/uploads/2022/12/ 8 KB
9 KB 52ms
50ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koora.kora4live.com/wp-content/uploads/2022/12/kooora4live.png
Requested by: Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bb451155dbe12a0b7a999e8d968b8a4f00e04e3010b1058723f16bdd659761d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/matches-today-h2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97298
alt-svc: h3=":443"; ma=86400
content-length: 8546
pragma: public
last-modified: Sun, 18 Dec 2022 19:17:40 GMT
server: cloudflare
etag: "639f6754-2162"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjM6Zn8NLDyp3lVVp8SlzzSd5wWakvQNa49pTqJ0icMFPEGHuOOLJLBmXiqjnvrfopEbADgtq71N6x6nGnQFZjnt8qbBW3XAumsVF%2F3AFomGF364ekiNo%2BD6c7R7GhmFkE7Lrhd9sstNlUjL%2B3ThPxGj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7d8c27a5ad681cb6-AMS
expires: Sun, 16 Jul 2023 11:57:32 GMT

GET
H2 200 rocket-loader.min.js Show response
koora.kora4live.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 49ms
48ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://koora.kora4live.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/matches-today-h2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jun 2023 10:17:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"648ae541-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5zhTJBVQ93I12fUBo%2B9eCB0FoULkh55YOg3grGAoIpmWbXXhEHvPo7yIlI84yL3VVgIbnOrqJgtijTH2pwvzB%2FM%2BMayR7KPf0fIa2nigo%2BhDQKsgjYGv5D%2BRTHbW7nXvyzCOlE0hZyI2xeQGYBQi43N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7d8c27a5bd6c1cb6-AMS
expires: Mon, 19 Jun 2023 14:59:10 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
81 KB 196ms
60ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6XQ0HCVXZH

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

465e9e73d7098142890d2d05dec3f1d5209d1b6e1fe6448b8f6851bf3ac09a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 17 Jun 2023 14:59:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 165ms
87ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bd2cb08cb688493b9f7dd3f7464c8d92c6ac083696ff560e8bb1f99bebd9873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Origin: https://koora.kora4live.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47239
x-xss-protection: 0
server: cafe
etag: 11024342991000231956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:10 GMT

GET
H2 200 impl.v16.16.0.js Show response
live.demand.supply/ 74 KB
24 KB 111ms
110ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.16.0.js
Requested by: Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e199b4acaba04f13ab3fcf9c95a4a26c3b6468462a5840365fbd3c3b780bd49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2V21C12TQVRMNKRKSNMKQ2M
date: Sat, 17 Jun 2023 14:59:10 GMT
content-encoding: br
cf-cache-status: HIT
age: 331171
cf-polished: origSize=76159
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"a0209a571f187db24bc09a2a643679ec-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7d8c27a72ea4b969-AMS

GET
H2 200 a29vcmEua29yYTRsaXZlLmNvbS8= Show response
live.demand.supply/p4/v16-10-0/ 1 KB
703 B 156ms
155ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-10-0/a29vcmEua29yYTRsaXZlLmNvbS8=
Requested by: Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb6aa538ea8be59674eb0f45189fe5cbb02fdf4e46e809985549ea8a2aed397

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7d8c27a72ea7b969-AMS
alt-svc: h3=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
515 B 81ms
52ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=245&cs=c&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:10 GMT
cf-cache-status: HIT
age: 14369
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27a75ed60b4b-AMS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 302ms
145ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0721d605f85c09eb5b1d2633fdc67b693ec32856d1b7fc7e6cb4cac03f0f79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26696
x-xss-protection: 0
server: cafe
etag: 956 / 19525 / 31075400 / config-hash: 4553594699066521459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:10 GMT

GET
H2 200 a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw== Show response
live.demand.supply/p4/v16-10-0/ 1 KB
643 B 219ms
218ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-10-0/a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb6aa538ea8be59674eb0f45189fe5cbb02fdf4e46e809985549ea8a2aed397

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7d8c27a72eadb969-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
585 B 145ms
117ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RBTMTBZD3C5DWQBXC7
date: Sat, 17 Jun 2023 14:59:10 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 14079
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7d8c27a75ed70b4b-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 kora4live.com_fluid_sq_ads Show response
live.demand.supply/cp/ 30 B
371 B 180ms
180ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kora4live.com_fluid_sq_ads?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13e680de2390bb5b3e29b40b40bb71a97a664fc762bf258a735f8aab3b0a9b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7d8c27a7ef2c0b4b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 kora4live.com_fluid_sq_ads Show response
live.demand.supply/cp/ 30 B
372 B 239ms
238ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kora4live.com_fluid_sq_ads?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13e680de2390bb5b3e29b40b40bb71a97a664fc762bf258a735f8aab3b0a9b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7d8c27a7ef2d0b4b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 kora4live.com_fluid_sq_ads Show response
live.demand.supply/cp/ 30 B
371 B 168ms
168ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kora4live.com_fluid_sq_ads?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13e680de2390bb5b3e29b40b40bb71a97a664fc762bf258a735f8aab3b0a9b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7d8c27a7ef300b4b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 30

GET
H3 200 kora4live.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 30 B
372 B 230ms
229ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/kora4live.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 559605cf8015222a6bb0c3a8633a81ba2444160dd54231600b413c8a0d503bb1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7d8c27a89f7a0b4b-AMS
alt-svc: h3=":443"; ma=86400
content-length: 30

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
481 B 115ms
115ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kora4live.com_fluid_sq_ads&pdc=0.12641112804412843&ucv=null&e=tcp&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:10 GMT
cf-cache-status: HIT
age: 14369
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27a8ffbb0b4b-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
478 B 38ms
37ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=kora4live.com_fluid_sq_ads&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN0357ZM7XQGEWRVX64D9B
date: Sat, 17 Jun 2023 14:59:10 GMT
cf-cache-status: HIT
age: 14369
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27a8ffbd0b4b-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 115ms
115ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kora4live.com_fluid_sq_ads&pdc=0.12641112804412843&ucv=null&e=tcp&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:10 GMT
cf-cache-status: HIT
age: 14369
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27a90fc50b4b-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
477 B 110ms
110ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=kora4live.com_fluid_sq_ads&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN0357ZM7XQGEWRVX64D9B
date: Sat, 17 Jun 2023 14:59:10 GMT
cf-cache-status: HIT
age: 14369
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27a90fc60b4b-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
477 B 34ms
33ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kora4live.com_fluid_sq_ads&pdc=0.12641112804412843&ucv=null&e=tcp&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:10 GMT
cf-cache-status: HIT
age: 14369
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27a97ffa0b4b-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 112ms
111ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=kora4live.com_fluid_sq_ads&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN0357ZM7XQGEWRVX64D9B
date: Sat, 17 Jun 2023 14:59:11 GMT
cf-cache-status: HIT
age: 14370
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27a97ffe0b4b-AMS

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/ 411 KB
127 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 18:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73340
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129960
x-xss-protection: 0
server: cafe
etag: 10643696450713337328
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Jun 2024 18:36:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
521 B 137ms
67ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=koora.kora4live.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea6b16598e88e524df3eca03b40c3c8a2e582c39e9da2f109e63fabee18e3c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 496
x-xss-protection: 0
expires: Sat, 17 Jun 2023 14:59:11 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 125ms
122ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kora4live.com_auto_728x90_sticky_display_bottom&pdc=0.12905435264110565&ucv=null&e=tcp&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:11 GMT
cf-cache-status: HIT
age: 14370
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27aa18530b4b-AMS

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 37ms
35ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01GZGR6SCB0Q49R1S22Y9RAR9T
date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 1604789
etag: W/"281c43d3e253957887c3e1dad5bbb310-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7d8c27aa299f0b67-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 130ms
41ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koora.kora4live.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 480ms
159ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 17 Jun 2023 14:59:11 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13171
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-bom4723-BOM
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 127ms
26ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:43:20 GMT
via: 1.1 google
age: 951
x-guploader-uploadid: ADPycduZEY-TcZ3JIkawkBtVz-to6Jffdj3s8HD3eP1Wz8GyjYSE9qg3HfXXaOmTW8dGkL-RU7MSGFGgHp9XJ5ViBbrMZA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Sat, 17 Jun 2023 15:43:20 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 114ms
35ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 01:47:30 GMT
content-encoding: gzip
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 47502
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: OXxNvf7RlnXCub4aYIoTn4gWBf5BHy4hNUxX5UObeuay87G7Jox5TA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 141ms
32ms Script
text/javascript 2600:9000:2250:f800:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:f800:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: null
Date: Sat, 17 Jun 2023 05:58:55 GMT
Via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 32417
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: 46CXe2JddxxUZKDrPO5Dcu3lQdThg4aptNjYJVUCLzNRDWma3FlDsg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 97ms
35ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 14:15:50 GMT
server: cloudflare
x-amz-request-id: XW57SSBJG8WGR2X6
age: 3007
etag: W/"8c1740edd46834c66e82586d99a9e74c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d8c27ab9dc9d0b5-AMS
x-amz-id-2: 82L4XU4OaWOWYkKqhmoWTQjfUPUH2yEZlaEEpWhcqhYu3QZND3jzgXPsXsbk/OP8IVLctZEUo+/enQAYvBdH9A==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 135ms
50ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 18 Jun 2023 14:59:11 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
759 B 419ms
418ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=824341492987063&correlator=169272445195496&eid=31075400&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2Ca1038939-114d-4e99-9b51-abaad6f8d7cb&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3206768857&didk=1517965771&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3De5e1a3e5-db1a-4f67-a75c-6396d285a942%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D12%26bid-p%3Dgoogle%26bsc%3D40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1687013951215&lmt=1687012655&dlt=1687013950310&idt=860&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY6I34zowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjojfjOjDFIAFICCGQSGQoKcHViY2lkLm9yZxjojfjOjDFIAFICCGQSFwoIcnRiaG91c2UY6I34zowxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOiN-M6MMUgAUgIIZBIZCgp1aWRhcGkuY29tGOiN-M6MMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

095ba2ef0342f3834650ee1b8f246f287d9a9ecd9c93304521668d943da45656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 729
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koora.kora4live.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 360ms
360ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=824341492987063&correlator=955444713529427&eid=31075400&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C0842e6ec-edae-4b53-9e1d-f7095d067033&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=2&adks=3796108864&didk=1729192360&sfv=1-0-40&prev_scp=ti%3De5e1a3e5-db1a-4f67-a75c-6396d285a942%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26bsc%3D40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1687013951221&lmt=1687012655&dlt=1687013950310&idt=860&adxs=326&adys=2147&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&frm=20&vis=1&psz=1100x296&msz=1100x296&fws=0&ohw=0&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY6I34zowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjojfjOjDFIAFICCGQSGQoKcHViY2lkLm9yZxjojfjOjDFIAFICCGQSFwoIcnRiaG91c2UY6I34zowxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOiN-M6MMUgAUgIIZBIZCgp1aWRhcGkuY29tGOiN-M6MMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69f970a33ef492e33d7a88327265a0bdfd67674c844ac26f5ee15625edfd19fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12159
x-xss-protection: 0
google-lineitem-id: 5563949749
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koora.kora4live.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
38 KB 429ms
429ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=824341492987063&correlator=886603148340541&eid=31075400&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C0842e6ec-edae-4b53-9e1d-f7095d067033&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=3&adks=2245042541&didk=1729192363&sfv=1-0-40&prev_scp=ti%3De5e1a3e5-db1a-4f67-a75c-6396d285a942%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26bsc%3D40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1687013951225&lmt=1687012655&dlt=1687013950310&idt=860&adxs=326&adys=100&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&frm=20&vis=1&psz=1100x296&msz=1100x296&fws=0&ohw=0&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY6I34zowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjojfjOjDFIAFICCGQSGQoKcHViY2lkLm9yZxjojfjOjDFIAFICCGQSFwoIcnRiaG91c2UY6I34zowxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOiN-M6MMUgAUgIIZBIZCgp1aWRhcGkuY29tGOiN-M6MMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f9fee20abef235ec96aec75fc88c5f392569a8289c7e8da22a8de4fb57d5cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39254
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koora.kora4live.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 65 KB
15 KB 484ms
484ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=824341492987063&correlator=1972463974395136&eid=31075400&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C0842e6ec-edae-4b53-9e1d-f7095d067033&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=4&adks=2702726171&didk=1729192362&sfv=1-0-40&prev_scp=ti%3De5e1a3e5-db1a-4f67-a75c-6396d285a942%26chrand%3Dy%26pof%3D0%26bid%3D0.09%26bid-p%3Dgoogle%26bsc%3D40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1687013951227&lmt=1687012655&dlt=1687013950310&idt=860&adxs=326&adys=469&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&frm=20&vis=1&psz=1100x296&msz=1100x296&fws=0&ohw=0&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY6I34zowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjojfjOjDFIAFICCGQSGQoKcHViY2lkLm9yZxjojfjOjDFIAFICCGQSFwoIcnRiaG91c2UY6I34zowxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOiN-M6MMUgAUgIIZBIZCgp1aWRhcGkuY29tGOiN-M6MMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9452306f433000d5b62e590d3e9cd7da7fad6bd3ebbfd57be994a81724d1f8a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14918
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koora.kora4live.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 260ms
260ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=824341492987063&correlator=509715642610221&eid=31075400&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C14a03afa-6ad2-48a7-8ac3-33689e17a0be&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=2939916492&didk=2681292564&sfv=1-0-40&prev_scp=ti%3De5e1a3e5-db1a-4f67-a75c-6396d285a942%26chrand%3Dy%26pof%3D0%26bid%3D0.05%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1687013951229&lmt=1687012655&dlt=1687013950310&idt=860&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY6I34zowxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjojfjOjDFIAFICCGQSGQoKcHViY2lkLm9yZxjojfjOjDFIAFICCGQSFwoIcnRiaG91c2UY6I34zowxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOiN-M6MMUgAUgIIZBIZCgp1aWRhcGkuY29tGOiN-M6MMUgAUgIIZA..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8c89adebf435549dc2a11b00953b69c950853cbcce241b8008fae0d50353c6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12155
x-xss-protection: 0
google-lineitem-id: 5562791889
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koora.kora4live.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A980 6 KB
3 KB 230ms
69ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:11 GMT
expires: Sun, 16 Jun 2024 14:59:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/ 37 KB
13 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl_page_level_ads.js?cb=31075400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c06a55d3d62d6ee014e4a184baa5631320cb1d5768dcf3b6b3b1671c3337eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 18:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73326
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13110
x-xss-protection: 0
server: cafe
etag: 10981769863807075850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Jun 2024 18:37:05 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
328 B 112ms
36ms XHR
text/plain 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://koora.kora4live.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://koora.kora4live.com
date: Sat, 17 Jun 2023 14:59:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
336 B 140ms
42ms XHR
application/json 54.229.146.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.146.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-146-125.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d3c171e205a3a1fa2c3de6e7a1f7313695b551200dc60f8d6fe6b7fe64bb9577

Request headers

Referer: https://koora.kora4live.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:11 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://koora.kora4live.com
cache-control: no-cache
x-server: 10.45.0.42
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 241 B
335 B 41ms
40ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5ecfe6ea0bc4808deb4131cb8ff9c6c9fbb86111b7da3b858216993de1fa0dc0

Request headers

Referer: https://koora.kora4live.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 1315c9acaf8342b0747a47f563c8d7d1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 111ms
38ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://koora.kora4live.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://koora.kora4live.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 17 Jun 2023 14:59:11 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: 2e301d5466d816a2a009f8fd009f3d0b

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2642 15 KB
6 KB 126ms
42ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=koora.kora4live.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 411732
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2642
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=kora4live.com&sn=ChromeSyncframe&so=0&topUrl=koora.kora4live.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ZdXzHHxvTnF6RFlKWk1ReHdQeTg3ejl5aFNrcUNNNndvcjlJR0pxcVdJNDBQZTBTWDVDWEhvZHd4dStsdjZuVHpBL09hd2xlcDB5QXhQRVM4bWI2ckpXSVRRdEEvOWUwQy9VSWh3N1RmUFE4eHNwYWZlWTJlT0x4UTlyNl...

422 B
651 B

110ms
27ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ZdXzHHxvTnF6RFlKWk1ReHdQeTg3ejl5aFNrcUNNNndvcjlJR0pxcVdJNDBQZTBTWDVDWEhvZHd4dStsdjZuVHpBL09hd2xlcDB5QXhQRVM4bWI2ckpXSVRRdEEvOWUwQy9VSWh3N1RmUFE4eHNwYWZlWTJlT0x4UTlyNllOSTZsVlZnQnNkMVZIazVmSzhGRHBja005WVVTWWpqUEMvc1hpMjByR0xweGV4US9xMThhMFZnWGFRa2owSUJ5MW5LVGo3SkplR0xpcnZJMXAwU2d0M0UwS2tYcDhoRmlTMUljU0doM0owZ05JenVBLzg1NTRXbUVwSHJTUUZOTytsZmRjL01nRERPb0dKYnRuMmh3aW9BRDFrRDArdz09fA&cppv=2

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

94326d6b2906fabf98e5f582e128cfcf6ce6bbdf31875e8ad73aa6b2a814619a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1389796
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ZdXzHHxvTnF6RFlKWk1ReHdQeTg3ejl5aFNrcUNNNndvcjlJR0pxcVdJNDBQZTBTWDVDWEhvZHd4dStsdjZuVHpBL09hd2xlcDB5QXhQRVM4bWI2ckpXSVRRdEEvOWUwQy9VSWh3N1RmUFE4eHNwYWZlWTJlT0x4UTlyNllOSTZsVlZnQnNkMVZIazVmSzhGRHBja005WVVTWWpqUEMvc1hpMjByR0xweGV4US9xMThhMFZnWGFRa2owSUJ5MW5LVGo3SkplR0xpcnZJMXAwU2d0M0UwS2tYcDhoRmlTMUljU0doM0owZ05JenVBLzg1NTRXbUVwSHJTUUZOTytsZmRjL01nRERPb0dKYnRuMmh3aW9BRDFrRDArdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 270545
content-length: 0
expires: 0

GET view
securepubads.g.doubleclick.net/pcs/ Frame 90F3 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 90F3 0
0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 43ms
43ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koora.kora4live.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 282ms
281ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=824341492987063&correlator=4486942435534736&eid=31075400&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C968ac2f9-dc42-4e3b-9b3c-c14f444c3eea&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=260610851&didk=2681292564&sfv=1-0-40&prev_scp=ti%3De5e1a3e5-db1a-4f67-a75c-6396d285a942%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26stt%3Dbhs%26bsc%3D40&eri=1&sc=1&cookie=ID%3Dea2c24ebea58b343%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MZzINEcgr33yR9pOVLQlYZ-gj0SUw&gpic=UID%3D00000c4a8a0c37c7%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MamKQJ02zzHd8pVZPesOfUkO3zrdw&abxe=1&dt=1687013951526&lmt=1687012655&dlt=1687013950310&idt=860&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY6I34zowxSABSAghkEhkKCnB1YmNpZC5vcmcY6I34zowxSABSAghkEhcKCHJ0YmhvdXNlGOiN-M6MMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjojfjOjDFIAFICCGQSGQoKdWlkYXBpLmNvbRjojfjOjDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMaP-M6MMUgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8918361b99daadefae3b43dc785f54bd7b2373fed6ba755c7330dd729647390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11433
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koora.kora4live.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET view
securepubads.g.doubleclick.net/pcs/ Frame 2C53 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C53 0
0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 43ms
43ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koora.kora4live.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 472ms
472ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=824341492987063&correlator=2490355174128395&eid=31075400&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C305e02fb-0361-4e40-b0b4-6e0798541604&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=7&adks=511525289&didk=1729192360&sfv=1-0-40&prev_scp=ti%3De5e1a3e5-db1a-4f67-a75c-6396d285a942%26chrand%3Dy%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D40&eri=1&sc=1&cookie=ID%3Dc138768a16425ce3%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MaIIjRr52F0UsVFHdfdMEhj10V7UA&gpic=UID%3D00000c4a8a123b70%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MYk0_nh_GHNFjIGg7tc1yDJtdXmdQ&abxe=1&dt=1687013951619&lmt=1687012655&dlt=1687013950310&idt=860&adxs=326&adys=2147&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&frm=20&vis=1&psz=1100x296&msz=1100x296&fws=0&ohw=0&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY6I34zowxSABSAghkEhkKCnB1YmNpZC5vcmcY6I34zowxSABSAghkEtYBCghydGJob3VzZRLAAUs4bjhDSjROaE9aZVpoYisvekEwUmZZRjUxK0k0L3ZrWVIrVDdKVTYzQ1BSZklFOVIrZVdYc01DWkk4RmxaZThJYjJ5ZDNGa3M5dVJjSmI3VWcvTXVzbFpScUdVeDg3S0oybTJTVzNXd3lXTkhaR2wrc1k2NzZlT2hGMkJLUGZNNERhTCtCWWtDL2VXMnoreWxkMTFRWjRGSkxhZjY0OUNpc1FqL2RFR084OS8zYWtobFhYR0RJc0EzUjNUalltLxirkPjOjDFIABIdCg5lc3AuY3JpdGVvLmNvbRjojfjOjDFIAFICCGQSGQoKdWlkYXBpLmNvbRjojfjOjDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMaP-M6MMUgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a81757da531d8f21eb6cf69bc8f04fa81b08baf505bef7247b09f80358c96e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8564
x-xss-protection: 0
google-lineitem-id: 6322389315
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138435934899
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koora.kora4live.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
477 B 114ms
114ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kora4live.com_auto_interstitial_desktop&e=nai&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:11 GMT
cf-cache-status: HIT
age: 14370
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27adfa260b4b-AMS

