ksa.okkora.com Open in urlscan Pro
2607:f8b0:4020:804::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://3koraonline.okkoora.com/
Effective URL:
https://ksa.okkora.com/
Submission: On December 25 via api (December 25th 2023, 6:21:33 pm UTC) from US — Scanned from US

Summary HTTP 47 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 47 HTTP transactions. The main IP is 2607:f8b0:4020:804::2013, located in Montreal, Canada and belongs to GOOGLE, US. The main domain is ksa.okkora.com.
TLS certificate: Issued by GTS CA 1D4 on December 22nd 2023. Valid for: 3 months.

This is the only time ksa.okkora.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:2318	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4020:804::2013	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
6	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
11	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4020:807::2004	15169 (GOOGLE) (GOOGLE)
47	8

1 2606:4700:3033::6815:2318 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

3koraonline.okkoora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::2013 (Montreal, Canada)

ASN15169 (GOOGLE, US)

ksa.okkora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	74 KB
11	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12342	199 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	224 KB
6	wp.com i0.wp.com — Cisco Umbrella Rank: 3858	79 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	9 KB
1	okkora.com ksa.okkora.com	40 KB
1	okkoora.com 1 redirects 3koraonline.okkoora.com	458 B
47	7

	Domain	Requested by
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
11	blogger.googleusercontent.com
7	pagead2.googlesyndication.com	ksa.okkora.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	i0.wp.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	ksa.okkora.com
1	3koraonline.okkoora.com	1 redirects
47	9

This site contains links to these domains. Also see Links.

Domain
news.google.com

Subject Issuer	Validity	Valid
ksa.okkora.com GTS CA 1D4	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://ksa.okkora.com/
Frame ID: 95281776C62DCD7D600BA93D31A1BF6F
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 66F25E6F8DBDC47ECF5066A54B100290
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3727202832078613&output=html&adk=1812271804&adf=3025194257&lmt=1703522559&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fksa.okkora.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703528488916&bpp=3&bdt=489&idt=455&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=473623318653&frm=20&pv=2&ga_vid=728406117.1703528489&ga_sid=1703528489&ga_hid=202324050&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320869%2C95320885&oid=2&pvsid=4029571262947610&tmod=1338549285&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=483
Frame ID: 8DF18335A749DB2F0FECE06EA942D5C9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B395DAE5685E43E1F1456167E0691C8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8269AEFEB0A0751FEAB542AA6E2FDA51
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

كورة اون لاين | kora online | كورة اونلاين بث مباشر مباريات اليوم

Page URL History Show full URLs

https://3koraonline.okkoora.com/ HTTP 301
https://ksa.okkora.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

47
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

625 kB
Transfer

1267 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://news.google.com/publications/CAAqBwgKMMDQtwswzevOAw

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://3koraonline.okkoora.com/ HTTP 301
https://ksa.okkora.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ksa.okkora.com/
Redirect Chain

https://3koraonline.okkoora.com/
https://ksa.okkora.com/

135 KB
40 KB

346ms
141ms

Document
text/html

2607:f8b0:4020:804::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ksa.okkora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2013 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61916c032e3700cdf869e76f63bdb93a43724b05c2d12d56f0805ab863d8e27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 40279
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 18:21:28 GMT
etag: W/"66b2b2116328f205519d4ff153b07a442f446dd97e7d63c6cce1000e17a95711"
expires: Mon, 25 Dec 2023 18:21:28 GMT
last-modified: Mon, 25 Dec 2023 16:42:39 GMT
server: GSE
x-content-type-options: nosniff
x-robots-tag: all
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 83b31a997861dab1-MIA
date: Mon, 25 Dec 2023 18:21:27 GMT
expires: Mon, 25 Dec 2023 19:21:27 GMT
location: https://ksa.okkora.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMTrigm1P6e9nQzJNWTznFaRDARYqWLrVDWjY7YMpZKS02FFtsdeS8KssO8ooI0RXlOAlxTfx%2BVM94boc5gtP%2BdQVZbtuPllWG09uxUAlmRU6kfkfoGovMx2rBmYYh6KJnMDjhT98KcORJqs6vcMaPB2OrclEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 401 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 944 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 248 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 460 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 26 B
26 B Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 283ms
113ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3727202832078613

Requested by

Host: ksa.okkora.com
URL: https://ksa.okkora.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27d87079939ae85dd20ef666ec2890ec3331fffeee0b7a7e47261236297b0bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
Origin: https://ksa.okkora.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51284
x-xss-protection: 0
server: cafe
etag: 14800301644651208822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 18:21:28 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 282ms
137ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3727202832078613