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
510 B 324ms
324ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=824341492987063&correlator=2984482222359324&eid=31075400&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C71d8d7c0-d825-488a-9974-58cbea2ecd94&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=8&adks=1332821471&didk=2420430536&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3De5e1a3e5-db1a-4f67-a75c-6396d285a942%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D3%26bid-p%3Dgoogle%26bsc%3D40&eri=1&sc=1&cookie=ID%3D824a3b2f19744969%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MY31RCtsjnhtkASnFooryjKW9B4ZQ&gpic=UID%3D00000c4a89d1b027%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_Mbk7MinuIGlOFeFyGf5cbHRsLtebw&abxe=1&dt=1687013951654&lmt=1687012655&dlt=1687013950310&idt=860&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY6I34zowxSABSAghkEhkKCnB1YmNpZC5vcmcY6I34zowxSABSAghkEtYBCghydGJob3VzZRLAAUs4bjhDSjROaE9aZVpoYisvekEwUmZZRjUxK0k0L3ZrWVIrVDdKVTYzQ1BSZklFOVIrZVdYc01DWkk4RmxaZThJYjJ5ZDNGa3M5dVJjSmI3VWcvTXVzbFpScUdVeDg3S0oybTJTVzNXd3lXTkhaR2wrc1k2NzZlT2hGMkJLUGZNNERhTCtCWWtDL2VXMnoreWxkMTFRWjRGSkxhZjY0OUNpc1FqL2RFR084OS8zYWtobFhYR0RJc0EzUjNUalltLxirkPjOjDFIABIdCg5lc3AuY3JpdGVvLmNvbRjojfjOjDFIAFICCGQSGQoKdWlkYXBpLmNvbRjojfjOjDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMaP-M6MMUgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

103f1040deb2251812465f49f56bb0ddf9282840cb5ed01dc7d6e2708a5aa392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 481
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koora.kora4live.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 113ms
36ms Script
text/javascript 2606:4700:10::6814:41d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:41d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 82859
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 7d8c27aeaaacb78b-AMS
content-length: 4547

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
479 B 34ms
33ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN0357ZM7XQGEWRVX64D9B
date: Sat, 17 Jun 2023 14:59:11 GMT
cf-cache-status: HIT
age: 14370
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27ae3a430b4b-AMS

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 84ms
84ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

503d5e0787673c723fa45552357ab528b2a59f009d0c6136b6de1e4399124714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11086
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 352 KB
118 KB 181ms
115ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=koora.kora4live.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d34ff307f104d3398dd33abfd63f5c0660361639fa8998171fcfa040513f722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120774
x-xss-protection: 0
server: cafe
etag: 1609876581922897088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/ Frame 5D56 10 KB
5 KB 109ms
33ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230614/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619133031508264

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 15480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 10:41:11 GMT
etag: 15057649708203361565
expires: Sat, 01 Jul 2023 10:41:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6804 6 KB
3 KB 63ms
62ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:11 GMT
expires: Sun, 16 Jun 2024 14:59:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 37ms
36ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.09&b=2&r=kora4live.com_fluid_sq_ads&sy=facd7cb8-2ce8-49e5-a823-a9ba493b27c6&ts=40&cd=2&pud=245&pus=c&pue=480&pid=117&pis=c&pie=597&ppd=157&pps=a&ppe=638&pcl=351&ttc=786&tti=1659&ttif=0&lca=638&lcak=ppe&lct=638&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=koora.kora4live.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=e5e1a3e5-db1a-4f67-a75c-6396d285a942&e=lm&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:11 GMT
cf-cache-status: HIT
age: 14370
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27ae8a6e0b4b-AMS

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305252018000/ Frame D4D7 222 KB
61 KB 127ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 236868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61795
x-xss-protection: 0
server: sffe
etag: "7347aa4c83612bf7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame D4D7 15 KB
5 KB 183ms
89ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 236868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5238
x-xss-protection: 0
server: sffe
etag: "6efdfbd3c81d03c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame D4D7 94 KB
28 KB 196ms
102ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Jun 2023 20:51:54 GMT
age: 151637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
server: sffe
etag: "51fe97ef57b83921"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Jun 2024 20:51:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame D4D7 5 KB
2 KB 201ms
108ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Jun 2023 03:58:48 GMT
age: 126023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1896
x-xss-protection: 0
server: sffe
etag: "fbb7a7837efaff21"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 15 Jun 2024 03:58:48 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame D4D7 40 KB
13 KB 202ms
109ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 236868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "bd37dd4c3b7b688b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D4D7 14 KB
2 KB 118ms
43ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 14:00:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:59:11 GMT

GET
H2 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D4D7 3 KB
3 KB 115ms
34ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 18:05:27 GMT
x-content-type-options: nosniff
server: cafe
age: 75224
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2737
x-xss-protection: 0
expires: Sat, 17 Jun 2023 18:05:27 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D4D7 344 B
449 B 115ms
34ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 19:03:49 GMT
x-content-type-options: nosniff
server: cafe
age: 71722
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 17 Jun 2023 19:03:49 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D4D7 0
0 107ms
107ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C92xmP8qNZI2_FM3IxwLc46X4Ccjhmf5w0YjB8cAQ29keEAEglZvKIWCRhKCFjBigAfWYkvECyAEJqQJx_KlKSlmyPuACAKgDAcgDCqoEhgJP0LNJe-MUBj-rJJAos2Y9VomOosHjNHd3lnbvExMmqe3--0IY2OpUTYNJEi9OqSwPP3lna8mvb-18OiGw5IT1n16LpQuV3yFTtWtH5pwbBcjWXBJavTytWK4lSiRuPtv-3fZZ0a2V79e9XvuDg-7djcBDDI0b9nAle0ZHr5a5FEgSrU9tMZqpuefJJ0iH-wKc3SaY_MvqiWhECV3dsfyvTAgocRdO0Wg7Ug9ljP6jQjT1Vm0pycrcUE6TKiYwb_LGBzrthORokQ_zxEGyZ19jkNT6GkReP_LJINYKewPfdTQ0MFWUjF-8xHUvDXLn68kG7Zhden8ArCkac5gtMmqupH69kFF-wATik-H-lATgBAGSBQQIBBgBkgUECAUYBKAGLoAH8-btjgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDQ9hHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMMiBQD0BUBgBcBshceChwIABIUcHViLTc1MDc0MzkyMzM4NjU0MTUY_fkT&sigh=iRGF6XDwRGg&uach_m=[UACH]&cid=CAQSTABygQiDn4uO5VnWy56ZNXAPeuSxosi2wem5Xis_UErsPzxq0AUldX8fuMHcxPuFhY5vrqru9A6MetCP4SoJhRQ8BhgdqtQc_ZsyKDIYAQ&template_id=5000
Requested by: Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
479 B 35ms
35ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.09&b=2&r=kora4live.com_fluid_sq_ads&sy=facd7cb8-2ce8-49e5-a823-a9ba493b27c6&ts=40&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=koora.kora4live.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=e5e1a3e5-db1a-4f67-a75c-6396d285a942&e=lm&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:11 GMT
cf-cache-status: HIT
age: 14370
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27ae9a7f0b4b-AMS

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 86ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6XQ0HCVXZH&gtm=45je36e0&_p=401418925&cid=651942672.1687013951&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687013951&sct=1&seg=0&dl=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&dt=%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20-%20%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%E2%80%93%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20kora4live&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6XQ0HCVXZH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://koora.kora4live.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7764372301283205683/ Frame D4D7 36 KB
37 KB 140ms
83ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7764372301283205683/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d6d12e6811a3832015c73c2560af890a6d62533538c206a36e86857f28a07e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37197
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 13:25:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 16 Jun 2024 14:59:11 GMT

GET
DATA 200
OK truncated
/ Frame D4D7 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D4D7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f90314ca0522750781bb69490e0053b7c60658bc919859adfc326e55d93b9080

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D4D7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82eaa32fe19ac630fdd793115595523a1385e1f29b46d9af3643ea58073f036c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.png
koora.kora4live.com/wp-content/themes/AlbaKora4Live-v6/img/ 4 KB
5 KB 35ms
34ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koora.kora4live.com/wp-content/themes/AlbaKora4Live-v6/img/default.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8292c79a44356dae0dd28d94606a3674bd2d613a93d7304d3090b678cc1755f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/matches-today-h2/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17299
alt-svc: h3=":443"; ma=86400
content-length: 4327
pragma: public
last-modified: Sat, 12 Nov 2022 14:24:07 GMT
server: cloudflare
etag: "636fac87-10e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhJerdziuIT5KnNx4qzM%2B%2FVgY8nEXU8CLTzkLlIdKx9sTTMiH%2FiONFZnrBL2EW62uMWOrBqQVntuH4%2Fx6VsGAXp2NAgvC%2FFOccgEYr5ERFwdhx6xXMpD0LtZVb90e%2FgYcotwFkfpgsuRqwrbzkDsMvmY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7d8c27aedd860b57-AMS
expires: Mon, 17 Jul 2023 10:10:52 GMT

GET
H3

200

1377540149.png
koora.kora4live.com/wp-content/uploads/2019/03/
Redirect Chain

https://www.kooora4live.com/wp-content/uploads/2019/03/1377540149.png
https://kooora4lives.tv/wp-content/uploads/2019/03/1377540149.png
https://kooora4lives.io/wp-content/uploads/2019/03/1377540149.png
https://koora.kora4live.com/wp-content/uploads/2019/03/1377540149.png

9 KB
10 KB

36ms
36ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koora.kora4live.com/wp-content/uploads/2019/03/1377540149.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92ab3bc3d9bc6c228223f3393e594a6f05f00a85c951ff5c89957d84352fa74

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17294
alt-svc: h3=":443"; ma=86400
content-length: 9663
pragma: public
last-modified: Sat, 12 Nov 2022 14:24:09 GMT
server: cloudflare
etag: "636fac89-25bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=If5lFhTAQt8iQoakQEcKNFTcRjZZU9rgy%2BQFLamWnOQvAkQ2a96JuMKrU%2FtPUEmu0PjzMAGwTRmMhhvnWg3xGXQIH5FJL06G%2F5S9R1zuXVptDNPg%2BI4pT0GOfCEu4eheaM7hn2tZE5gUidKjEdAuXjOM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7d8c27b15f2b0b57-AMS
expires: Mon, 17 Jul 2023 10:10:58 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:59:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lXLSVbeR49nfK7KcxrvGCnMkZmo8BGu3N1NLE0wMrpstcsjBFvdIasvQm%2BE6g1w0FAFA5fzuV5TLfU81tcVv4tioHGwlxdS1jqypNpR3c%2Bwql%2FHfh5JuQwRlR48Vds%2BT42YIkluhnGxQZCT7qk%3D"}],"group":"cf-nel","max_age":604800}
location: https://koora.kora4live.com/wp-content/uploads/2019/03/1377540149.png
cache-control: max-age=3600
cf-ray: 7d8c27b0ec85b99a-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Jun 2023 15:59:12 GMT

GET
H3

200

1377540190.png
koora.kora4live.com/wp-content/uploads/2019/03/
Redirect Chain

https://www.kooora4live.com/wp-content/uploads/2019/03/1377540190.png
https://kooora4lives.tv/wp-content/uploads/2019/03/1377540190.png
https://kooora4lives.io/wp-content/uploads/2019/03/1377540190.png
https://koora.kora4live.com/wp-content/uploads/2019/03/1377540190.png

10 KB
11 KB

39ms
38ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koora.kora4live.com/wp-content/uploads/2019/03/1377540190.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14ec2caec3f7525f5997998d6d3b0464ab85f6a701289308af8d8d6ed33ccb4c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17294
alt-svc: h3=":443"; ma=86400
content-length: 10203
pragma: public
last-modified: Sat, 12 Nov 2022 14:24:09 GMT
server: cloudflare
etag: "636fac89-27db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ge6ZkigeKF1fQrc3sMVRnQZTlIzDOzsBMi0Dzen74Hcf%2FVF%2BsQuFkldlyPTetVdc6l%2FYtZgERABxyRxJhZ7eTxERh1uV1IhM8oBOywySGZxN78uG21yY%2FuONW7K0MyEtnm%2B5PLLRV1dLyy5cd68DMO%2Fh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7d8c27b15f300b57-AMS
expires: Mon, 17 Jul 2023 10:10:58 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:59:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbkt62kNyd09zuio2D5BNomi4MPNDByCZiZpCn9oSqOmvgfgrgToPMGOWyXW%2Fc7oiKmSsFShY7ByBbb%2F4%2B3ZjeoovSYryqWYp3j78eoH9VapD5BRgCfjIYtD5Q3ZAXy3iFzta71HS93F%2B0mPMK4%3D"}],"group":"cf-nel","max_age":604800}
location: https://koora.kora4live.com/wp-content/uploads/2019/03/1377540190.png
cache-control: max-age=3600
cf-ray: 7d8c27b0ec8eb99a-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Jun 2023 15:59:12 GMT

GET
H3

200

1377539853.png
koora.kora4live.com/wp-content/uploads/2019/03/
Redirect Chain

https://www.kooora4live.com/wp-content/uploads/2019/03/1377539853.png
https://kooora4lives.tv/wp-content/uploads/2019/03/1377539853.png
https://kooora4lives.io/wp-content/uploads/2019/03/1377539853.png
https://koora.kora4live.com/wp-content/uploads/2019/03/1377539853.png

5 KB
5 KB

65ms
64ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koora.kora4live.com/wp-content/uploads/2019/03/1377539853.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460a06d507178049c9664edf2d31fe5e05797032691741a3b21e5eb71d4bc4ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17294
alt-svc: h3=":443"; ma=86400
content-length: 4938
pragma: public
last-modified: Sat, 12 Nov 2022 14:24:09 GMT
server: cloudflare
etag: "636fac89-134a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTCs4f3%2B4bY6clAZCEe0FGvXWZtDblPSXro3x75sHuCar2aZsluncJ6q8Y3r%2BN7S7gNT6tW5uqEUq8WYxCtd4z%2Bk%2BoCn%2BDjJqTJKqYlztAdFKf3LpdsGD9UFPfFOlXugFRa8LAx7J%2Bb8h7iPPJf76FtC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7d8c27b15f2e0b57-AMS
expires: Mon, 17 Jul 2023 10:10:58 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:59:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIR98SnWFF0d%2FUplVKIwI5LBWDV3qt4v8CTCpLWunULVFVl0zvV2TPtJOK6OaWTKt3hfWFFjt4dd503zlkfuy1VpRYDP1VulDZ6JEwjpXsYM3rRaJPpThbSVO5GgqaNg2Bs3BrMtKfQO59VO1Kk%3D"}],"group":"cf-nel","max_age":604800}
location: https://koora.kora4live.com/wp-content/uploads/2019/03/1377539853.png
cache-control: max-age=3600
cf-ray: 7d8c27b0ec8bb99a-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Jun 2023 15:59:12 GMT

GET
H3

200

1401137791.png
koora.kora4live.com/wp-content/uploads/2019/03/
Redirect Chain

https://www.kooora4live.com/wp-content/uploads/2019/03/1401137791.png
https://kooora4lives.tv/wp-content/uploads/2019/03/1401137791.png
https://kooora4lives.io/wp-content/uploads/2019/03/1401137791.png
https://koora.kora4live.com/wp-content/uploads/2019/03/1401137791.png

2 KB
2 KB

65ms
64ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koora.kora4live.com/wp-content/uploads/2019/03/1401137791.png
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5059ee25b1a2668ca83293d97be6c848d4fb5bef1c24d1cd5c5650d96f0ff356

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17294
alt-svc: h3=":443"; ma=86400
content-length: 1613
pragma: public
last-modified: Sat, 12 Nov 2022 14:24:09 GMT
server: cloudflare
etag: "636fac89-64d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmMSSXzZdOd2CvW%2BdXd9XnArx4uHNO69uGzsXf6%2BCRukEilUpdBUfdES1LgRWn4n6YqwuucNzsFxFE%2BcMAjc73VvsXQzxlZLvulSJTYJCMmcATn4nJ3MlZvTGOq97gZQ5L3ZDnnJH0wtaF%2F6PsWBHeZ8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 7d8c27b15f2d0b57-AMS
expires: Mon, 17 Jul 2023 10:10:58 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:59:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43T9ndn%2F%2BScnmvqADXafR9zU5ETwPDIhRAGJpAuK4HoFYLyjG2ypdcyI4Q4U1avQJeBWdCwQ2Yn9JaaW9cdkhHc%2BeYL4DqCm6tA4gmRoVpAac%2B4sPYCyxXq1thvIQNH59qExGa7LQz1fDs84hAg%3D"}],"group":"cf-nel","max_age":604800}
location: https://koora.kora4live.com/wp-content/uploads/2019/03/1401137791.png
cache-control: max-age=3600
cf-ray: 7d8c27b0ec8db99a-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 17 Jun 2023 15:59:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 14:59:11 GMT

GET
H2 200 container.html Show response
9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B627 6 KB
3 KB 63ms
63ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:11 GMT
expires: Sun, 16 Jun 2024 14:59:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
477 B 109ms
109ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kora4live.com_auto_728x90_sticky_display_bottom&pn=2&sn=3&pc=0.12905435264110565&ds=true&e=wdp&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:11 GMT
cf-cache-status: HIT
age: 14370
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27af3adb0b4b-AMS

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
476 B 112ms
112ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=kora4live.com_auto_728x90_sticky_display_bottom&sy=facd7cb8-2ce8-49e5-a823-a9ba493b27c6&ts=40&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=koora.kora4live.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=e5e1a3e5-db1a-4f67-a75c-6396d285a942&e=lm&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:11 GMT
cf-cache-status: HIT
age: 14370
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27af4add0b4b-AMS

GET
H2 200 css
fonts.googleapis.com/ Frame 6804 15 KB
1 KB 42ms
42ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 12:59:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:59:11 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 6804 2 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6804 0
0 108ms
108ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDDK-P8qNZL32E4Gz1wax37igBtr4nLdwktOsv94RwdGNwuk8EAEglZvKIWCRhKCFjBigAdnNp6IDyAEJqQJx_KlKSlmyPuACAKgDAcgDywSqBJECT9C5I-zFEZldi6MjfyiTLErWJgCrKJ7RJrT3bEKqx5HG-MuXTw45xoau-Hubt8MY78mXSxnVRiiAek3GHLFkMrIM0-U83I9WgyoyN9nNJpWXyNMdGe09lTtcSnw6dZgeFmzRPZ-V00UXp0b14CikHKUVCZRE-mM9SaEaaeV-GBZvO6ypQjyGFxj5ol8MxxMZvMjJXfcPIQulOFRgnnoY3MrSWAONU9GTnYajq8LhDYSXT7jK6H5Wtjv2_66PORF4kX7OhGKfDZOWUxxBy9snTeDeNsSqyMUo3jVV29uGEa477vAtverFr7hgY72nkouaaFTOAFcMAhPkZ8f-D2mqhsdfObbr5286EQzBkWiKefD8wASn8ZX3qgTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHj7LYXagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCyyg7SCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsBogwIKgYKBMOwsQLYEwyIFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RM&sigh=DvfbERHSGaU&uach_m=[UACH]&cid=CAQSTABygQiDk1gKkQlQU0Ajs2A1uiy6anoozvNNt616bacC-ty0hKZO4jrc1RjQwm1IXIlLfkgcbvZg2cQAGfgIEnWW7Re3rZ0xJ1FoplcYAQ&template_id=494
Requested by: Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 6804 22 KB
9 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 6804 3 KB
1 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 6804 19 KB
8 KB 35ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6804 178 KB
56 KB 683ms
681ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H2 200 9c81088c85b4e7b59d5cd8ce7f87e269.js Show response
www.gstatic.com/mysidia/ Frame 6804 32 KB
14 KB 193ms
61ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9c81088c85b4e7b59d5cd8ce7f87e269.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13708
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 22:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 03:26:17 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6804 59 KB
59 KB 202ms
59ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQOHrhZNEFDoz7p1oLryUvC3lrNhQzwKpE_o-oby8hMWzGLLYeEvYbIppzQxQ&usqp=CAI

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fef309176b84e3becfb5b63785ae286f17a510eb38155b054c08cdddb0968c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:03:26 GMT
x-content-type-options: nosniff
age: 147346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60164
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 07:20:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Jun 2024 22:03:26 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6804 45 KB
45 KB 208ms
60ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQIDSOG1NsW8EyVHkMIjpEGtOY3Lpg2scYJStsYLVA-cs8kOIB6Qnbdd7kQTg&usqp=CAI

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6eb50ba692e0e4e7660a7ebb85804cdfed896d2b8dc150da134805f7642da75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 22:03:09 GMT
x-content-type-options: nosniff
age: 147363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45625
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 11:38:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 14 Jun 2024 22:03:09 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6804 51 KB
51 KB 228ms
80ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRLhF_R-K_ozBc4BfXkpgXowzNKtiI18O_UadqCeeqz56WPHTkAKH0cWJpBFA&usqp=CAI

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f32aacccb22fd88380978866e36581a1494a59ef160b74616308cae3a5703a9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 00:54:26 GMT
x-content-type-options: nosniff
age: 137086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52127
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 04:15:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 15 Jun 2024 00:54:26 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 6804 56 KB
56 KB 209ms
61ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQyJu1k-lof_wflZuhRY2UfSMELeyuKTTLO5SY_52SauROStd0dRoVS7rgpoMI&usqp=CAI

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b57a780a04985f5a44c98c0abcd409ad555b513211488208ae7af52a267992b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 12:17:58 GMT
x-content-type-options: nosniff
age: 9674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56913
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 03:17:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 16 Jun 2024 12:17:58 GMT

GET
H3

200

14222798899374047344
tpc.googlesyndication.com/simgad/ Frame 6804
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCsivfrDxDgARjgATIIShPuJ_drUMc
https://tpc.googlesyndication.com/simgad/14222798899374047344

7 KB
7 KB

34ms
32ms

Image
image/png

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14222798899374047344

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

234818229ff3ebd4da0498b14c372a0b55ddf4cf892b5288fb15dc2c88742432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 03:25:33 GMT
x-content-type-options: nosniff
age: 300819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6762
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:51:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Jun 2024 03:25:33 GMT

Redirect headers

date: Fri, 16 Jun 2023 22:02:51 GMT
x-content-type-options: nosniff
server: cafe
age: 60980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14222798899374047344
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 16 Jul 2023 22:02:51 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D4D7 33 KB
34 KB 114ms
34ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://koora.kora4live.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 330595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 19:09:17 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 336ms
106ms Script
text/html 149.56.240.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4732763&@f16&@g1&@h1&@i1&@j1687013951906&@k0&@l1&@m%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20-%20%D9%83%D9%88%D8%B1%D8%A9%204%20%D9%84%D8%A7%D9%8A%D9%81%20%E2%80%93%20koora4live%20%D8%A7%D9%87%D9%85%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20kora4live&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:92384894&@b3:1687013952&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.129 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534297.ip-149-56-240.net
Software: /
Resource Hash: bad345135b12943e94e41bb59f3e2b7c80a9285d606e896310b3678e77e5f7cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 14:59:12 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF18 13 KB
5 KB 35ms
33ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 3508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:00:43 GMT
expires: Sun, 16 Jun 2024 14:00:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C39D 783 B
1000 B 149ms
45ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

06a516af7e34074c99d3758845a020f5253a7d0ba9c8a52ba091dbc1197db579

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R2h_7WNr1R4rM9rWt9orJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-R2h_7WNr1R4rM9rWt9orJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:12 GMT
expires: Sat, 17 Jun 2023 14:59:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 6804 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 353d937e813704ea813570b1a089e6e6005768fd8e7dcba7b0a2ec6173d193c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 219C 624 B
288 B 81ms
76ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COHu6N8EEK_W_eQEGNKywOwBMAE&v=APEucNW_fHbLvDDWBza1tFZYlgQPBXGXX5fqgHNB6vr5KEu1mAxBOPthSexYoiO4wk9dzktwxg-Zh-kA4gYmTGjrj322L1yIkcNip2CgykKagoAwXZPtQ-s7Leq_O5gU5a5qEavBjxTKQ2mFSBZ0xVt_e9UGvP2_bTV08bsm3jOkJjdmV6e0LJbzKM8_cS7-oUfKRiOnEnY2CSRyoeAKOFIRvwDd_dTFhg

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B627 78 KB
27 KB 92ms
86ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B627 42 B
63 B 72ms
67ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dzbnd12qZYsQoEArPUbpBrdRyRkR0FlBg-xGXFtMuuCyCrTPZS6LGk5aRwjTcM9553WmwwZQqW_41uaWueGB3ncqYvs6JcQSYJccHconNA0XZibYs

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B627 0
20 B 74ms
68ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8292680742461275562&x=1&ct=76

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame B627 3 KB
1 KB 38ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame B627 19 KB
8 KB 39ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76781
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B627 0
0 117ms
41ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRd7lFOx9sr2rqJXla4y5Z6w73crXXTC3lu4M7ACiVUrxl9_6GAc0HcDSvMCXepalyUlTQxcRNIg1hzSi3XB5zen_FIJw
Requested by: Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B627 178 KB
56 KB 671ms
668ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:12 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
477 B 33ms
33ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kora4live.com_auto_interstitial_desktop&e=nai&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:12 GMT
cf-cache-status: HIT
age: 14371
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27b00b4a0b4b-AMS

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
42ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koora.kora4live.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 158 KB
47 KB 399ms
398ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=824341492987063&correlator=2833900107739567&eid=31075400&output=ldjh&gdfp_req=1&vrg=202306150101&ptt=17&impl=fif&iu_parts=44890869%3A22839284344%2Cca-pub-3831894559014614-tag%2C6e4163c5-e492-434d-9ac7-954bddf9eb34&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=10&adks=2753125384&didk=1549850551&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3De5e1a3e5-db1a-4f67-a75c-6396d285a942%26chrand%3Dy%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D40&eri=1&sc=1&cookie=ID%3Dadffab67079b19b5%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MZN-dOYXTsfyUi4H9gZk25hvjIy4A&gpic=UID%3D00000c4a89933e43%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MZDA-P3tt0eSUOY44PSwqeNSu9HFA&abxe=1&dt=1687013951994&lmt=1687012655&dlt=1687013950310&idt=860&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY6I34zowxSABSAghkEhkKCnB1YmNpZC5vcmcYzJH4zowxSABSAghqEtYBCghydGJob3VzZRLAAUs4bjhDSjROaE9aZVpoYisvekEwUmZZRjUxK0k0L3ZrWVIrVDdKVTYzQ1BSZklFOVIrZVdYc01DWkk4RmxaZThJYjJ5ZDNGa3M5dVJjSmI3VWcvTXVzbFpScUdVeDg3S0oybTJTVzNXd3lXTkhaR2wrc1k2NzZlT2hGMkJLUGZNNERhTCtCWWtDL2VXMnoreWxkMTFRWjRGSkxhZjY0OUNpc1FqL2RFR084OS8zYWtobFhYR0RJc0EzUjNUalltLxirkPjOjDFIABIdCg5lc3AuY3JpdGVvLmNvbRjojfjOjDFIAFICCGQSGQoKdWlkYXBpLmNvbRjojfjOjDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMaP-M6MMUgAUgIIag..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19ca93f8d9d10c735715f86fb60c187a63fceec8e94b8eae15954089209f93d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47945
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://koora.kora4live.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 219C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFF4Kdt_qmmvAaTenpFdmDY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFF4Kdt_qmmvAaTenpFdmDY&google_cver=1&C=1

43 B
632 B

35ms
35ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFF4Kdt_qmmvAaTenpFdmDY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHu6N8EEK_W_eQEGNKywOwBMAE&v=APEucNW_fHbLvDDWBza1tFZYlgQPBXGXX5fqgHNB6vr5KEu1mAxBOPthSexYoiO4wk9dzktwxg-Zh-kA4gYmTGjrj322L1yIkcNip2CgykKagoAwXZPtQ-s7Leq_O5gU5a5qEavBjxTKQ2mFSBZ0xVt_e9UGvP2_bTV08bsm3jOkJjdmV6e0LJbzKM8_cS7-oUfKRiOnEnY2CSRyoeAKOFIRvwDd_dTFhg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:59:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:59:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEFF4Kdt_qmmvAaTenpFdmDY&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 219C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZI3KQCkE-9z92xsLSQHkmAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFF4Kdt_qmmvAaTenpFdmDY&google_cver=1

43 B
632 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFF4Kdt_qmmvAaTenpFdmDY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHu6N8EEK_W_eQEGNKywOwBMAE&v=APEucNW_fHbLvDDWBza1tFZYlgQPBXGXX5fqgHNB6vr5KEu1mAxBOPthSexYoiO4wk9dzktwxg-Zh-kA4gYmTGjrj322L1yIkcNip2CgykKagoAwXZPtQ-s7Leq_O5gU5a5qEavBjxTKQ2mFSBZ0xVt_e9UGvP2_bTV08bsm3jOkJjdmV6e0LJbzKM8_cS7-oUfKRiOnEnY2CSRyoeAKOFIRvwDd_dTFhg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:59:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFF4Kdt_qmmvAaTenpFdmDY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 219C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENMD1qWepG0zfmJZxwED8gI&google_cver=1

43 B
1 KB

118ms
43ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENMD1qWepG0zfmJZxwED8gI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHu6N8EEK_W_eQEGNKywOwBMAE&v=APEucNW_fHbLvDDWBza1tFZYlgQPBXGXX5fqgHNB6vr5KEu1mAxBOPthSexYoiO4wk9dzktwxg-Zh-kA4gYmTGjrj322L1yIkcNip2CgykKagoAwXZPtQ-s7Leq_O5gU5a5qEavBjxTKQ2mFSBZ0xVt_e9UGvP2_bTV08bsm3jOkJjdmV6e0LJbzKM8_cS7-oUfKRiOnEnY2CSRyoeAKOFIRvwDd_dTFhg

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:59:12 GMT
AN-X-Request-Uuid: 697b18ba-1144-41f2-a3b9-b4438c0221ea
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENMD1qWepG0zfmJZxwED8gI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 219C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY0ODM4MjcxOTMzMTM4Njg2OA%3D%3D

170 B
243 B

46ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY0ODM4MjcxOTMzMTM4Njg2OA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 14:59:12 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.145; 31.204.150.145; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5692f5aa-c1fc-4355-b6b9-9d9ec6e53a5a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY0ODM4MjcxOTMzMTM4Njg2OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame AF18 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B627 0
20 B 82ms
82ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4632799951231&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B627 0
20 B 79ms
78ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4632799951231&version=m202301230201&ct=76&x=1&cor=8292680742461275000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B627 85 KB
36 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cly-G9wRsIJ-NbR3hwHVAga-xg6Q1f2Hxox0OdoUELeVjCdyWABtiCU2_0t2rk7iWfF6p9Jm_6aTyxtXiWPcwegqfVTQ&cry=1&dbm_d=AKAmf-DczZWfSrKyDfE3nJTn4zsOEiRa841lkc-u1wB54Llf_Pdq3kc7NACc1LcBFiT45cLPih-ohZovYpi7ZyelhKRf5wouncnS5f05riH1d3mhTb0CmHK_iB2_X_6DF010VcYABQpB35kLl8wtQWsCAQGgZ0DvWIOU7pfzcLTOJDvZ9gzwLzkZR9eTl0HCHKaHoQhmYdG9xER5zLdpcrnkhTQibMZTlsHuj1tqrW-ohPDKwHisZA9FFIDiWYOtT80dI0WrGWF8sqN8JTVHixKPiTi5_9h8x3EA5VkN8JopWPdwc28clbRmTWhFPx8IWK0cL9I6W5JL6DUEag_WEoehZtCH9OYGPmAwQ18xoD2ozIC0VlSMUF3h5kVYvOErDqAgGolUZ4OpNZPKUu2_H3qr4po01raelkalgnz7n4wz_rRm4Pl4KE4PLGTPQOvbK0vRoMbU-Z4iPdYNjFIwFZy8SCsL6ugDDzdvGjRZcMzioLiPyfWDJ6h5u_rzD7018KAwIIPpyCFFGkOJTGRmyKbWiz-oYVTFPliYbeuPjgY7JXWrvvpTIteQ2rlPfoT0GfvcZ5dlv8I3mPIYmLAnGhushURBfbMyw2Nt-Bx5EiMkSUT4M-lyESv31rrtb8Mqk80pYIYUYUzJKJiGIhk2p25-VDkyfpBo5gXzlSilvGB4jU4JQr2Hcf5MougQJwGAmJJE1PCrJMMmoG4qHfWwjOkLqOlosdKemkQkDjP2GdQhjb8DkUaPWJ03LzTAZB6yuagp5iG5wHixqUFBPR03pHSm8JZLcUdlMoB74QE6-NDyBgwLfVzbrHQQHctnZ331w4DJFtcbg5pK789ZJ75UiwXAtgMh45X1Ppe_O0fm_dbyEJFFTRbLA7ANM6iQD2ho1TIdPIk6XsT6bWpb_VCnseN8W9Lhnt867ghm0JGZ6QXPO932E9QgFFkVjmdi6tJ49oQaHrNTRClyMbWDYGFJM00zQVBiWLZgAV7g68MVW-X1USIxunmWCai8FC4uwij0TjlQokq398LY0FMyK53aXWLAmxrvlfvIurVWlJBLTbvEsn3oQt7aEqxSoKr4oTPPqB8gbHfaomHqa7m2Xlns_Bd-H0ffsyf82SmPE2nWgISx1hw2I7EFbzFCYHGlthR7e7OeoJ6R3cK7_cQMiwcSBJaAlVClJUgBcDdMPKA2hDvdX_iR8Y8ghorLR0MwdmUMVm3r6lZ6m-8U4FrLw8a5hCg3hBlGIciWYx_FtFjwoiS5O14tapxIJNIrQBI_1TS2llAIty8foIPAVWoACYxfkaxDVawa7S2cbtbWvuPHQ_BmLmamV8xqIa7UVtG3djK2EUPEUObh9wTg9TM0s7sZo9GG6pbfByb-KYEIllCBhPTxnTJ9mlZ98R9kdro_ren_9asU3T2y2fE7hDAmrFBywnlS82_hmJOWLJQxfCHtr82Zi6ePvbVwcVu1eV6tn-DRbV4-EowxPCSPM0PpgnXozW6_JKo-oAe601ydJxaBDpf2bAin3RPAhZQSBiU3u2Amnq8aysIseXgGnL9IU-hK_uGHf2XME7liby_AW3bl-LSwgnn4KtiKSQ6ljNCsnzChMHlmW4mtKRFhQBrp0aEyOM2y2Uw1nemtAd9FRuQhe1EMrsdJj2VPKdBXvqgZBKS0_m4vonRGeEygWQC6qB5PfliqZpKtdwfbEPJJ4olP47n1BOnu-rInf11viK8P9CiZNXXTjimfb6NwklJMpxkV-3ftpYAvbocvWUR9U545py8vIWol7cPtHEHNW-203TL9nKbF6ERWi-r-4SDz5YlcHUhhtvObrLkh7WspsNkrvm41MQKZnWAxu12bSQSWuzaN4Li2W8IUZjnbKIN6LHY2fXIjCMe0yP30tH5KNy1WT6AGEC9F_ifI3h5XcrNn3oN23a_IyFZ8VsAnEn1fFTN8zPCcotqDz9SQkD6YFPkoOcj96AAB103ZBvHOOTFffnEG2ODkLL2jbVsG0CQmXfekcTgd3Oifm-FibdHIgI3MpZTKxulBIIAK4Mf0Nz2vTn6a2SphcQQTtj4otorsjalEYDXs0QKlIvqKi5w5dqtY37uzt1IGdbyHPoWAecxzptw2Sp4lIA3_yYEP9XZmcVXs04Vqf8eBtDaPka9dmZYahzQ2H3r1hn9KJpzBBSO87Qf5JNLinA1MWo0xluY-WnVtTy1RIn5YcfGBSebrqaUO8efkjiI2BHOR_SsgMR8yPzLKCiGuIO_h0LgHcXsG5v9VF8sXEseAQblpC9ASQ-c97k71Fi8kHppg3a4qFVW0VYBSasCO5D4d73abXXKg7LTQFC9F45YJpkMYZcNXqVVtDCK64zuLb04eBkPLTp_NJ3KedoEaNDBSNM9kZOjvynNA1q4p41Cx5JcYThcv1-HuuTIxxap8LxPzerwKtTj4NPV6HR5abBcuhFTqWjDF1yR0G5rd0bdztZNYBj1N-SDKFI2Tgo3bn77ixcRKPfQPS9mr-2D2JJXdLLGX7WJy4j-2IbOha9xu0985UsFq4N4WARgK53_IQlyfDcCdKCRZI0IGxex9V7BmEPYLiPYK0wRzzSQNKS2hnXsLjuoodS8qaWChrx6-Vi9toHk8cGRUDciFngNK98VatW4V9uQAUtkiOpAuDS43jmAYeb-QEysANGLeRWXIYP1_vbop9FekiYksVxO6NPo3vqZQ-mbdtAZLj4nwyuQjdV-lw8kt41aq4OGuPTuvBdDZT2BgrYE6Lvri_dQt531M7XVALGyHNILX-yvpIyiy-mGr-JweicV361ADZkMt-uujdcbg717TqJBLbkPfd7zKw3MHmVN6UXYhoSfeoQnjPo0MSp1dOSUKyfelfFvcWQYWj1WiKs0vH4s8FShjoT5CXgmsrZfghBWfUQ-l7pAObluCthNAbgq9S-GJAyiIdmN-NDBSO6o8PC-LhbTklag2RebdPcmVdQOn-blkzJ8T7dOzzElBNx8uUzDoDkXIol37AJzDYnsC3ZaIFglt-1niTXno0yGyaED0rJjX3D6gItg0XXoAuDaFSoX8OCGvOIoUt-3r4SGVVgmTaILqasgxMupi_dJsGbIlXrj-ubFzHKAlY_i-6OKsqRKquJ7UTp5s6yJDk7LAZs9uuDB2C97wj9lPIELi2saht0mp132ckek2m0LPXF11eyPQQw8w5mg8u930osPgPt1BcUwumH7c92A9jdF9M9MKcRGByqj5Q3EuSmJpp_Jn0kgfnW4_cxf-RTrelEbZmhAtK_MN25zcqw_1_ks6wU4yArORlndnt8wka0WIOmpsbsTK0eWrheBdQw3-c6iJsPaxmzpnh11btVdnb4JMibLp29pN8UULIh7TacHA8__TjyRr-oxRkwP2Cs51T_1LLF88gX9hrzEmg3VmOruvuzpW3CMEgaDKkR0VHxNyOUQXd-rOReqbyifq0c0UW4AsJtk-5_ApA6xpPKN0BRU8UtYTnpiBU1doUEKtzW7y79S_cYFrdqM--w-lC5wPjhc7ysRqz-Y6nrRGVUtv&cid=CAQSPABygQiD8CP6HjGM3dWjs513sE6sbJkDq4b-DHU2pyVEE-dZ6rHpMmknPU6lJ1QMY_w7PPmU6rMgrtAtzhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoora.kora4live.com%2F&ds=l&xdt=1&iif=1&cor=8292680742461275000&adk=2228999115&idt=135&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2869a662006d31f5256fc0e5953fbbda18b06ef2a7d2e156f49ad8976287dbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36521
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
553 B 120ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=koora.kora4live.com&callback=_gfp_s_&client=ca-pub-3619133031508264&cookie=ID%3Dadffab67079b19b5%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MZN-dOYXTsfyUi4H9gZk25hvjIy4A&gpic=UID%3D00000c4a89933e43%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MZDA-P3tt0eSUOY44PSwqeNSu9HFA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3619133031508264&plah=koora.kora4live.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d50d330238ad30628da3a5fdb4fbabe96baaeb17a44f1cbfd2b3a3b58adb8553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 53ms
52ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koora.kora4live.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 80ms
79ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=demand-supply__sd%20demand-supply__sd--bottom%20demand-supply__sd--active&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91A7 402 KB
68 KB 593ms
589ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619133031508264&output=html&adk=1812271804&adf=3025194257&lmt=1687012655&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fkoora.kora4live.com%2Fmatches-today-h2%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1687013951704&bpp=2&bdt=1394&idt=412&shv=r20230614&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dadffab67079b19b5%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MZN-dOYXTsfyUi4H9gZk25hvjIy4A&gpic=UID%3D00000c4a89933e43%3AT%3D1687013951%3ART%3D1687013951%3AS%3DALNI_MZDA-P3tt0eSUOY44PSwqeNSu9HFA&nras=1&correlator=1423665143511&frm=20&pv=2&ga_vid=651942672.1687013951&ga_sid=1687013951&ga_hid=401418925&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31074580%2C42531706%2C44788442&oid=2&pvsid=824341492987063&tmod=152745476&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=9&uci=a!9&fsb=1&dtd=453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07c2263dc63f637c2829a80956bc49d3013a8793515e10a16ab8932380137c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 70106
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9C2C 6 KB
3 KB 63ms
62ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:11 GMT
expires: Sun, 16 Jun 2024 14:59:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
477 B 43ms
43ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=kora4live.com_fluid_sq_ads&pn=2&sn=3&pc=0.12641112804412843&ds=true&e=wdp&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:12 GMT
cf-cache-status: HIT
age: 14371
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27b15bdc0b4b-AMS