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137920
x-xss-protection: 0
server: cafe
etag: 10942279955400410868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 18:21:29 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 66F2 9 KB
4 KB 228ms
70ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3727202832078613

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 84537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Dec 2023 18:52:32 GMT
etag: 5585625838579639069
expires: Sun, 07 Jan 2024 18:52:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8DF1 11 KB
4 KB 166ms
165ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3727202832078613&output=html&adk=1812271804&adf=3025194257&lmt=1703522559&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fksa.okkora.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703528488916&bpp=3&bdt=489&idt=455&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=473623318653&frm=20&pv=2&ga_vid=728406117.1703528489&ga_sid=1703528489&ga_hid=202324050&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320869%2C95320885&oid=2&pvsid=4029571262947610&tmod=1338549285&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=483

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8473635ec57390b76bed61134767726d1c8323e4c8c715fd8f837a9eedc6ed3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 4578
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 18:21:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-3727202832078613 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 288ms
115ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3727202832078613?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abf39a326f522d330aa692fbac6584da86b824cda17ec257b9a417a23c0d5383

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZhB_gTowZGLeDmyFQ6zVbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZhB_gTowZGLeDmyFQ6zVbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXyTmWhH1mCjIdazt1w5OOA6oAI4FXE_k53Stg-7RH5oFIe58Jr1DzCdW2Wi9x_U0uya13Z78yMfk2vBRDGitqEtjnumIylSd0lWhNvkYuv_efJiu1Q4ycgJU6aMiVI6FHf44vM_g== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 123ms
122ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXyTmWhH1mCjIdazt1w5OOA6oAI4FXE_k53Stg-7RH5oFIe58Jr1DzCdW2Wi9x_U0uya13Z78yMfk2vBRDGitqEtjnumIylSd0lWhNvkYuv_efJiu1Q4ycgJU6aMiVI6FHf44vM_g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNTI4NDkwLDQxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2tzYS5va2tvcmEuY29tLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7da688a3f5542d80b4a1b22ef5c5cb442d4148b485bc5cc0bfc0a6c09e40b21e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UBVVPkAlNsY6FRzaIwci5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-UBVVPkAlNsY6FRzaIwci5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cliopatraFC2020_12_17_18_1.jpg
i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2020/12/17/ 20 KB
20 KB 150ms
75ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2020/12/17/cliopatraFC2020_12_17_18_1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

2d5dc6dfee260558941971ecef3211d338a7d7fcb4cb482cef91e3e1430e1879

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 20228
x-nc: HIT mia 4
last-modified: Sat, 23 Dec 2023 22:11:08 GMT
server: nginx
etag: "abb3e4f73d8d2ac5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.gemini.media/img/yallakora/IOSTeams//120//2020/12/17/cliopatraFC2020_12_17_18_1.jpg>; rel="canonical"
expires: Tue, 23 Dec 2025 10:11:08 GMT

GET
H2 200 ahly12023_10_19_17_58.jpg
i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2023/10/19/ 11 KB
12 KB 168ms
94ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2023/10/19/ahly12023_10_19_17_58.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

b0762174aa7a48a4d076279ebfce171c32ce9b4b75a10e23dcc20d3d92675653

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 11718
x-nc: HIT mia 2
last-modified: Thu, 14 Dec 2023 04:41:13 GMT
server: nginx
etag: "84a4d83b8f958045"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.gemini.media/img/yallakora/IOSTeams//120//2023/10/19/ahly12023_10_19_17_58.jpg>; rel="canonical"
expires: Sat, 13 Dec 2025 16:41:13 GMT

GET
H2 200 Ankaragucu2021_7_15_16_21.jpg
i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2021/7/15/ 11 KB
12 KB 167ms
94ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2021/7/15/Ankaragucu2021_7_15_16_21.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

051185dd7b0a21ce3f21c1ac3b6d26108e50b6a49b9f16e98b187ff04c098c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 11494
x-nc: HIT mia 7
last-modified: Tue, 19 Dec 2023 21:37:36 GMT
server: nginx
etag: "e57d36c85d482dda"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.gemini.media/img/yallakora/IOSTeams//120//2021/7/15/Ankaragucu2021_7_15_16_21.jpg>; rel="canonical"
expires: Fri, 19 Dec 2025 09:37:36 GMT