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 43ms
43ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=kora4live.com_fluid_sq_ads&sy=facd7cb8-2ce8-49e5-a823-a9ba493b27c6&ts=40&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=koora.kora4live.com&mlre=undefined&mlin=0&mlsi=1024x280&mlbw=4g&mlcs=NaN&mltp=e5e1a3e5-db1a-4f67-a75c-6396d285a942&e=lm&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:12 GMT
cf-cache-status: HIT
age: 14371
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27b15bdd0b4b-AMS

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C39D 0
0 71ms
71ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306150101&jk=824341492987063&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B627 111 KB
39 KB 154ms
33ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
Origin: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 10:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Jun 2023 10:17:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame B627 11 KB
4 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cly-G9wRsIJ-NbR3hwHVAga-xg6Q1f2Hxox0OdoUELeVjCdyWABtiCU2_0t2rk7iWfF6p9Jm_6aTyxtXiWPcwegqfVTQ&cry=1&dbm_d=AKAmf-DczZWfSrKyDfE3nJTn4zsOEiRa841lkc-u1wB54Llf_Pdq3kc7NACc1LcBFiT45cLPih-ohZovYpi7ZyelhKRf5wouncnS5f05riH1d3mhTb0CmHK_iB2_X_6DF010VcYABQpB35kLl8wtQWsCAQGgZ0DvWIOU7pfzcLTOJDvZ9gzwLzkZR9eTl0HCHKaHoQhmYdG9xER5zLdpcrnkhTQibMZTlsHuj1tqrW-ohPDKwHisZA9FFIDiWYOtT80dI0WrGWF8sqN8JTVHixKPiTi5_9h8x3EA5VkN8JopWPdwc28clbRmTWhFPx8IWK0cL9I6W5JL6DUEag_WEoehZtCH9OYGPmAwQ18xoD2ozIC0VlSMUF3h5kVYvOErDqAgGolUZ4OpNZPKUu2_H3qr4po01raelkalgnz7n4wz_rRm4Pl4KE4PLGTPQOvbK0vRoMbU-Z4iPdYNjFIwFZy8SCsL6ugDDzdvGjRZcMzioLiPyfWDJ6h5u_rzD7018KAwIIPpyCFFGkOJTGRmyKbWiz-oYVTFPliYbeuPjgY7JXWrvvpTIteQ2rlPfoT0GfvcZ5dlv8I3mPIYmLAnGhushURBfbMyw2Nt-Bx5EiMkSUT4M-lyESv31rrtb8Mqk80pYIYUYUzJKJiGIhk2p25-VDkyfpBo5gXzlSilvGB4jU4JQr2Hcf5MougQJwGAmJJE1PCrJMMmoG4qHfWwjOkLqOlosdKemkQkDjP2GdQhjb8DkUaPWJ03LzTAZB6yuagp5iG5wHixqUFBPR03pHSm8JZLcUdlMoB74QE6-NDyBgwLfVzbrHQQHctnZ331w4DJFtcbg5pK789ZJ75UiwXAtgMh45X1Ppe_O0fm_dbyEJFFTRbLA7ANM6iQD2ho1TIdPIk6XsT6bWpb_VCnseN8W9Lhnt867ghm0JGZ6QXPO932E9QgFFkVjmdi6tJ49oQaHrNTRClyMbWDYGFJM00zQVBiWLZgAV7g68MVW-X1USIxunmWCai8FC4uwij0TjlQokq398LY0FMyK53aXWLAmxrvlfvIurVWlJBLTbvEsn3oQt7aEqxSoKr4oTPPqB8gbHfaomHqa7m2Xlns_Bd-H0ffsyf82SmPE2nWgISx1hw2I7EFbzFCYHGlthR7e7OeoJ6R3cK7_cQMiwcSBJaAlVClJUgBcDdMPKA2hDvdX_iR8Y8ghorLR0MwdmUMVm3r6lZ6m-8U4FrLw8a5hCg3hBlGIciWYx_FtFjwoiS5O14tapxIJNIrQBI_1TS2llAIty8foIPAVWoACYxfkaxDVawa7S2cbtbWvuPHQ_BmLmamV8xqIa7UVtG3djK2EUPEUObh9wTg9TM0s7sZo9GG6pbfByb-KYEIllCBhPTxnTJ9mlZ98R9kdro_ren_9asU3T2y2fE7hDAmrFBywnlS82_hmJOWLJQxfCHtr82Zi6ePvbVwcVu1eV6tn-DRbV4-EowxPCSPM0PpgnXozW6_JKo-oAe601ydJxaBDpf2bAin3RPAhZQSBiU3u2Amnq8aysIseXgGnL9IU-hK_uGHf2XME7liby_AW3bl-LSwgnn4KtiKSQ6ljNCsnzChMHlmW4mtKRFhQBrp0aEyOM2y2Uw1nemtAd9FRuQhe1EMrsdJj2VPKdBXvqgZBKS0_m4vonRGeEygWQC6qB5PfliqZpKtdwfbEPJJ4olP47n1BOnu-rInf11viK8P9CiZNXXTjimfb6NwklJMpxkV-3ftpYAvbocvWUR9U545py8vIWol7cPtHEHNW-203TL9nKbF6ERWi-r-4SDz5YlcHUhhtvObrLkh7WspsNkrvm41MQKZnWAxu12bSQSWuzaN4Li2W8IUZjnbKIN6LHY2fXIjCMe0yP30tH5KNy1WT6AGEC9F_ifI3h5XcrNn3oN23a_IyFZ8VsAnEn1fFTN8zPCcotqDz9SQkD6YFPkoOcj96AAB103ZBvHOOTFffnEG2ODkLL2jbVsG0CQmXfekcTgd3Oifm-FibdHIgI3MpZTKxulBIIAK4Mf0Nz2vTn6a2SphcQQTtj4otorsjalEYDXs0QKlIvqKi5w5dqtY37uzt1IGdbyHPoWAecxzptw2Sp4lIA3_yYEP9XZmcVXs04Vqf8eBtDaPka9dmZYahzQ2H3r1hn9KJpzBBSO87Qf5JNLinA1MWo0xluY-WnVtTy1RIn5YcfGBSebrqaUO8efkjiI2BHOR_SsgMR8yPzLKCiGuIO_h0LgHcXsG5v9VF8sXEseAQblpC9ASQ-c97k71Fi8kHppg3a4qFVW0VYBSasCO5D4d73abXXKg7LTQFC9F45YJpkMYZcNXqVVtDCK64zuLb04eBkPLTp_NJ3KedoEaNDBSNM9kZOjvynNA1q4p41Cx5JcYThcv1-HuuTIxxap8LxPzerwKtTj4NPV6HR5abBcuhFTqWjDF1yR0G5rd0bdztZNYBj1N-SDKFI2Tgo3bn77ixcRKPfQPS9mr-2D2JJXdLLGX7WJy4j-2IbOha9xu0985UsFq4N4WARgK53_IQlyfDcCdKCRZI0IGxex9V7BmEPYLiPYK0wRzzSQNKS2hnXsLjuoodS8qaWChrx6-Vi9toHk8cGRUDciFngNK98VatW4V9uQAUtkiOpAuDS43jmAYeb-QEysANGLeRWXIYP1_vbop9FekiYksVxO6NPo3vqZQ-mbdtAZLj4nwyuQjdV-lw8kt41aq4OGuPTuvBdDZT2BgrYE6Lvri_dQt531M7XVALGyHNILX-yvpIyiy-mGr-JweicV361ADZkMt-uujdcbg717TqJBLbkPfd7zKw3MHmVN6UXYhoSfeoQnjPo0MSp1dOSUKyfelfFvcWQYWj1WiKs0vH4s8FShjoT5CXgmsrZfghBWfUQ-l7pAObluCthNAbgq9S-GJAyiIdmN-NDBSO6o8PC-LhbTklag2RebdPcmVdQOn-blkzJ8T7dOzzElBNx8uUzDoDkXIol37AJzDYnsC3ZaIFglt-1niTXno0yGyaED0rJjX3D6gItg0XXoAuDaFSoX8OCGvOIoUt-3r4SGVVgmTaILqasgxMupi_dJsGbIlXrj-ubFzHKAlY_i-6OKsqRKquJ7UTp5s6yJDk7LAZs9uuDB2C97wj9lPIELi2saht0mp132ckek2m0LPXF11eyPQQw8w5mg8u930osPgPt1BcUwumH7c92A9jdF9M9MKcRGByqj5Q3EuSmJpp_Jn0kgfnW4_cxf-RTrelEbZmhAtK_MN25zcqw_1_ks6wU4yArORlndnt8wka0WIOmpsbsTK0eWrheBdQw3-c6iJsPaxmzpnh11btVdnb4JMibLp29pN8UULIh7TacHA8__TjyRr-oxRkwP2Cs51T_1LLF88gX9hrzEmg3VmOruvuzpW3CMEgaDKkR0VHxNyOUQXd-rOReqbyifq0c0UW4AsJtk-5_ApA6xpPKN0BRU8UtYTnpiBU1doUEKtzW7y79S_cYFrdqM--w-lC5wPjhc7ysRqz-Y6nrRGVUtv&cid=CAQSPABygQiD8CP6HjGM3dWjs513sE6sbJkDq4b-DHU2pyVEE-dZ6rHpMmknPU6lJ1QMY_w7PPmU6rMgrtAtzhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fkoora.kora4live.com%2F&ds=l&xdt=1&iif=1&cor=8292680742461275000&adk=2228999115&idt=135&cac=0&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:36:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame B627 29 KB
11 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:36:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11316
x-xss-protection: 0
server: cafe
etag: 309758756414748794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:36:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B627 41 KB
15 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 07:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 07:39:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 673D 1 KB
643 B 52ms
52ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Sun, 18 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B627 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cabceb7b4c87ce82b75e1ea10ad6edeaa13a5f6fc7537e8b3cd852d33c046bbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 9C2C 22 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 9C2C 109 KB
38 KB 135ms
74ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
Origin: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 04:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Jun 2023 04:35:05 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9C2C 24 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:46:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141176
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jun 2024 23:46:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C2C 178 KB
56 KB 260ms
260ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DCA5 22 KB
8 KB 34ms
33ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 86278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 15:01:14 GMT
expires: Sat, 15 Jun 2024 15:01:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 673D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDm6ChzIcrdxJkPxUyehptg&google_cver=1&google_push=ATf1kGN1g1I0z-o3KW6yCcPyOn3-KCYk6_8cK-i0PoBLUXoZuw4HuNbXpFa0OydcAnzh3eiOv3Drerig6n-5uxl3E9Y1whZAqFr5cR...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7D68715625AF4450B50C70D793506259&google_push=ATf1kGN1g1I0z-o3KW6yCcPyOn3-KCYk6_8cK-i0PoBLUXoZuw4HuNbXpFa0OydcAnzh3eiOv3Drerig6n-5uxl...

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7D68715625AF4450B50C70D793506259&google_push=ATf1kGN1g1I0z-o3KW6yCcPyOn3-KCYk6_8cK-i0PoBLUXoZuw4HuNbXpFa0OydcAnzh3eiOv3Drerig6n-5uxl3E9Y1whZAqFr5cRWh1koP0-vCiUgIKXGH93Ru2mhb6ik43-wJnT525LfE

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:59:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7D68715625AF4450B50C70D793506259&google_push=ATf1kGN1g1I0z-o3KW6yCcPyOn3-KCYk6_8cK-i0PoBLUXoZuw4HuNbXpFa0OydcAnzh3eiOv3Drerig6n-5uxl3E9Y1whZAqFr5cRWh1koP0-vCiUgIKXGH93Ru2mhb6ik43-wJnT525LfE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 16 Jun 2023 14:59:12 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 673D 70 B
265 B 135ms
42ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECq538w95SFIHhce5OX8fG0&google_cver=1&google_push=ATf1kGPwVJgMnAJx3I1KVLtBgw4j-ynycVBs1aH4WO0i9IEwmx8_nPKKANjSaSOKefUqfAjS8gVjXVHRBXn06ceZZrOoKI9VZB9kFr_ycVBNpJ1qIEDjZYa1rH25aXh6UJcWiVflYQJCsMI
Requested by: Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 673D
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELafphvotlVx8jklaYfN_9c&google_cver=1&google_push=ATf1kGNr4BuUqCHpL6enYEaJ9t0dvdmfO6B-3ouyF_zYBpipvp6JXsa-fOkuI7L0DRyqi9liqPL6wgnBe2mrCg_wkjFX...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELafphvotlVx8jklaYfN_9c&google_cver=1&google_push=ATf1kGNr4BuUqCHpL6enYEaJ9t0dvdmfO6B-3ouyF_zYBpipvp6JXsa-fOkuI7L0DRyqi9liqPL6wgnBe2mrCg...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNr4BuUqCHpL6enYEaJ9t0dvdmfO6B-3ouyF_zYBpipvp6JXsa-fOkuI7L0DRyqi9liqPL6wgnBe2mrCg_wkjFXGTUMxz4BVK0SXqev841Utec7deoQEtm_9Lgza-b88u...

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNr4BuUqCHpL6enYEaJ9t0dvdmfO6B-3ouyF_zYBpipvp6JXsa-fOkuI7L0DRyqi9liqPL6wgnBe2mrCg_wkjFXGTUMxz4BVK0SXqev841Utec7deoQEtm_9Lgza-b88umqvXkklN4W&google_hm=VNxChZtwRfeI4aDJaSZbCg==

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGNr4BuUqCHpL6enYEaJ9t0dvdmfO6B-3ouyF_zYBpipvp6JXsa-fOkuI7L0DRyqi9liqPL6wgnBe2mrCg_wkjFXGTUMxz4BVK0SXqev841Utec7deoQEtm_9Lgza-b88umqvXkklN4W&google_hm=VNxChZtwRfeI4aDJaSZbCg==
date: Sat, 17 Jun 2023 14:59:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 673D
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESECK2SKa9-S0joiK7E4cg_5g&google_cver=1&google_push=ATf1kGPHSiIK-jI33Pqd_QXQ-nHRLsm8NOem1ic61ih-Oe7jGbuty5x-apvGxYI60zXLe3kUb_sJhlv5jYMPsLrL8XZC-LT...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECK2SKa9-S0joiK7E4cg_5g&google_cver=1&google_push=ATf1kGPHSiIK-jI33Pqd_QXQ-nHRLsm8NOem1ic61ih-Oe7jGbuty5x-apvGxYI60zXLe3kUb_sJhlv5jYMPsLrL8XZC-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPHSiIK-jI33Pqd_QXQ-nHRLsm8NOem1ic61ih-Oe7jGbuty5x-apvGxYI60zXLe3kUb_sJhlv5jYMPsLrL8XZC-LT8e97uZrZ...

170 B
188 B

44ms
43ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPHSiIK-jI33Pqd_QXQ-nHRLsm8NOem1ic61ih-Oe7jGbuty5x-apvGxYI60zXLe3kUb_sJhlv5jYMPsLrL8XZC-LT8e97uZrZ1BxW222W9etp8SNgS6wKXKyp70psr31SOoMzzcnkN

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPHSiIK-jI33Pqd_QXQ-nHRLsm8NOem1ic61ih-Oe7jGbuty5x-apvGxYI60zXLe3kUb_sJhlv5jYMPsLrL8XZC-LT8e97uZrZ1BxW222W9etp8SNgS6wKXKyp70psr31SOoMzzcnkN
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 673D
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDADW5wA0b_eLCs4ru-6BvI&google_cver=1&google_push=ATf1kGNkeAbrKXAOZs5BaJOsDQoG9o_pNA7jajyTprzZFWV-SjCUjadaFAse1Csxv7ZxyrpNgZM87FV3NJFhopnuz...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDADW5wA0b_eLCs4ru-6BvI&google_cver=1&google_push=ATf1kGNkeAbrKXAOZs5BaJOsDQoG9o_pNA7jajyTprzZFWV-SjCUjadaFAse1Csxv7ZxyrpNgZM87FV3NJFhopnuz...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNkeAbrKXAOZs5BaJOsDQoG9o_pNA7jajyTprzZFWV-SjCUjadaFAse1Csxv7ZxyrpNgZM87FV3NJFhopnuzVf7JbKojUWFixdorG3Oiddt3p7INQlffCem6cIMztBH6...

170 B
188 B

44ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNkeAbrKXAOZs5BaJOsDQoG9o_pNA7jajyTprzZFWV-SjCUjadaFAse1Csxv7ZxyrpNgZM87FV3NJFhopnuzVf7JbKojUWFixdorG3Oiddt3p7INQlffCem6cIMztBH6TDD6hCh6kV4&google_hm=G1NjrGZHv9by5NE6TSyD2GY3

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 14:59:12 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNkeAbrKXAOZs5BaJOsDQoG9o_pNA7jajyTprzZFWV-SjCUjadaFAse1Csxv7ZxyrpNgZM87FV3NJFhopnuzVf7JbKojUWFixdorG3Oiddt3p7INQlffCem6cIMztBH6TDD6hCh6kV4&google_hm=G1NjrGZHv9by5NE6TSyD2GY3
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 673D
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEqHo5rasnh1-9q99VnlAd0&google_cver=1&google_push=ATf1kGOlC8wDopcR6ovSm8WNmYZXFIDj4JVTfW615tuZuFhVGOdV4Tl-aKa7QdcZ_dQc_N06K8UBlwBruv2w9kJWPyPZlLr3Bs...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOlC8wDopcR6ovSm8WNmYZXFIDj4JVTfW615tuZuFhVGOdV4Tl-aKa7QdcZ_dQc_N06K8UBlwBruv2w9kJWPyPZlLr3Bsw...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY3NDYwNTg1NTUwOTI3MDM2NzMwOA%3D%3D&google_push=ATf1kGOlC8wDopcR6ovSm8WNmYZXFIDj4JVTfW615tuZuFhVGOdV4Tl-...

170 B
188 B

45ms
45ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY3NDYwNTg1NTUwOTI3MDM2NzMwOA%3D%3D&google_push=ATf1kGOlC8wDopcR6ovSm8WNmYZXFIDj4JVTfW615tuZuFhVGOdV4Tl-aKa7QdcZ_dQc_N06K8UBlwBruv2w9kJWPyPZlLr3Bsw7K4KKsvPciqc2gDJapyUkt4_s-80NE8S3bPzHl96Rqpdv

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY3NDYwNTg1NTUwOTI3MDM2NzMwOA%3D%3D&google_push=ATf1kGOlC8wDopcR6ovSm8WNmYZXFIDj4JVTfW615tuZuFhVGOdV4Tl-aKa7QdcZ_dQc_N06K8UBlwBruv2w9kJWPyPZlLr3Bsw7K4KKsvPciqc2gDJapyUkt4_s-80NE8S3bPzHl96Rqpdv
date: Sat, 17 Jun 2023 14:59:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 673D
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEEY58-jRMpLwsM7x9EamLrw&google_cver=1&google_push=ATf1kGMroxnr1Qr03gOkq7t9sTL8zM6ZDBom24-tIB-8KevQemFFa672mGQ7lwfNcqh7-yZmxAUrt...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEEY58-jRMpLwsM7x9EamLrw&google_push=ATf1kGMroxnr1Qr03gOkq7t9sTL8zM6ZDBom24-tIB-8KevQemFFa672mGQ7lwfNcqh7-yZmxAUrt...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGMroxnr1Qr03gOkq7t9sTL8zM6ZDBom24-tIB-8KevQemFFa672mGQ7lwfNcqh7-yZmxAUrtQ8hBReImdOrqk1KLZ4F5yodJxDmLwNZkR-3EN_FPdePLrQCyBp...

170 B
188 B

44ms
43ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGMroxnr1Qr03gOkq7t9sTL8zM6ZDBom24-tIB-8KevQemFFa672mGQ7lwfNcqh7-yZmxAUrtQ8hBReImdOrqk1KLZ4F5yodJxDmLwNZkR-3EN_FPdePLrQCyBpr-LhWZXF4CL_b7eMMJQ&google_hm=ZmliUnNlSGlaSGZnR3Q0bk1sSEw=

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:59:13 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=ATf1kGMroxnr1Qr03gOkq7t9sTL8zM6ZDBom24-tIB-8KevQemFFa672mGQ7lwfNcqh7-yZmxAUrtQ8hBReImdOrqk1KLZ4F5yodJxDmLwNZkR-3EN_FPdePLrQCyBpr-LhWZXF4CL_b7eMMJQ&google_hm=ZmliUnNlSGlaSGZnR3Q0bk1sSEw=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 286
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 673D 0
50 B 41ms
41ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jsqh6oiYi6VmM99myTEQIgxzaG9wHuTlnZ_j2h3p5_NBSLcVP1mfRnxh6YbNwYnVVIDXEs9g

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 container.html Show response
9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4DB6 6 KB
3 KB 61ms
61ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306150101/pubads_impl.js?cb=31075400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:11 GMT
expires: Sun, 16 Jun 2024 14:59:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
478 B 37ms
37ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.2&b=3&r=kora4live.com_auto_interstitial_desktop&sy=facd7cb8-2ce8-49e5-a823-a9ba493b27c6&ts=40&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=koora.kora4live.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=e5e1a3e5-db1a-4f67-a75c-6396d285a942&e=lm&dsReferer=a29vcmEua29yYTRsaXZlLmNvbS9tYXRjaGVzLXRvZGF5LWgyLw==
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.16.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-nf-request-id: 01H2KN02RCHXB2NSDGS1NMJTT8
date: Sat, 17 Jun 2023 14:59:12 GMT
cf-cache-status: HIT
age: 14371
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6eaadfe791d75e3893e524a342d68ef6-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7d8c27b2dc8b0b4b-AMS

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AF18 0
10 B 32ms
31ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SCen_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame DCA5 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13697087128816370003/728x90px/ Frame 4348 6 KB
2 KB 155ms
33ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eab55c1a7bd837cda1f735f9c1b59c9bf20861dba91fe8c782ae6825a8173188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 54715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2008
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 23:47:17 GMT
expires: Sat, 15 Jun 2024 23:47:17 GMT
last-modified: Tue, 30 May 2023 11:00:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B627 0
0 377ms
106ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkHo1G5eNA9n2YorzY5J3GYDlKVf-xV7AzGa5i9m0MMZk49VjpNpwzzMQHvOHD-rQ9D83PHdfPqGMxNvmtZRiTysDmnEeSRhcRj4_4PC_SGsxtOp6030sJF3GIKd5osbhi0ZOubVb4dFfkJ5QNSMHvv8_U1VJuSKJCN-lQZLTij8BJqcRAZsVDDEoqjfJH74EdmzZenA45b_ngPP0lWsZZqNaUX6jRStJoulWxAoQt956OR8uaDCoNrI9nGwDUlvT_tOq3h-WXhFnrecS7lh_l2KAbkqVrKaqlh6qTOkgOwfN3oJBSfSqtfh5PDFukxt1GR4kAkO2NMzSMRFsBK9DVDGScTLfKWNO1Un-DnO2o-yhK6yLm7BWORsZXGCOW6F-YdF3hoKI6M5lNw9hgts52jeMLOtUAJlMozHCdQsDDfTCRyQSpgiqb9Qcq0bcXXcQCPKZhnqJwwgyfhH1uMnpf0qTsalM6l5wbCl8nJgRfKvI2fciI6Ssekz2qBHHdvm0IFiLx6latzHgtkkZKPOpFV7ZSkAURlDR7izZOdojbUDbjPpCXi_ErsL023B3FQP6QqWWJh3Z6Z9rj_PSdf4WVQGxkd9hp_PG9LMfxTK6vmXCxbI0T9KBtQDOVygt98W4wLb3hre438GlPUN7UPUZqEegpfD2tbrNTL0S4AORbm9sLs7zhX6ETIvN3URzYMVrqKxVA1-k1iECWPiYQcKqW8ny7109q8jipzCHcdhXYIg-lLJO812tWgrl_5s9COtiEshMd5AFjY8vllbj3C3UGCtfyYI6_3JLeP9LkohT6VQq0nzEkd0zhOUe3g2dMNwYDXauDad13HMrapmHQVfKJA1Ia8ypjrUJQksQ3xt2DE6oqLCKhzhxnGghJBZqCs6uVKyXlAjPoQEcc6slw9fG3nIgPIkXlDReBreJvYzaVTMZJWjwewfgwXHjJth7vR26VDfMSF6sY89Mybzmr7WGdLG_OCZAArzaG8M-J5NAmB23IpuhOkVqqSU_nvalAzFHXKKG6kIMFMyrXax-Dh5pCcdBJuGDVSLZ5c_34tRyJD0Nnokh0udHb41PZ3twRGP_mLYRUkSvt46qJzJtTbhEKmv1ZW-5sGEKC0tUIpt582U7WQEvWd1u13gqoBFUMjNxMFlWBaiKXmckVXyZPDdhWjKRxBfpYzBIAsLxQ2LEb1op4rgd9iHsy9AvcbpDagrXX4TPtY-Co1OxsOlwPGY2YMhGmMBdbZE0JOX2m_5ns8i-rqSgJlvvrhDmp4qeL5sctTugPPhk4ezpLtzae0-Ld-w&sai=AMfl-YRkAUXQog2GFpWp35L4qU98SXLXczWrEizBklFfjeoTYnxzrvHmpkETY53rvSSU8PC-FLG1JkLB6UlkpDt0ycbuuTzp6HKfok2MAxgWC_tiYZMDsqO2szopeE2yhC4wInoTjMBzCmG9piYqOUBPQXR26WGAhopcLILEiae7pegwqEk60fcUemgHEuwzdoHwvhJUVGLbAt4YaeKn2OnbDVQARyF3h2MyZMr_DQsTEJ4gplPG1nktn81Wnn9u95nm5NaFmCA&sig=Cg0ArKJSzICi80SWNVuxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=229&cbvp=1&cstd=224&cisv=r20230614.31671&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Jun 2023 14:59:12 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/326909/29905229/1685811822968/ Frame B1A2 19 KB
5 KB 135ms
37ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13a80ef3063448c00840e283e683dd30c9ce6dd3a2727acb807939161f69cc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 78137
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4860
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 17:16:55 GMT
expires: Sat, 17 Jun 2023 17:16:55 GMT
last-modified: Sat, 03 Jun 2023 17:03:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C2C 0
26 B 101ms
101ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2jxohr2xY_xTnf2oJVJB3G5yVfk_v0oxbLW--er9R62N5ghg6YiG2MbOt0DREBmZ8koRFlEHb-pM6LhMubD943QLBSmU3ospoQgj3b4m-MoBV7yeulpI5kjGEA6T3mXDqquJtCqsv24-bKhWnOS-vygcV3F14sRL3_74gKlXhI3YNC49SsWkb1KuJlT1QneOl_5tIdlj6HKdMGGC7tHlcx_viKBAYYABeEbQNq-Ajlri9RUT4prqtZEecBCzhCpyoeC9NPth8l8uwO5oymWn6S3qA1AyEjwMn0OiA_J9Li8rCgYWXikdK-tAlH_C2qleS5FxHtG3McjVmTPvFRytbmQ_J3_Xl5j5Rng-Dn8F9QAw-axEdQ7QIMKV8uC3fGuixB8ynDB-2xUooW907&sai=AMfl-YSefVts1Q7nYZEZtQOP1bg-xhfr_jgwwX-KAGQI5wQ3mp58sZPClQQgY2wXH1-h1y2pBFJgMWM6__qXWYEUf8lr3FNq72q9QNPL_2YSko4YehRMacGgFUcLldtutfY&sig=Cg0ArKJSzC31SCV0lxl-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4DB6 4 KB
767 B 42ms
41ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 14:19:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DB63 14 KB
1 KB 45ms
45ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 14:23:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame DB63 2 KB
892 B 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame DB63 22 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F05F 143 B
166 B 34ms
32ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:51:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame DB63 3 KB
1 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E9D2 1 KB
643 B 33ms
32ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Sun, 18 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame DB63 19 KB
8 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DB63 0
0 42ms
40ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHVxIvvct0yE2CTGskPEDDG5Vq-NAj3KhVP5KVTEK9jCHD-D3l1gd9Ouyv_XB_RcjZ3G3Dq7eOpcyrgXqgpn2wtdQU0Q
Requested by: Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB63 178 KB
56 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H2 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame DB63 33 KB
14 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 21:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 21:21:20 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/ Frame 4DB6 22 KB
9 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab296b2bb2aecd4942237b656e45565beb04d9e73c45346a60e1d92616aeaae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9409
x-xss-protection: 0
server: cafe
etag: 7294307571184633120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:42:54 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4DB6 205 B
519 B 41ms
41ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 11:57:16 GMT
x-content-type-options: nosniff
age: 10916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Jun 2024 11:57:16 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4DB6 604 B
717 B 42ms
42ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:07:29 GMT
x-content-type-options: nosniff
age: 3103
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Jun 2024 14:07:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E9D2
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDADW5wA0b_eLCs4ru-6BvI&google_cver=1&google_push=ATf1kGNcR5HNJ2S-ivW5CKbd3gc7d9v-sZXL3aaMEt_RH4xSKJyoPp9-i4cYZhN5oz4dSNxmS77Pt6_CoPX8zDfNe...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNcR5HNJ2S-ivW5CKbd3gc7d9v-sZXL3aaMEt_RH4xSKJyoPp9-i4cYZhN5oz4dSNxmS77Pt6_CoPX8zDfNeJQWnuzhDZ4&google_hm=G1NjrGZHv9by5NE6TSyD2GY3

170 B
188 B

44ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNcR5HNJ2S-ivW5CKbd3gc7d9v-sZXL3aaMEt_RH4xSKJyoPp9-i4cYZhN5oz4dSNxmS77Pt6_CoPX8zDfNeJQWnuzhDZ4&google_hm=G1NjrGZHv9by5NE6TSyD2GY3

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 14:59:12 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGNcR5HNJ2S-ivW5CKbd3gc7d9v-sZXL3aaMEt_RH4xSKJyoPp9-i4cYZhN5oz4dSNxmS77Pt6_CoPX8zDfNeJQWnuzhDZ4&google_hm=G1NjrGZHv9by5NE6TSyD2GY3
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame E9D2 0
44 B 965ms
261ms Image
text/plain 18.180.242.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESELMLul4GtGM6sZsixSiYzAY&google_cver=1&google_push=ATf1kGOxoIlGTdx0QtZHMFSWfHeLZvrOxizV4P9W1d_aFI9asFJ736bvxo49bmB8s_ZXTaVi6xByVUktfyJAO11dju9hWsrftoo
Requested by: Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.180.242.12 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-180-242-12.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:13 GMT
server: awselb/2.0

GET
H2

200

/
onetag-sys.com/match/ Frame E9D2
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIUwzafO9VSdxWYcHbtgKrM&google_cver=1&google_push=ATf1kGOAhauuH_sSG2mp_yhtOc9yxDV7t8eoehkalLsF1x-s--LqJrN67RRP_gAU4O7AQRSiRz5EWAJXi1N...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGOAhauuH_sSG2mp_yhtOc9yxDV7t8eoehkalLsF1x-s--LqJrN67RRP_gAU4O7AQRSiRz5EWAJXi1NoOyVp7VPX3jkbR2Xy
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

34ms
34ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E9D2 0
12 B 42ms
40ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4azIcVI70P52Bvl3t97qAfc3JhBZhq8FaAUySjni4X4c

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F05F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
48ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
URL: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:12 GMT
expires: Sat, 17 Jun 2023 14:59:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 14:59:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C2C 0
0 70ms
70ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3nLXxgifwTsUrWXKz9h-LojNjNrrLd4aMvq4lKJOpPQnziPMSi_QhYL45T7KGahvWB88kHmsscpxFRkROdvupcsH0pYBYzAqgN0k0dJXfQf1dUa8zuX6M7RkRIouKBwuxzV54ee-YenMcPkdjnp7hEe73wgxP-R-P7lE2AytAnjTauisFh13CPf5Jz_PwZJFlcmsFLIoFBwc6fZNaIVQW1aYVeEiTpRUvf-qsi1nHdYOA5NnEfYWwxHU_YxvDMj2iQACuy3phbEfT-bO_yYDWULrgeHuxilKFJqEWKd7yZh0wnO-RNbZrE_7CGQdP3-J6ycqM9mABZfXQo5q4ShUotSynd4pv4fr4-E9rAzAp6WXULYsBqMyDnBAFzGCLbTio55ylygO2igciN5aSSd4&sai=AMfl-YTJT0f8M0YeTreda80O1VqTl3nT8-6MCWza62Pe0V0bn4MrJ8q10Z9ztv9VOeIW9pGJfGvqZ88ibqW5-gsfv2L9VMYzKZLhYmO_b0EFL7gqUpNstSqMBQq2d3zLF7o&sig=Cg0ArKJSzPU-fb6wobKPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H3 200 gsap_3.11.5_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4348 70 KB
27 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27946
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:06:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H3 200 background.jpg
s0.2mdn.net/sadbundle/13697087128816370003/728x90px/ Frame 4348 14 KB
14 KB 34ms
33ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/background.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183cb5fd6c3c1ffc7d4302b2477dec65e2594d4a0f0f3315e178c147edcedac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 06:35:20 GMT
x-content-type-options: nosniff
age: 203032
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13998
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:00:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Jun 2024 06:35:20 GMT

GET
H3 200 heading.png
s0.2mdn.net/sadbundle/13697087128816370003/728x90px/ Frame 4348 58 KB
58 KB 36ms
36ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/heading.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef9216b8a337fabe124e83e486f33e49a323239eec435ef3b5fd908a16343736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:05:17 GMT
x-content-type-options: nosniff
age: 57235
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59071
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:00:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jun 2024 23:05:17 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/13697087128816370003/728x90px/ Frame 4348 11 KB
11 KB 34ms
33ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43ecc8b200833316b052f8abd1f8f727a25984c5dacd6c3b84e592751f55706b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13697087128816370003/728x90px/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 13:29:58 GMT
x-content-type-options: nosniff
age: 91754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11559
x-xss-protection: 0
last-modified: Tue, 30 May 2023 11:00:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jun 2024 13:29:58 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6804 33 KB
33 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 330595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 19:09:17 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6804 20 KB
20 KB 47ms
47ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 16:40:42 GMT
x-content-type-options: nosniff
age: 598710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 16:40:42 GMT

GET
H3 200 bcdc39946861b91689eea548d19ea8da.js Show response
s0.2mdn.net/dfp/326909/29905229/1685811822968/ Frame B1A2 106 KB
30 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/326909/29905229/1685811822968/bcdc39946861b91689eea548d19ea8da.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8387b57a118935f8019c446fd39e34f5c72f0dd3ab3f56a090f4a42dba73fcf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31000
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 17:03:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 17:16:55 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 152 KB
52 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c09ca02e2b96d3c8f36b1a4a836f562229b083e6eb5d8e9c516f483e04d47cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52891
x-xss-protection: 0
server: cafe
etag: 1991297913793719513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B34 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 2046 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B1A2 4 KB
605 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400|Muli:700|Cardo:400|Cardo:700

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/bcdc39946861b91689eea548d19ea8da.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e99b649854621c01ca000e9b0c3f5e2115592a4f73b33395fac5b7c648e29820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 14:33:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H3 200 db095612a5d588272204f455bc9f8568.svg
s0.2mdn.net/dfp/326909/29905229/1685811822968/media/ Frame B1A2 7 KB
3 KB 33ms
33ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/326909/29905229/1685811822968/media/db095612a5d588272204f455bc9f8568.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5935bd4c9f228a9ab62c6ef3684fb301a4386e19ffc4323cffdc9eed11035b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:16:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3123
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 17:03:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 17:16:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B627 0
0 100ms
99ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvkHo1G5eNA9n2YorzY5J3GYDlKVf-xV7AzGa5i9m0MMZk49VjpNpwzzMQHvOHD-rQ9D83PHdfPqGMxNvmtZRiTysDmnEeSRhcRj4_4PC_SGsxtOp6030sJF3GIKd5osbhi0ZOubVb4dFfkJ5QNSMHvv8_U1VJuSKJCN-lQZLTij8BJqcRAZsVDDEoqjfJH74EdmzZenA45b_ngPP0lWsZZqNaUX6jRStJoulWxAoQt956OR8uaDCoNrI9nGwDUlvT_tOq3h-WXhFnrecS7lh_l2KAbkqVrKaqlh6qTOkgOwfN3oJBSfSqtfh5PDFukxt1GR4kAkO2NMzSMRFsBK9DVDGScTLfKWNO1Un-DnO2o-yhK6yLm7BWORsZXGCOW6F-YdF3hoKI6M5lNw9hgts52jeMLOtUAJlMozHCdQsDDfTCRyQSpgiqb9Qcq0bcXXcQCPKZhnqJwwgyfhH1uMnpf0qTsalM6l5wbCl8nJgRfKvI2fciI6Ssekz2qBHHdvm0IFiLx6latzHgtkkZKPOpFV7ZSkAURlDR7izZOdojbUDbjPpCXi_ErsL023B3FQP6QqWWJh3Z6Z9rj_PSdf4WVQGxkd9hp_PG9LMfxTK6vmXCxbI0T9KBtQDOVygt98W4wLb3hre438GlPUN7UPUZqEegpfD2tbrNTL0S4AORbm9sLs7zhX6ETIvN3URzYMVrqKxVA1-k1iECWPiYQcKqW8ny7109q8jipzCHcdhXYIg-lLJO812tWgrl_5s9COtiEshMd5AFjY8vllbj3C3UGCtfyYI6_3JLeP9LkohT6VQq0nzEkd0zhOUe3g2dMNwYDXauDad13HMrapmHQVfKJA1Ia8ypjrUJQksQ3xt2DE6oqLCKhzhxnGghJBZqCs6uVKyXlAjPoQEcc6slw9fG3nIgPIkXlDReBreJvYzaVTMZJWjwewfgwXHjJth7vR26VDfMSF6sY89Mybzmr7WGdLG_OCZAArzaG8M-J5NAmB23IpuhOkVqqSU_nvalAzFHXKKG6kIMFMyrXax-Dh5pCcdBJuGDVSLZ5c_34tRyJD0Nnokh0udHb41PZ3twRGP_mLYRUkSvt46qJzJtTbhEKmv1ZW-5sGEKC0tUIpt582U7WQEvWd1u13gqoBFUMjNxMFlWBaiKXmckVXyZPDdhWjKRxBfpYzBIAsLxQ2LEb1op4rgd9iHsy9AvcbpDagrXX4TPtY-Co1OxsOlwPGY2YMhGmMBdbZE0JOX2m_5ns8i-rqSgJlvvrhDmp4qeL5sctTugPPhk4ezpLtzae0-Ld-w&sai=AMfl-YRkAUXQog2GFpWp35L4qU98SXLXczWrEizBklFfjeoTYnxzrvHmpkETY53rvSSU8PC-FLG1JkLB6UlkpDt0ycbuuTzp6HKfok2MAxgWC_tiYZMDsqO2szopeE2yhC4wInoTjMBzCmG9piYqOUBPQXR26WGAhopcLILEiae7pegwqEk60fcUemgHEuwzdoHwvhJUVGLbAt4YaeKn2OnbDVQARyF3h2MyZMr_DQsTEJ4gplPG1nktn81Wnn9u95nm5NaFmCA&sig=Cg0ArKJSzICi80SWNVuxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=707&vt=11&dtpt=478&dett=3&cstd=224&cisv=r20230614.31671&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 14:59:13 GMT

GET
H3 206 a4047e80b11fdf693b1c920b205adc03.mp4
s0.2mdn.net/dfp/326909/29905229/1685811822968/media/ Frame B1A2 43 KB
43 KB 36ms
35ms Media
video/mp4 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/326909/29905229/1685811822968/media/a4047e80b11fdf693b1c920b205adc03.mp4

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17e12bf7b8cffd82257eae0499a2f1d89c500c2342fc09b9d8e950edc63bb8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/326909/29905229/1685811822968/index.html
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 16 Jun 2023 15:01:10 GMT
x-content-type-options: nosniff
age: 86282
Content-Range: bytes 0-44426/44427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 44427
x-xss-protection: 0
last-modified: Sat, 03 Jun 2023 17:03:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 15:01:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DCA5 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuiDEQMqNZMeWCdS7x_APg-CQ8AoAAAAAOAHgBAI&bg=!FBelF0PNAAaGYqkwpmI7ADkAdvg8WjbIUuyoac6ub75eNKU6gTxornhHXh177DkookYrPYkt-A1ATINAz0bbIFd6kBXAywq8JoECAAABglIAAAAEaAEHmQMz1CT-mfIMgeOfSiLD-ARzzsYTVjDkKBy8YBFh8EBb5nTdDkOKPgwrWpi0N6pwAaFai2sFh2FBZ1pFC3L5sS4dBwrBGCnmaY7CBh6iRJG5t8oqyADoQp4tXjq6AeZNbAa4mZKfH0LCLDiGhroSQy5XJLeTOnRdS2dtaisAZylJRhPVCpbWHpXWSCuBerQpXnxuBqwfeksLdzpBkzEcIQZhYQV7rKaEN9KL8ODslxPgiw1R1exHKUCV8ie39R-47t9OdHfiqp7WepfvtwalWYDAwJ61yoAl2mYDcH2YaP3ep0vbGppZtfNrvRaAsAzVieCLu9fM6QvQVmyavvHbyFhqDp9pxzQYy1k7kI-qxAavUST4datv1yVx9-ycWtPOb1Uo0vWiCMpD__B_nt66AD87L5TJlpccl7fuEFFempx83YmrBHf1UOMlopXyTv_2TOo0mwl8YMslFxdbkJssHmLoTIV5dreduiyKx4GrTeW9EyhPY-wtc_wGJ_WLzFjlMtsTIRtrSiIwS0p2dJfjsIaeU1PdJm1m3Sm8jD-MudET1rS8Y-6aHrzGR_-CQDCutRJj5D5xajLa1zMObzZoA9gG9xuGlhIH5NAts-eRimnDQt0ECjZ6c33b9qFp8tFgYQTxPwdGkf_RYxYWHPQJbkshwvIAzf71KvSIG5do7NMZCfrwa3oFzo27AMGEkMSmNao9DMkmLuICENUErJkxRjAtIgjNrDmnCpSaseBzhnWUPdXJOpQZSVQXGKdOvg3k3tB2Pr4QBXX-9DhwGFHCxCoGvs5_UWPVfd5QtEAPFARY9R807ssYE6Op2_GbrXd4mV8dvLl9mzbaPwj16rU_oJmhzpiCQNKYwf793h6QA2_jIDhthHsr6AZDCVm4Oho8ebyrZEC87D0EJFmT6ICPY8Dq233Syfr8VNBGWphQ8f1GLsPDuSPyukDOHFQeA48d8IBWuPctPjRqiskJou8F8WoFalJA4wNWofmt1R95-PNWQK3J7I0YV4gNhLxJ3DF3nhyQGhZAyrVPGjuRpRezSRTSEOgl9VjhsFbKDtJnLIfOzA6kY5qiWlCOZzALzmTinZzndfI8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ Frame B1A2 30 KB
30 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400|Muli:700|Cardo:400|Cardo:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 19:34:33 GMT
x-content-type-options: nosniff
age: 588280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 19:34:33 GMT

GET
H3 200 wlp_gwjKBV1pqhv43IE.woff2
fonts.gstatic.com/s/cardo/v19/ Frame B1A2 15 KB
15 KB 63ms
63ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cardo/v19/wlp_gwjKBV1pqhv43IE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400|Muli:700|Cardo:400|Cardo:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 19:43:54 GMT
x-content-type-options: nosniff
age: 587719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14880
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:05:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 19:43:54 GMT

GET
H3 200 wlpygwjKBV1pqhND-ZQW-WM.woff2
fonts.gstatic.com/s/cardo/v19/ Frame B1A2 18 KB
18 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cardo/v19/wlpygwjKBV1pqhND-ZQW-WM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400|Muli:700|Cardo:400|Cardo:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 19:29:02 GMT
x-content-type-options: nosniff
age: 588611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18852
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:09:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 19:29:02 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
42ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koora.kora4live.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/ Frame BC0D 10 KB
4 KB 34ms
34ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 59391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 22:29:22 GMT
etag: 15057649708203361565
expires: Fri, 30 Jun 2023 22:29:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/ Frame C167 10 KB
4 KB 41ms
32ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 59391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 22:29:22 GMT
etag: 15057649708203361565
expires: Fri, 30 Jun 2023 22:29:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/ Frame 2C3B 10 KB
4 KB 41ms
33ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koora.kora4live.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 59391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Jun 2023 22:29:22 GMT
etag: 15057649708203361565
expires: Fri, 30 Jun 2023 22:29:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
70ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306150101&jk=824341492987063&bg=!U1ClUATNAAaGYqkwpmI7ADkAdvg8Wl4eCovNXmeU90Vj0XCN1in0L2XQNVGbFs8HZIhSTkUcnk_G9F2E6YO6X9BPCHZ3-8AFnp0CAAAA_1IAAAADaAEHmQLW9u7iypfqdmAxnbpmTiNZ-R_G7xIYXnhXDBmTf86x346wcqipkZUPKS71rCpfwpHbggmHgUkAhF0PKoYv6QVnI8E5gofw7FSIlmw-qoc9slUkK_ZsBkwgP7Kb5qrtx3t6yaqMpLNrpaIsusOn3vVqY_mVfhH_Bjx_lRHHkK5CMniphM1Ee9wiC64x8b3GSQiJzhkAAx6cMSnXVhGnk8BADtlsKK-27huCyVQoATxUxg4e5Inp2zkIa2TuiuBZskz55Jh7zH1QDWtH9rDJLpm56c2Ru8C1ZdzRps27RMxp4TbU-Xqg9Gfh0kRitqU-CBtgh9dwOyy15I6qxltAbTevObEZU1xr13gcGYHkbrfNaxgOxkbn1EX90C0avvLVg7WZjdDVTAxu-8h5lDKQcY3sFnShs3v4am9FRiXbAwr3JI5LvobDJHIIefmhv_M-X45s1m2ooeh8R_mC6vbBPrB-Kj9dzsG87otFuJ7i80Ji_CFcLCsMhEanZqxNdeDK3K2C0VpDuS8t4yLREV37b4o_wGKTIYK9kveHx8p04BJ6hRctZ5FTFGvGYFB8TVJ-JC5261hvR2NaQf6Df_RTTona0SYbKpC2wS5HgACELJlXutPTgCzyJTYUUTM1qIYncPAd03DbsJZEE6z6zUBm9pPzOIijcCfRc9j8ntpeEqXTDBPI-VCWKO34XuD0kvNDAkmTpNyRd686BGKtEg3wV_hPQyjAKrKK649FVWV5ZCBhnOURsok__zVtJkcjcKh8IYBZxFhTUzZzSbyzqDJb_7eWOqDH5Gv1iE60Z7zDxg9vZzazrirEcypKxn4YrH5xOWNCoAZ6we-7Rz1JG825WImk32luAbLvAdt3tPibqTn2tbSleaY8oSMtgz62GHJb3jptJTrNoZGzEmgWwvMjoAMB1Td3W0ktzAjGP6xhRQ5RgibHCrsHxeiL1NKgLou1OeK1bODOnXa3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D4D7 42 B
64 B 71ms
71ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBPIBG9vhswaAa7wM5i-2u6I5b7IX3r8BHE08V2PfTfnK3Qg3jcjeOkhmWagZxkpbZMtQtMcT94jhK1C28Nlhbz7_QWsZtMc8D1tBwbosKvTknxhT-lU7GOAJbS5Mm_t4-oyj9aPyQYIJz&sai=AMfl-YR5t8d0W0dOLXXnmUsSx21AYJtlMZDey0if6qWmL86ocnxLE9J4FENmGEaHVgzglfAetnNRDiTS9hPqNyiWXI36iMm1lDOKDGieCFBBtLJa2qCzNU0te05gF16ytz7zuVcgdNst4NEQu_TaMQ&sig=Cg0ArKJSzGUV0DDWKjT0EAE&cid=CAQSTABygQiDn4uO5VnWy56ZNXAPeuSxosi2wem5Xis_UErsPzxq0AUldX8fuMHcxPuFhY5vrqru9A6MetCP4SoJhRQ8BhgdqtQc_ZsyKDIYAQ&id=ampim&o=288,469&d=1024,280&ss=1600,1200&bs=1600,1200&mcvt=1025&mtos=0,0,0,1025,1025&tos=0,0,0,1025,0&tfs=320&tls=1345&g=100&h=100&tt=1345&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://koora.kora4live.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BC0D 4 KB
655 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 14:30:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:59:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame BC0D 2 KB
892 B 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame BC0D 22 KB
9 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame BC0D 3 KB
1 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 51F9 1 KB
643 B 34ms
33ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Sun, 18 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame BC0D 19 KB
8 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BC0D 0
0 40ms
40ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ60Haws2CQg5Q-dN9u7Oc3SZukVPiQs3ARS8wxbML4DLDdDBTCXo2QWwOJvn-Z0OU7jFdFt9B696ujU_S8zBe_zkEdsA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC0D 178 KB
56 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:13 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame BC0D 33 KB
14 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 21:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 21:21:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C167 6 KB
706 B 44ms
44ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 14:43:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:59:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame C167 2 KB
892 B 33ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame C167 22 KB
9 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame C167 3 KB
1 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 51C7 1 KB
643 B 33ms
33ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Sun, 18 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame C167 19 KB
8 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C167 0
0 49ms
48ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFHru6pc4FL4XCw0Oj5gIDCeldfaa0n2w0lT9LQUGxpv75yzIq3ovB52QVGmGMP6YQZbWRvAHFSm123G0Tl3y9Duoc6A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C167 178 KB
56 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:13 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame C167 33 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 21:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 21:21:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2C3B 6 KB
706 B 44ms
43ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 12:59:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 14:59:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 2C3B 2 KB
892 B 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 2C3B 22 KB
9 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 2C3B 3 KB
1 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B374 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 13:20:52 GMT
etag: 48472445140208031
expires: Sun, 18 Jun 2023 13:20:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 2C3B 19 KB
8 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:39:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8120
x-xss-protection: 0
server: cafe
etag: 8171891181101138299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 17:39:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2C3B 0
0 41ms
41ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmybCcpGzk3Bfqs3IxCFhw_JAnMsaqKrg2Qu4ueLKIqccB3oATDRn4kwRxa_4dVOAnFVCl9OgBoJ7mdtrQh5Taz_vtUA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C3B 178 KB
56 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 14:59:13 GMT

GET
H3 200 b2e5730d4c3b853e5c2ef15981a3fc9d.js Show response
www.gstatic.com/mysidia/ Frame 2C3B 33 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2e5730d4c3b853e5c2ef15981a3fc9d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 21:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14011
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 21:12:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Sep 2023 21:21:20 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51F9
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEMC_nf7FdOs3inRwzi9hnhQ&google_cver=1&google_push=ATf1kGPwKaOdWqt0Q_dV6guTeB418OqUGqJneU850Ftdvfu7VTG1nBlqrEHsk8wwl_NBDlo6ib0yp-8dGtQ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPwKaOdWqt0Q_dV6guTeB418OqUGqJneU850Ftdvfu7VTG1nBlqrEHsk8wwl_NBDlo6ib0yp-8dGtQgiYtnWDmCgYmfiz-zKg&google_hm=nL-K6ZrvSkWzv2ivrA...

170 B
188 B

44ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPwKaOdWqt0Q_dV6guTeB418OqUGqJneU850Ftdvfu7VTG1nBlqrEHsk8wwl_NBDlo6ib0yp-8dGtQgiYtnWDmCgYmfiz-zKg&google_hm=nL-K6ZrvSkWzv2ivrAFV85E

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ATf1kGPwKaOdWqt0Q_dV6guTeB418OqUGqJneU850Ftdvfu7VTG1nBlqrEHsk8wwl_NBDlo6ib0yp-8dGtQgiYtnWDmCgYmfiz-zKg&google_hm=nL-K6ZrvSkWzv2ivrAFV85E
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51F9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGNVjc-CrECjdApm-v8PkGWDrJu8JXXNy9nNux2ORyL3VtYI4YBVr8P-QasP7wD8_imoLCRkr5ZJ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGNVjc-CrECjdApm-v8PkGWDrJu8JXXNy9nNux2ORyL3VtYI4YBVr8P-QasP7wD8_imoLCR...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA2NzgzMzY3MjIyNjI2NTU0MA&google_push=ATf1kGNVjc-CrECjdApm-v8PkGWDrJu8JXXNy9nNux2ORyL3VtYI4YBVr8P-QasP7wD8_imoLCRkr5...

170 B
188 B

45ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA2NzgzMzY3MjIyNjI2NTU0MA&google_push=ATf1kGNVjc-CrECjdApm-v8PkGWDrJu8JXXNy9nNux2ORyL3VtYI4YBVr8P-QasP7wD8_imoLCRkr5ZJFIZiXkLaPJX-qutTM0cd

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA2NzgzMzY3MjIyNjI2NTU0MA&google_push=ATf1kGNVjc-CrECjdApm-v8PkGWDrJu8JXXNy9nNux2ORyL3VtYI4YBVr8P-QasP7wD8_imoLCRkr5ZJFIZiXkLaPJX-qutTM0cd
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51F9
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESECK2SKa9-S0joiK7E4cg_5g&google_cver=1&google_push=ATf1kGPiL9L-r4dldE_2jp8i6PSOFVkZrrallpUc2xGgcX7QZhvzlBuTxXtKMX-FDse6lLvsn5TSngBGPuqas4OU0Q0AgUG...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPiL9L-r4dldE_2jp8i6PSOFVkZrrallpUc2xGgcX7QZhvzlBuTxXtKMX-FDse6lLvsn5TSngBGPuqas4OU0Q0AgUGajMpyqA

170 B
188 B

44ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPiL9L-r4dldE_2jp8i6PSOFVkZrrallpUc2xGgcX7QZhvzlBuTxXtKMX-FDse6lLvsn5TSngBGPuqas4OU0Q0AgUGajMpyqA

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGPiL9L-r4dldE_2jp8i6PSOFVkZrrallpUc2xGgcX7QZhvzlBuTxXtKMX-FDse6lLvsn5TSngBGPuqas4OU0Q0AgUGajMpyqA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 51F9
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Y9w4utAY70b8JFjpLWxH9ylK3I2S21TAvkmRmQ&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
369 B

42ms
41ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 111899
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51F9
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGMya93yK6sBYpTp9oYF320cjcxp-vVyT74CR7fNmExw2TMKIkiYIdJqhZ2WgOCFbRtZ1zwKrkmT...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGMya93yK6sBYpTp9oYF320cjcxp-vVyT74CR7fNmExw2TMKIkiYIdJqhZ2WgOCFbRtZ1zw...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzNTM0OTI3MjI1MTc4NzE4OQ&google_push=ATf1kGMya93yK6sBYpTp9oYF320cjcxp-vVyT74CR7fNmExw2TMKIkiYIdJqhZ2WgOCFbRtZ1zwKrk...

170 B
188 B

44ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzNTM0OTI3MjI1MTc4NzE4OQ&google_push=ATf1kGMya93yK6sBYpTp9oYF320cjcxp-vVyT74CR7fNmExw2TMKIkiYIdJqhZ2WgOCFbRtZ1zwKrkmT5YR_zehDA84lTffoGvLGKQ

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMzNTM0OTI3MjI1MTc4NzE4OQ&google_push=ATf1kGMya93yK6sBYpTp9oYF320cjcxp-vVyT74CR7fNmExw2TMKIkiYIdJqhZ2WgOCFbRtZ1zwKrkmT5YR_zehDA84lTffoGvLGKQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 51F9 43 B
296 B 220ms
33ms Image
image/gif 2a05:d01c:1d8:8102:cc49:11d8:a79c:a08b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEFo9T1Mt0L29lcR1nDjFfBY&google_cver=1&google_push=ATf1kGPeGcs_foB3yWUUm7QNPPJDge_Rxgih91sovzTr81epe39p22sxwdGmm1ZeR3llt9yT8v0M02_baMPNcdhpSGtnHN1ah_6d7Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:cc49:11d8:a79c:a08b London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51F9
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIUwzafO9VSdxWYcHbtgKrM&google_cver=1&google_push=ATf1kGNj6hItqhBtfvjsZW8CsTPtGJyWzyUTvcYTCX4GXm-ZS9ao_NOreEy74UR7wC-38O9JXKWaFpD3l214...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNj6hItqhBtfvjsZW8CsTPtGJyWzyUTvcYTCX4GXm-ZS9ao_NOreEy74UR7wC-38O9JXKWaFpD3l214dsfn9ldwa0QQOFOeNg

170 B
188 B

47ms
46ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNj6hItqhBtfvjsZW8CsTPtGJyWzyUTvcYTCX4GXm-ZS9ao_NOreEy74UR7wC-38O9JXKWaFpD3l214dsfn9ldwa0QQOFOeNg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNj6hItqhBtfvjsZW8CsTPtGJyWzyUTvcYTCX4GXm-ZS9ao_NOreEy74UR7wC-38O9JXKWaFpD3l214dsfn9ldwa0QQOFOeNg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 51F9 0
12 B 48ms
42ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LgfU2dlKGJ5_O5sMrIzuiavDlOJ1KLqu4RBA-vd0MD7oScXNultUN6HJZ_rYxDN_CN_1Uv

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51C7
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELrR9Vur7vmXBI0xiMuRLpI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELrR9Vur7vmXBI0xiMuRLpI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VnBnMTFEaEExUWF4b3Q1&google_gid=CAESELrR9Vur7vmXBI0xiMuRLpI&google_cver=1&google_push=ATf1kGMHLsC9saBW_OGd5O_53nxDYy8bxspR7yLBWvs-a8w...

170 B
188 B

43ms
43ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VnBnMTFEaEExUWF4b3Q1&google_gid=CAESELrR9Vur7vmXBI0xiMuRLpI&google_cver=1&google_push=ATf1kGMHLsC9saBW_OGd5O_53nxDYy8bxspR7yLBWvs-a8woGigsmc6cLXaQGUmQFkgnaSoEWvc0sP9wK9hEY3zGcX7Z-i8idYnSX3M

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 14:59:12 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-780-gdfb6b2e#rel-ec2-master i-0014315516ab858c7@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VnBnMTFEaEExUWF4b3Q1&google_gid=CAESELrR9Vur7vmXBI0xiMuRLpI&google_cver=1&google_push=ATf1kGMHLsC9saBW_OGd5O_53nxDYy8bxspR7yLBWvs-a8woGigsmc6cLXaQGUmQFkgnaSoEWvc0sP9wK9hEY3zGcX7Z-i8idYnSX3M
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51C7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMaVhMIyNNsz8Y1XPlGJSRo&google_cver=1&google_push=ATf1kGO0_s-tS72SLwHeKXQ-bd8R0o9yNvQjoA3rSikis2YWehMx00d7w6GH9Gl67Q6zoiz2AL0c7bWH-ebfiCDn...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO0_s-tS72SLwHeKXQ-bd8R0o9yNvQjoA3rSikis2YWehMx00d7w6GH9Gl67Q6zoiz2AL0c7bWH-ebfiCDnNhvtlZZpCMdohsA

170 B
188 B

46ms
46ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO0_s-tS72SLwHeKXQ-bd8R0o9yNvQjoA3rSikis2YWehMx00d7w6GH9Gl67Q6zoiz2AL0c7bWH-ebfiCDnNhvtlZZpCMdohsA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 14:59:13 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x30 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO0_s-tS72SLwHeKXQ-bd8R0o9yNvQjoA3rSikis2YWehMx00d7w6GH9Gl67Q6zoiz2AL0c7bWH-ebfiCDnNhvtlZZpCMdohsA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51C7
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDm6ChzIcrdxJkPxUyehptg&google_cver=1&google_push=ATf1kGNppk1a1uN8QwfQyYl0lbNxldpEqp-Pdjik4WAkDFyZPAFR79qboUQ-BgYS0W-MP0bkSSwHwR0DvAn-ECiOgXsCQgY4B_mOp1E
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7D68715625AF4450B50C70D793506259&google_push=ATf1kGNppk1a1uN8QwfQyYl0lbNxldpEqp-Pdjik4WAkDFyZPAFR79qboUQ-BgYS0W-MP0bkSSwHwR0DvAn-ECi...

170 B
188 B

44ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7D68715625AF4450B50C70D793506259&google_push=ATf1kGNppk1a1uN8QwfQyYl0lbNxldpEqp-Pdjik4WAkDFyZPAFR79qboUQ-BgYS0W-MP0bkSSwHwR0DvAn-ECiOgXsCQgY4B_mOp1E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:59:13 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7D68715625AF4450B50C70D793506259&google_push=ATf1kGNppk1a1uN8QwfQyYl0lbNxldpEqp-Pdjik4WAkDFyZPAFR79qboUQ-BgYS0W-MP0bkSSwHwR0DvAn-ECiOgXsCQgY4B_mOp1E
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 16 Jun 2023 14:59:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51C7
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELafphvotlVx8jklaYfN_9c&google_cver=1&google_push=ATf1kGPNU4Nkg9zZ4KsTYkh7fJepOkGOsOzv0Eqm7R-CB-H0XLd0ls06phHiaW4UqT9F1BMG5Vxkfvg9mU3VwCItLj9F...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=d00e2773-ff3f-45df-9dad-220c3d70dda3&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPNU4Nkg9zZ4KsTYkh7fJepOkGOsOzv0Eqm7R-CB-H0XLd0ls06phHiaW4UqT9F1BMG5Vxkfvg9mU3VwCItLj9F38UFqy-sPw&google_hm=VNxChZtwRfeI4aDJaSZbCg==

170 B
188 B

44ms
43ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPNU4Nkg9zZ4KsTYkh7fJepOkGOsOzv0Eqm7R-CB-H0XLd0ls06phHiaW4UqT9F1BMG5Vxkfvg9mU3VwCItLj9F38UFqy-sPw&google_hm=VNxChZtwRfeI4aDJaSZbCg==

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGPNU4Nkg9zZ4KsTYkh7fJepOkGOsOzv0Eqm7R-CB-H0XLd0ls06phHiaW4UqT9F1BMG5Vxkfvg9mU3VwCItLj9F38UFqy-sPw&google_hm=VNxChZtwRfeI4aDJaSZbCg==
date: Sat, 17 Jun 2023 14:59:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51C7
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIUnAsBYNOAcKflbvx2T2tU&google_cver=1&google_push=ATf1kGMXcEZzJmBGPg4CWy6bkmOLvWYbS58JQPyobvFte6KGp-Tik0ldDSWqPQefg4DrG8c-ORsFJs-BsDT_Dbu-M4NANyJ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMXcEZzJmBGPg4CWy6bkmOLvWYbS58JQPyobvFte6KGp-Tik0ldDSWqPQefg4DrG8c-ORsFJs-BsDT_Dbu-M4NANyJ6LmR2OOI&google_hm=eS1hSmowX29kRTJwSE9...

170 B
188 B

44ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMXcEZzJmBGPg4CWy6bkmOLvWYbS58JQPyobvFte6KGp-Tik0ldDSWqPQefg4DrG8c-ORsFJs-BsDT_Dbu-M4NANyJ6LmR2OOI&google_hm=eS1hSmowX29kRTJwSE9lYXEzVXFCSEg5Z3hjcktrdm9jen5B

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:59:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMXcEZzJmBGPg4CWy6bkmOLvWYbS58JQPyobvFte6KGp-Tik0ldDSWqPQefg4DrG8c-ORsFJs-BsDT_Dbu-M4NANyJ6LmR2OOI&google_hm=eS1hSmowX29kRTJwSE9lYXEzVXFCSEg5Z3hjcktrdm9jen5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 51C7
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGOTCd0Kl8Jrn4EFcnhz5O6KEKVYzReTpR5Ndu1U9Q8OGPNzqoKvDLiHxoL12b13EIi8ihyApEBp...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGOTCd0Kl8Jrn4EFcnhz5O6KEKVYzReTpR5Ndu1U9Q8OGPNzqoKvDLiHxoL12b13EIi8ihy...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4ODMxNTM2NDI0NDE0NDU4NQ&google_push=ATf1kGOTCd0Kl8Jrn4EFcnhz5O6KEKVYzReTpR5Ndu1U9Q8OGPNzqoKvDLiHxoL12b13EIi8ihyApE...

170 B
188 B

46ms
46ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4ODMxNTM2NDI0NDE0NDU4NQ&google_push=ATf1kGOTCd0Kl8Jrn4EFcnhz5O6KEKVYzReTpR5Ndu1U9Q8OGPNzqoKvDLiHxoL12b13EIi8ihyApEBpttKHsjKwIprmA3HVMTWqyQ

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTE4ODMxNTM2NDI0NDE0NDU4NQ&google_push=ATf1kGOTCd0Kl8Jrn4EFcnhz5O6KEKVYzReTpR5Ndu1U9Q8OGPNzqoKvDLiHxoL12b13EIi8ihyApEBpttKHsjKwIprmA3HVMTWqyQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 51C7
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDTKDzSnoQ41bYerud9IuAU&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPXc2XY2D8zbXujjCkj5UdYdkMQDPVNniSKEUsTtinP4OZMgzwvN5_b-_fQhxOffMJZgrRPzlFgMoLu0B1bGchW_FwPZLXx2R_5
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

117ms
117ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 14:59:13 GMT
pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 51C7 0
12 B 42ms
41ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxfTh1k8ALZlxT9W-miTb3ess17Lnzjn9GyOxVpzbANJ4EsSdBRbB5FpOCdZz1hsfk_gOPAA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B374 0
104 B 146ms
51ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIRMIo1SUi5Zu8y5zGjPBcg&google_cver=1&google_push=ATf1kGPoRHkNxQZPgUCKUMxpPAkXg0Tz90nW4LV2O5IB11kRMGTDUV0q_GwpfeLvDo4vZjgKBiUmTxKGqCgXM-iRay0DmEs9q-Jy
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B374
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMaVhMIyNNsz8Y1XPlGJSRo&google_cver=1&google_push=ATf1kGO9kegsNF1XuYDhS7n7WDfoYLyKMo3TS_kL43N3Ynv7LP8qO9tfMPpGt12AGDOCqrmpnkBDnnuilZfg2rJc...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO9kegsNF1XuYDhS7n7WDfoYLyKMo3TS_kL43N3Ynv7LP8qO9tfMPpGt12AGDOCqrmpnkBDnnuilZfg2rJc_j1WP3f8r3_d

170 B
188 B

45ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO9kegsNF1XuYDhS7n7WDfoYLyKMo3TS_kL43N3Ynv7LP8qO9tfMPpGt12AGDOCqrmpnkBDnnuilZfg2rJc_j1WP3f8r3_d

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 17 Jun 2023 14:59:13 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x15 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGO9kegsNF1XuYDhS7n7WDfoYLyKMo3TS_kL43N3Ynv7LP8qO9tfMPpGt12AGDOCqrmpnkBDnnuilZfg2rJc_j1WP3f8r3_d
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 17 Jun 2023 14:59:12 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B374
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGsRdIqgDQL3IwkyfZWl-jE&google_cver=1&google_push=ATf1kGNFuHqrvUw80XVSBDsRymD27IrVHuDSHL80Bd-X9LgI1H6DB1FlT9OM4uNXGfZ-9-XxWbcNzJxODH-bPdlvFv3KNuIR5yR2S...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGsRdIqgDQL3IwkyfZWl-jE&google_cver=1&google_push=ATf1kGNFuHqrvUw80XVSBDsRymD27IrVHuDSHL80Bd-X9LgI1H6DB1FlT9OM4uNXGfZ-9-XxWbcNzJxODH-bPdlvFv3KNuIR5yR...

43 B
443 B

260ms
237ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGsRdIqgDQL3IwkyfZWl-jE&google_cver=1&google_push=ATf1kGNFuHqrvUw80XVSBDsRymD27IrVHuDSHL80Bd-X9LgI1H6DB1FlT9OM4uNXGfZ-9-XxWbcNzJxODH-bPdlvFv3KNuIR5yR2SQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNFuHqrvUw80XVSBDsRymD27IrVHuDSHL80Bd-X9LgI1H6DB1FlT9OM4uNXGfZ-9-XxWbcNzJxODH-bPdlvFv3KNuIR5yR2SQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:14 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d8c27bbb8260c79-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 99
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGsRdIqgDQL3IwkyfZWl-jE&google_cver=1&google_push=ATf1kGNFuHqrvUw80XVSBDsRymD27IrVHuDSHL80Bd-X9LgI1H6DB1FlT9OM4uNXGfZ-9-XxWbcNzJxODH-bPdlvFv3KNuIR5yR2SQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGNFuHqrvUw80XVSBDsRymD27IrVHuDSHL80Bd-X9LgI1H6DB1FlT9OM4uNXGfZ-9-XxWbcNzJxODH-bPdlvFv3KNuIR5yR2SQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7d8c27ba2ed40c79-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B374 70 B
264 B 45ms
43ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECq538w95SFIHhce5OX8fG0&google_cver=1&google_push=ATf1kGMa0z1kn9czGUGu0A0XEg8i6EgvCZ_xjVMPF2N3ofE9kKfsH8Yf4hGqwdo71gbod55fMNKTwjv5kF1XSBis5ulsiKGdAT-05w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B374
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIUnAsBYNOAcKflbvx2T2tU&google_cver=1&google_push=ATf1kGMT1YdUFSNdVeFrAkdw81wZd9D3cMIpH0ozAvSqlAGwpQVT2CF4tykzPzBZ9tdBIkYFSVS-NV5YP5WI2TLRiXyvYdA...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMT1YdUFSNdVeFrAkdw81wZd9D3cMIpH0ozAvSqlAGwpQVT2CF4tykzPzBZ9tdBIkYFSVS-NV5YP5WI2TLRiXyvYdAX3QEw&google_hm=eS1adVNManN0RTJwRW5jUG...

170 B
188 B

45ms
44ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMT1YdUFSNdVeFrAkdw81wZd9D3cMIpH0ozAvSqlAGwpQVT2CF4tykzPzBZ9tdBIkYFSVS-NV5YP5WI2TLRiXyvYdAX3QEw&google_hm=eS1adVNManN0RTJwRW5jUGxabl94Q0VGSE9OSGltOVNKZ35B

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 14:59:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGMT1YdUFSNdVeFrAkdw81wZd9D3cMIpH0ozAvSqlAGwpQVT2CF4tykzPzBZ9tdBIkYFSVS-NV5YP5WI2TLRiXyvYdAX3QEw&google_hm=eS1adVNManN0RTJwRW5jUGxabl94Q0VGSE9OSGltOVNKZ35B
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B374
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-Y9w4utAY70b8JFjpLWxH9ylK3I2S21TAvkmRmQ&google_push=PUSH_DATA
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

43 B
368 B

43ms
42ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 92173
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B374
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGN5j3qEN7M6eXAodpZDbFSkG9ULt3Pk0s3NfxCgy0UlW17bV2dPhiTfYFyPVXuKfRIkLqXenkoE...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF5bastDjqLqzBN1qEtPNYg&google_cver=1&google_push=ATf1kGN5j3qEN7M6eXAodpZDbFSkG9ULt3Pk0s3NfxCgy0UlW17bV2dPhiTfYFyPVXuKfRIkLqX...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEwNzM1NTQ3MzQ4OTI4OTM2Ng&google_push=ATf1kGN5j3qEN7M6eXAodpZDbFSkG9ULt3Pk0s3NfxCgy0UlW17bV2dPhiTfYFyPVXuKfRIkLqXenk...

170 B
188 B

46ms
46ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEwNzM1NTQ3MzQ4OTI4OTM2Ng&google_push=ATf1kGN5j3qEN7M6eXAodpZDbFSkG9ULt3Pk0s3NfxCgy0UlW17bV2dPhiTfYFyPVXuKfRIkLqXenkoEVYAHN7MbF3Asum10m7VRVQ

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEwNzM1NTQ3MzQ4OTI4OTM2Ng&google_push=ATf1kGN5j3qEN7M6eXAodpZDbFSkG9ULt3Pk0s3NfxCgy0UlW17bV2dPhiTfYFyPVXuKfRIkLqXenkoEVYAHN7MbF3Asum10m7VRVQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B374 0
12 B 44ms
43ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JR_86Afuu7SBDyoQvBp0rBstzmjqZOEsxC3hIzruUSt_fmmjYrQ_ArlIEJyPgnWNhad8Wu

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 14:59:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame A7E9 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/16443227948257803267/ Frame C167 29 KB
29 KB 35ms
34ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16443227948257803267/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42ac7248c2a72b25d9464197519f91011dce7d011b67127d30ec40c8fa0484c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:17:32 GMT
x-content-type-options: nosniff
age: 99701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30036
x-xss-protection: 0
last-modified: Thu, 04 May 2023 08:31:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 11:17:32 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12687023281094719859/ Frame C167 3 KB
3 KB 34ms
33ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12687023281094719859/14763004658117789537?w=100&h=100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8f643a9d6b16d521777b1ef8fd67f6f2e9b9588d70f6a895e795871c66a4108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 18:31:25 GMT
x-content-type-options: nosniff
age: 160068
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
last-modified: Thu, 04 May 2023 08:31:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 18:31:25 GMT

GET
DATA 200
OK truncated
/ Frame C167 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C167 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd8095b2e11c81c24b41671a3cd66c1e0d9b0ff47462f69ed957a075035b09ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame F129 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C167 0
19 B 79ms
79ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAK8XQMqNZPXyDMXbxgPD373ACYultoFx89qPjMURnriItoMDEAEgzs6GaGCRhKCFjBigAZGjs6IpyAEJqAMByAPLBKoE3gFP0KOETSGurLcElsQ2pEb-KU8ccdUmqsWyndWy6iACLpSME7ZyMQSahoEhznuq3RjD-ZchvBzckGAtYMG-PUvNviwTUbcx9iB5a_d0PwH9WRvDeU_JbCXZVCM6UOGdy4MfsYQ6YuMh00ZqCNF_NZxqeFc81ejwxqdS-9xPNJjwsjJAliGgkO8zSYjFldw289t2DcZOl5i1HaOZnYNLIrteLmL7QbeMXbt2lpeMdOmSYDxNhIJSXHS8XWUiLjHKiyby_meRSzSkMiqmCaJBJULttYhrFcItm8qBX7NXa4zABOrqrKWtBJIFBAgEGAGSBQQIBRgEoAYugAeR24OCBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJOJAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTM2MTkxMzMwMzE1MDgyNjQYAA&sigh=gOJNT5BMRFs&uach_m=[UACH]&cid=CAQSPABygQiDcgdieK3mWf1fqafgkBGzJMBX2KwC6s1kHQ5bdCLzVBGwDjFI0xUpNUoygEJjTEPEuPlg5P8rjRgB&template_id=484&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Jun 2023 14:59:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/16443227948257803267/ Frame 2C3B 29 KB
29 KB 32ms
32ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16443227948257803267/2076313506083323656

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d42ac7248c2a72b25d9464197519f91011dce7d011b67127d30ec40c8fa0484c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 11:17:32 GMT
x-content-type-options: nosniff
age: 99701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30036
x-xss-protection: 0
last-modified: Thu, 04 May 2023 08:31:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jun 2024 11:17:32 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12687023281094719859/ Frame 2C3B 3 KB
3 KB 40ms
39ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12687023281094719859/14763004658117789537?w=100&h=100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8f643a9d6b16d521777b1ef8fd67f6f2e9b9588d70f6a895e795871c66a4108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 18:31:25 GMT
x-content-type-options: nosniff
age: 160068
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
last-modified: Thu, 04 May 2023 08:31:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 18:31:25 GMT

GET
DATA 200
OK truncated
/ Frame 2C3B 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2C3B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93022efc3187430d2e10c5aca7da7ebfd397e643e5d08f832ae50bef86968fab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D6E 37 KB
14 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TH3Zs8Ev3pHjJfWkL7wPbYNWbVKLYksLSDPKh6nMP2Q.js

Requested by

Host: koora.kora4live.com
URL: https://koora.kora4live.com/matches-today-h2/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 09:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14492
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jun 2024 09:37:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2C3B 0
19 B 79ms
79ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHB91QMqNZPbyDMXbxgPD373ACYultoFx89qPjMURnriItoMDEAEgzs6GaGCRhKCFjBigAZGjs6IpyAEJqAMByAPLBKoE3gFP0JxTfbZTeKqumtIOBDOjAC9QJvWAknc33V1wdPmrWdhvcRM8MBM9sa23fxxDtztj8vhGADd-3t1IX_FPpj6zM3roUKgq86I4wcKA3kxTmmuSUAcym0xr_srY39X6Si0Vy-8UoLTk9DY3QQpskVwxkFKz5pIOUxmzQMfrZ4W9m-ICaTt1aQUNU2yPlId3kKi-Qs32VDCBWs85tzT6BfakETYKicG9dtYbGKxnkFH47ouderShD_Ty6Dikxx0Avt5J9oa20Zb3MvciyC9qR2g3gWFWjfdT7o0_QUKlFrHABOrqrKWtBJIFBAgEGAGSBQQIBRgEoAYugAeR24OCBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJ6PAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwG4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTM2MTkxMzMwMzE1MDgyNjQYAA&sigh=U0bzfnDuFPk&uach_m=[UACH]&cid=CAQSPABygQiDcgdieK3mWf1fqafgkBGzJMBX2KwC6s1kHQ5bdCLzVBGwDjFI0xUpNUoygEJjTEPEuPlg5P8rjRgB&template_id=484&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 17 Jun 2023 14:59:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B627 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssR6yFUkv99AorGARRFoAyYSa_TqBGrsF19GcdNe-7lwfTvQ0MmWEJ36rvDc2jOhXXANyZOvPpwEgLPuJZ9uxoXqKYz0hUjOBKSBdErmswnk-yedEiC4jhAljCZPKBaHT1dVqRPWOTTG3ET&sai=AMfl-YRl0DoNso6m_s6oBKzyEHOstGxKe6R6uWBV59kCWnB-leRyhVouB_RnPIdQc4TjJUigbnKW0C2Sv8v6R2TB6PK-GRrtt7NQeH-MqpOOZ_VvK5N8D1Bb7NpA4RIk&sig=Cg0ArKJSzFH-7PDyE3tDEAE&cid=CAQSPABygQiD8CP6HjGM3dWjs513sE6sbJkDq4b-DHU2pyVEE-dZ6rHpMmknPU6lJ1QMY_w7PPmU6rMgrtAtzhgB&id=lidar2&mcvt=1021&p=1110,436,1200,1164&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=260610851&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687013951852&rpt=877&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6804 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoZ5OONEx6hiX8HQZMXnTTfwDjhNZPs0Aq1ajQ2SG61Gbi7ETm4c8Q9ZYsZAVKukv1ZS6GW1voiPHGT_wlnIT_XcXGAh53UE3LSyZttyA1a7vt93ibjOV8zI8Aq3oR3cPGYET8vojhj73f&sai=AMfl-YQ7fezgNMEzuPDijTlbgzMjT2NG2T8C4xe1nPgXToY9sL6HoYLY1x3XcS-D1paAZcDmPTFGHSGmeRfXDqsU8qmwqiID3zWFWh_9PWbKWTBWLi2aBl0_OH89Pj41T0JKskKTIr2MBUvxQRF-cg&sig=Cg0ArKJSzEVtPnf0NwD9EAE&cid=CAQSTABygQiDk1gKkQlQU0Ajs2A1uiy6anoozvNNt616bacC-ty0hKZO4jrc1RjQwm1IXIlLfkgcbvZg2cQAGfgIEnWW7Re3rZ0xJ1FoplcYAQ&id=lidar2&mcvt=1000&p=100,288,380,1312&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2245042541&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687013951736&rpt=1139&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B627 0
20 B 69ms
68ms Ping
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4632799951231&version=m202301230201&ct=76&x=1&cor=8292680742461275000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C167 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuK8iMOybbW9sGNNJOTjBBLhze4h3yf8k_hi9wdAeaKZsJF8XIRLIj5UDjGsmssoywDiohC-K5IekT5qCpNbSurpVOxwhVoAqPpF4mu9xkCEsToWXFG43MYdQW3ymVmKqVHBftzgl0D61FI&sai=AMfl-YR10nfucVnxr31j1Sa2qZnaRcCzVWMd-mAIOnrEFLDT8uRFoJ4LQ2Y5SHgHkhP4ZmbvN90qIy9LvQ_-VbWcmb-Pt0efhyVOtLfy6TUPdVW1eur3XCKWrWuYUMfI&sig=Cg0ArKJSzEm1axWbvruhEAE&cid=CAQSPABygQiDcgdieK3mWf1fqafgkBGzJMBX2KwC6s1kHQ5bdCLzVBGwDjFI0xUpNUoygEJjTEPEuPlg5P8rjRgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687013953120&rpt=445&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2C3B 42 B
64 B 83ms
82ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIzdt_5FESLOPeOP0xojSUkotg_pBR80Y2ABFquyqJzy9CzxbyxWGoY6K3zAzLznNk5Bo6BqcHY7IwHRmSVAoXBXN_NbevH9XY_VyB9s0dOgHZbVMi06S0GNbVNyaZ5ZvA63E41x9S-AFS&sai=AMfl-YQXyJwMLXFX_wdcQStpl2f_kQoBYwRjBT2EpUgmw681xnSkXuG1AR3dVhkePIjPsEHRpY2t4GwcImR9jlva4tHocrTJ06Iu1T0cKGFnEf0NchIZWILjuB6VthgV&sig=Cg0ArKJSzGY4CIMeiXLeEAE&cid=CAQSPABygQiDcgdieK3mWf1fqafgkBGzJMBX2KwC6s1kHQ5bdCLzVBGwDjFI0xUpNUoygEJjTEPEuPlg5P8rjRgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230614&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1687013953122&rpt=497&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 14:59:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQBxmQ1Coct3yvZzccamz65FO-XzREBDlT1OLlxGQ5Ek0zggSCIbkgcntuuGAvKy4BwwMaVHt3Pn5TTkyhdQTdwW7cag8o3PODOjxD6nymoaEOBIFpOczvVylSRce3XbgyScsywvjFlY0ZylYS9uf2T8JU0ikWtqmOKzDxglb32m0XgjTPlu97nHpYkFWSIfBksaMxxP4PK_anGmSOyFHI-FhJN0qbW_xXNmUblAzNxtMnkTfPtmRmGXgEyKci__y9D38BEGOUbfGUMJI_vsOaz2odKVXrF8Bk6ANIhWT1ILwaajRljlwa0N_7aN8SLxVgaqXdow3QA7w2QxpeDtt7WohOO6_-UmpRdu9_OOLVpHOXbkeXhBifzUgAW7gtlbfZD6NW5dT_8wxz2cSt8Tw&sai=AMfl-YTxHhJ9QzmGErDFZfTyyxDF1wcoklP789wOppuw7aIippc2lPuWiNPR-EnDWD571lbI8n1AFjoglpuW4IF17pg4e2QRPEdLi4a0npB-TqPTYOiQ2YgoSRndeceUV6JzzJ1CGvenoFqg-qXz1HDy&sig=Cg0ArKJSzMt9AwxqNAELEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV6ZMJU7iKjWqW0uF7bqNGSVaX33kyL6no007JpQeltOEXbCAE3WoIZs1fLHRNnGOFI5L1o5Isvu7QVQdoBOifB9IHmXMMJEQK5VSmmMrkvk-c9ZsJzKiZHtOKR4MVMSzEEzVIadpfqvdBuTY_78WuLGwZksCoSHK39XZUwi645-wramk8X5hsX00Wqpx4TKhM-MnW0GO4cqPHgxD2t3j3oJbWReQxF4qpM8bWwtnookg6V1USO1YD92oOwJVJNwpcm7os-8uOWxRKN6Zkvqx264edsxTuZtisqIExjMq6Jm0uz_QJK0mWxspULngUBt-9RSphzuqcqFjm_rafQR9t7rPd-j-KkhAxGTOGe3qkWP7o697KEz3X9HC5XLkCwEEFGL-ApAVBvUGMT31VOao&sai=AMfl-YRS03la3hJqu6MY25tvQYnLu8H8KLICf3byK0k-AMoH_bZZ9NRVew9PabHa_r2sG8kgaop6TkFMET5bRdP0yrvhUjp-AxqujxKEy0neBhv9M0kC4SjnVFMPfLXU2WVzW-2QrDUHAMlMLRx4tYWP&sig=Cg0ArKJSzOUSgx0AClT_EAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 22:12:53	Name: demandSupplyTi Value: e5e1a3e5-db1a-4f67-a75c-6396d285a942
.demand.supply/	1970-01-20 12:36:55	Name: __cf_bm Value: X68chDJiUTWBoMIBIBQNhWXZjucx89bP5rd5XygY2.w-1687013950-0-AaKvsEWBSmDSGUcM52govB06pnXPUDScKRC4j18ZFBAQAtv5p9XrvDAwW8GYn/JWm9tMr+7xHuREpqVJetP9QDc=
.kora4live.com/	1970-01-20 12:36:53	Name: lotame_domain_check Value: kora4live.com
.criteo.com/	1970-01-20 21:58:29	Name: uid Value: 049f8c02-733a-4369-8c2c-2c0ea1e7f97e
.kora4live.com/	1970-01-20 21:58:29	Name: cto_bundle Value: UU5WWF9OeGNkQ0xhcyUyQmk3Qk9nbEdzZnI2clBvQWRtZ280RGZYYWg5d2FLcmVLR2g5UkY3TFVmeWxEYzVlcVd4ZmNucXpXMlNKODFucFBUdTRpNEtlNVdWUW5QM25zNXJmaWpIOUVFR0hYaiUyQjNsM0VYRVRPSGM1VHVqOWY4U0lZcGlJWURhMFJUSWklMkJOeWd6WkdUWG93ektlMlElM0QlM0Q
.kora4live.com/	1970-01-20 21:58:29	Name: __gpi Value: UID=00000c4a89933e43:T=1687013951:RT=1687013951:S=ALNI_MZDA-P3tt0eSUOY44PSwqeNSu9HFA
.kora4live.com/	1970-01-20 22:12:53	Name: _ga_6XQ0HCVXZH Value: GS1.1.1687013951.1.0.1687013951.0.0.0
.kora4live.com/	1970-01-20 22:12:53	Name: _ga Value: GA1.1.651942672.1687013951
.doubleclick.net/	1970-01-20 21:58:29	Name: IDE Value: AHWqTUmNhtpVnFxj3GhWTKORTQvLrbYgJgc2uOH41j8NhaWzZ77a-inV2ogTtF4-iGY
koora.kora4live.com/	1970-01-20 21:22:29	Name: HstCfa4732763 Value: 1687013951906
koora.kora4live.com/	1970-01-20 21:22:29	Name: HstCla4732763 Value: 1687013951906
koora.kora4live.com/	1970-01-20 21:22:29	Name: HstCmu4732763 Value: 1687013951906
koora.kora4live.com/	1970-01-20 21:22:29	Name: HstPn4732763 Value: 1
koora.kora4live.com/	1970-01-20 21:22:29	Name: HstPt4732763 Value: 1
koora.kora4live.com/	1970-01-20 21:22:29	Name: HstCnv4732763 Value: 1
koora.kora4live.com/	1970-01-20 21:22:29	Name: HstCns4732763 Value: 1
.adnxs.com/	1970-01-20 14:46:29	Name: uuid2 Value: 7648382719331386868
.casalemedia.com/	1970-01-20 14:46:29	Name: CMPS Value: 5180
.casalemedia.com/	1970-01-20 14:46:29	Name: CMPRO Value: 5180
.kora4live.com/	1970-01-20 21:58:29	Name: __gads Value: ID=adffab67079b19b5-22beccc4a8e100a3:T=1687013951:RT=1687013952:S=ALNI_MZC_I20Gke4jATG8oihvEuibceALg
.casalemedia.com/	1970-01-20 21:22:29	Name: CMID Value: ZI3KQCkE-9z92xsLSQHkmQAA
.adnxs.com/	1970-01-20 14:46:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb6t'fXs!@wnfH8K6pQK`!5=E<L5?%M-kB]xN7PQzaXMQTJ2$tC!jawel?wKLYr:_[bpRzqF1`b_Hn)#A:
.3lift.com/	1970-01-20 14:46:29	Name: tluid Value: 2674605855509270367308
.simpli.fi/	1970-01-20 21:23:56	Name: suid Value: 7D68715625AF4450B50C70D793506259
.lijit.com/	1970-01-20 21:22:29	Name: ljt_reader Value: G1NjrGZHv9by5NE6TSyD2GY3
.de17a.com/	1970-01-20 21:15:17	Name: guid Value: 1.5764346770478420292
.bidswitch.net/	1970-01-20 21:22:29	Name: tuuid Value: 54dc4285-9b70-45f7-88e1-a0c969265b0a
.bidswitch.net/	1970-01-20 21:22:29	Name: c Value: 1687013952
.bidswitch.net/	1970-01-20 21:22:29	Name: tuuid_lu Value: 1687013952
.doubleclick.net/	1970-01-20 12:36:57	Name: DSID Value: NO_DATA
.zemanta.com/	1970-01-20 21:22:29	Name: zuid Value: fibRseHiZHfgGt4nMlHL
.ctnsnet.com/	1970-01-20 21:22:29	Name: cid_9cbf8ae99aef4a45b3bf68afac0155f3 Value: 1
.ctnsnet.com/	1970-01-20 21:22:29	Name: gid_CAESEMC_nf7FdOs3inRwzi9hnhQ Value: 1
.mathtag.com/	1970-01-20 13:20:05	Name: mt_mop Value: 4:1687013953
.w55c.net/	1970-01-20 22:07:08	Name: wfivefivec Value: Vpg11DhA1Qaxot5
.yahoo.com/	1970-01-20 21:22:51	Name: A3 Value: d=AQABBEHKjWQCEDrcmoS8vK4d4iQyq91yssUFEgEBAQEbj2SXZAAAAAAA_eMAAA&S=AQAAAgLQ2_vBhs9HGMkFYEQ8m_A
.adform.net/	1970-01-20 13:20:05	Name: C Value: 1
.w55c.net/	1970-01-20 13:20:05	Name: matchgoogle Value: 5
.innovid.com/	1970-01-20 14:46:29	Name: uuid Value: 6e52ce22-d39f-427c-ab19-3edb230b3c6c-20230617 10:59:13
.adform.net/	1970-01-20 14:03:17	Name: uid Value: 7107355473489289366
.scoota.co/	1970-01-20 22:12:53	Name: tuuid Value: d00e2773-ff3f-45df-9dad-220c3d70dda3
.scoota.co/	1970-01-20 22:12:53	Name: c Value: 1687013953
.scoota.co/	1970-01-20 22:12:53	Name: tuuid_lu Value: 1687013953
.tribalfusion.com/	1970-01-20 14:46:29	Name: ANON_ID Value: aentmIu4YUdmqcn63goXuZd9aYZaN6exaqw0ot6S8WkjSXB0PH1Dor7gaeYjAPZcPXxEwYtZaSVayFSMlDOWUOtaA7ov

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271802&client=ca-pub-3619133031508264&fa=2&ifi=11&uci=a!b&btvi=1&xpc=ViKJ0zD8qx&p=https%3A//koora.kora4live.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-3619133031508264&fa=3&ifi=12&uci=a!c&btvi=2&xpc=91hLIY6apP&p=https%3A//koora.kora4live.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230614/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-3619133031508264&fa=4&ifi=13&uci=a!d&btvi=3&xpc=Gxk8PZ9BhB&p=https%3A//koora.kora4live.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://koora.kora4live.com/matches-today-h2/ Message: The resource https://live.demand.supply/p4/v16-10-0/a29vcmEua29yYTRsaXZlLmNvbS8= was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9a1a28e0d648b25bdf629152670c0fbc.safeframe.googlesyndication.com
a.tribalfusion.com
adservice.google.com
ag.innovid.com
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
c1.adform.net
cc.adingo.jp
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
kooora4lives.io
kooora4lives.tv
koora.kora4live.com
live.demand.supply
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.scoota.co
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
securepubads.g.doubleclick.net
static.criteo.net
sync.mathtag.com
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kooora4live.com
x.bidswitch.net
securepubads.g.doubleclick.net
www.googletagservices.com
104.102.35.84
149.56.240.129
15.197.193.217
162.19.138.117
172.217.18.2
178.250.1.11
178.250.7.11
18.180.242.12
185.29.134.248
185.80.39.216
185.89.210.122
188.114.96.3
2001:4860:4802:32::36
213.155.156.167
216.52.2.16
2600:9000:2250:f800:a:e047:753:be1
2606:4700:10::6814:41d
2606:4700:10::6816:3456
2606:4700:20::681b:4071
2606:4700:3032::ac43:8365
2606:4700::6810:8516
2606:4700::6812:19ad
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a02:2638:d::2
2a02:2638:d::d
2a02:fa8:8806:16::1400
2a04:4e42::485
2a05:d018:d29:3601:af59:edb8:6ff5:5fcc
2a05:d01c:1d8:8102:cc49:11d8:a79c:a08b
2a06:98c1:3121::3
34.243.190.116
34.96.70.87
35.186.193.173
35.190.39.111
35.204.74.118
37.157.6.233
51.89.9.254
52.59.0.175
54.229.146.125
54.93.94.222
64.74.236.95
65.9.66.122
76.223.111.18
06a516af7e34074c99d3758845a020f5253a7d0ba9c8a52ba091dbc1197db579
07c2263dc63f637c2829a80956bc49d3013a8793515e10a16ab8932380137c20
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095ba2ef0342f3834650ee1b8f246f287d9a9ecd9c93304521668d943da45656
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
103f1040deb2251812465f49f56bb0ddf9282840cb5ed01dc7d6e2708a5aa392
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a80ef3063448c00840e283e683dd30c9ce6dd3a2727acb807939161f69cc4a
14ec2caec3f7525f5997998d6d3b0464ab85f6a701289308af8d8d6ed33ccb4c
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17e12bf7b8cffd82257eae0499a2f1d89c500c2342fc09b9d8e950edc63bb8ba
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
183cb5fd6c3c1ffc7d4302b2477dec65e2594d4a0f0f3315e178c147edcedac2
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
19ca93f8d9d10c735715f86fb60c187a63fceec8e94b8eae15954089209f93d8
2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620
234818229ff3ebd4da0498b14c372a0b55ddf4cf892b5288fb15dc2c88742432
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2bb451155dbe12a0b7a999e8d968b8a4f00e04e3010b1058723f16bdd659761d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3521f5e84dbf85e9b7a304002330fbccf347abc9d0a43765a1838336b8a98c0c
353d937e813704ea813570b1a089e6e6005768fd8e7dcba7b0a2ec6173d193c0
3ab296b2bb2aecd4942237b656e45565beb04d9e73c45346a60e1d92616aeaae
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c06a55d3d62d6ee014e4a184baa5631320cb1d5768dcf3b6b3b1671c3337eae
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d6d12e6811a3832015c73c2560af890a6d62533538c206a36e86857f28a07e2
43ecc8b200833316b052f8abd1f8f727a25984c5dacd6c3b84e592751f55706b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
460a06d507178049c9664edf2d31fe5e05797032691741a3b21e5eb71d4bc4ce
463f51c1b696b30f89ba5c933a12f2611ed6db19dfa358e9583fc9f41a6c2fe2
465e9e73d7098142890d2d05dec3f1d5209d1b6e1fe6448b8f6851bf3ac09a1b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7dd9b3c12fde91e325f5a42fbc0f6d83566d528b624b0b4833ca87a9cc3f64
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2e0c0e3c6f71f0fbbc772350e2e7d5c085d8d1384faede59a37f626ac11c47
503d5e0787673c723fa45552357ab528b2a59f009d0c6136b6de1e4399124714
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5059ee25b1a2668ca83293d97be6c848d4fb5bef1c24d1cd5c5650d96f0ff356
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
559605cf8015222a6bb0c3a8633a81ba2444160dd54231600b413c8a0d503bb1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ecfe6ea0bc4808deb4131cb8ff9c6c9fbb86111b7da3b858216993de1fa0dc0
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
69f970a33ef492e33d7a88327265a0bdfd67674c844ac26f5ee15625edfd19fd
6b57a780a04985f5a44c98c0abcd409ad555b513211488208ae7af52a267992b
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d34ff307f104d3398dd33abfd63f5c0660361639fa8998171fcfa040513f722
6f9fee20abef235ec96aec75fc88c5f392569a8289c7e8da22a8de4fb57d5cb6
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
7cb6aa538ea8be59674eb0f45189fe5cbb02fdf4e46e809985549ea8a2aed397
7f295fdb1019a3c2ff2479582f5eda1915c67e8d8634f8b089920f86b6cc4fb7
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
8292c79a44356dae0dd28d94606a3674bd2d613a93d7304d3090b678cc1755f6
82eaa32fe19ac630fdd793115595523a1385e1f29b46d9af3643ea58073f036c
8387b57a118935f8019c446fd39e34f5c72f0dd3ab3f56a090f4a42dba73fcf7
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e199b4acaba04f13ab3fcf9c95a4a26c3b6468462a5840365fbd3c3b780bd49
93022efc3187430d2e10c5aca7da7ebfd397e643e5d08f832ae50bef86968fab
94326d6b2906fabf98e5f582e128cfcf6ce6bbdf31875e8ad73aa6b2a814619a
9452306f433000d5b62e590d3e9cd7da7fad6bd3ebbfd57be994a81724d1f8a7
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bd2cb08cb688493b9f7dd3f7464c8d92c6ac083696ff560e8bb1f99bebd9873
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0721d605f85c09eb5b1d2633fdc67b693ec32856d1b7fc7e6cb4cac03f0f79e
a2869a662006d31f5256fc0e5953fbbda18b06ef2a7d2e156f49ad8976287dbc
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a81757da531d8f21eb6cf69bc8f04fa81b08baf505bef7247b09f80358c96e1c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8f643a9d6b16d521777b1ef8fd67f6f2e9b9588d70f6a895e795871c66a4108
bad345135b12943e94e41bb59f3e2b7c80a9285d606e896310b3678e77e5f7cb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb86be0538b5ef8bb7fabe6cfdcc28f99687242fbecab81a9a2a72d92931594a
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c09ca02e2b96d3c8f36b1a4a836f562229b083e6eb5d8e9c516f483e04d47cb7
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c0cc4e848bfbd95a66b4db3142f5faaca233257aed50da86341c70e5c740c5e2
c1255c225e18e01faae68870c17c44c85368bf6c4120d0e674615f7a9ccc70d2
c6df03d6bd1a8ca1ce49d6b92d5fd80d5c1358191040696703718ce2054b1b2b
c8918361b99daadefae3b43dc785f54bd7b2373fed6ba755c7330dd729647390
cabceb7b4c87ce82b75e1ea10ad6edeaa13a5f6fc7537e8b3cd852d33c046bbe
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d13e680de2390bb5b3e29b40b40bb71a97a664fc762bf258a735f8aab3b0a9b2
d3c171e205a3a1fa2c3de6e7a1f7313695b551200dc60f8d6fe6b7fe64bb9577
d42ac7248c2a72b25d9464197519f91011dce7d011b67127d30ec40c8fa0484c
d50d330238ad30628da3a5fdb4fbabe96baaeb17a44f1cbfd2b3a3b58adb8553
d5935bd4c9f228a9ab62c6ef3684fb301a4386e19ffc4323cffdc9eed11035b4
d8c89adebf435549dc2a11b00953b69c950853cbcce241b8008fae0d50353c6e
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6eb50ba692e0e4e7660a7ebb85804cdfed896d2b8dc150da134805f7642da75
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
e92ab3bc3d9bc6c228223f3393e594a6f05f00a85c951ff5c89957d84352fa74
e99b649854621c01ca000e9b0c3f5e2115592a4f73b33395fac5b7c648e29820
ea6b16598e88e524df3eca03b40c3c8a2e582c39e9da2f109e63fabee18e3c76
eab55c1a7bd837cda1f735f9c1b59c9bf20861dba91fe8c782ae6825a8173188
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9216b8a337fabe124e83e486f33e49a323239eec435ef3b5fd908a16343736
f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587
f32aacccb22fd88380978866e36581a1494a59ef160b74616308cae3a5703a9c
f90314ca0522750781bb69490e0053b7c60658bc919859adfc326e55d93b9080
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
fd8095b2e11c81c24b41671a3cd66c1e0d9b0ff47462f69ed957a075035b09ed
fef309176b84e3becfb5b63785ae286f17a510eb38155b054c08cdddb0968c04

koora.kora4live.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

265 Requests

85 %HTTPS

53 %IPv6

46 Domains

62 Subdomains

43 IPs

11 Countries

2620 kBTransfer

6547 kBSize

44 Cookies

26 Outgoing links

Redirected requests

265 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

koora.kora4live.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

265
Requests

85 %
HTTPS

53 %
IPv6

46
Domains

62
Subdomains

43
IPs

11
Countries

2620 kB
Transfer

6547 kB
Size

44
Cookies

265 HTTP transactions
17 data transactions