GET
H2 200 Pendikspor12023_8_4_21_20.jpg
i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2023/8/4/ 19 KB
19 KB 134ms
61ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2023/8/4/Pendikspor12023_8_4_21_20.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

af49f9981a8773147f8ab91acd0621e37a724755a32f602a5ad8c4ba279c139e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19420
x-nc: HIT mia 2
last-modified: Tue, 19 Dec 2023 21:37:29 GMT
server: nginx
etag: "0b3f0fe294dedf56"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.gemini.media/img/yallakora/IOSTeams//120//2023/8/4/Pendikspor12023_8_4_21_20.jpg>; rel="canonical"
expires: Fri, 19 Dec 2025 09:37:29 GMT

GET
H2 200 Besiktas2018_9_13_12_40.jpg
i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2018/9/13/ 4 KB
5 KB 104ms
32ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2018/9/13/Besiktas2018_9_13_12_40.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

88c5dd280660c0557fd399494802ff9b6583411fe067855fb42f31e8a0cc2b84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 4292
x-nc: HIT mia 6
last-modified: Thu, 14 Dec 2023 12:23:37 GMT
server: nginx
etag: "a1ba29e075241972"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.gemini.media/img/yallakora/IOSTeams//120//2018/9/13/Besiktas2018_9_13_12_40.jpg>; rel="canonical"
expires: Sun, 14 Dec 2025 00:23:37 GMT

GET
H2 200 hatayspor2021_7_15_15_43.jpg
i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2021/7/15/ 11 KB
11 KB 140ms
67ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/media.gemini.media/img/yallakora/IOSTeams//120//2021/7/15/hatayspor2021_7_15_15_43.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

ccf52cd91517cd064e683dcf5968612a62f07560dae5cdb5ee7a74c95140506f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 11342
x-nc: HIT mia 6
last-modified: Tue, 19 Dec 2023 21:37:36 GMT
server: nginx
etag: "a82652a9755d147c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <http://media.gemini.media/img/yallakora/IOSTeams//120//2021/7/15/hatayspor2021_7_15_15_43.jpg>; rel="canonical"
expires: Fri, 19 Dec 2025 09:37:36 GMT

GET
H2 200 ujkk.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3O5TzciVeIHfHYr1z0DBLgj7xdDS3qi8OXgKuxKax7_wekYIfmYI_0YTrTbDY092dpeQPsTEjesTlywzojR_CkNm5qtQXlzzcT_PN19buHZnm32pity3pwzVusSFSP2aNHvtFPUoZ8xYDP678... 25 KB
25 KB 908ms
743ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3O5TzciVeIHfHYr1z0DBLgj7xdDS3qi8OXgKuxKax7_wekYIfmYI_0YTrTbDY092dpeQPsTEjesTlywzojR_CkNm5qtQXlzzcT_PN19buHZnm32pity3pwzVusSFSP2aNHvtFPUoZ8xYDP678xA0vrpGVDYsVBID13r-L9uAgQo91nYN_2a7O3crTrxqf/w250-h150-p-k-no-nu/ujkk.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

861335c112099c43a1e4880898982eb526c2dee734b332d92c0b99dab53d8b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:31 GMT
x-content-type-options: nosniff
server: fife
etag: "v24"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ujkk.jpeg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25538
x-xss-protection: 0
expires: Tue, 26 Dec 2023 18:21:31 GMT

GET
H2 200 6678j.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJw86j_dicjPXVgMD537hNZJHBAOPoa-9H7JAvxv98TiIwoWGiqHF3Vop8TTAWv2StzvE7Vqi7FpxR7bmS_PAXslXvTjfjbke_uV2jGGs-5ckoVNpJ17JN8T-asT3y-EO2oFo3zQ9sFgxvQDop... 17 KB
17 KB 539ms
374ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJw86j_dicjPXVgMD537hNZJHBAOPoa-9H7JAvxv98TiIwoWGiqHF3Vop8TTAWv2StzvE7Vqi7FpxR7bmS_PAXslXvTjfjbke_uV2jGGs-5ckoVNpJ17JN8T-asT3y-EO2oFo3zQ9sFgxvQDopjGVq-zXTva9Habi1P_Kqy_z-GywGxaCa6s70bvzUbwV7/w250-h150-p-k-no-nu/6678j.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

26c87b57493b7753a9128d06c5c31528dea4dc614dd564dab00ec3bdc196cf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v20"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6678j.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16956
x-xss-protection: 0
expires: Tue, 26 Dec 2023 18:21:30 GMT

GET
H2 200 drr6.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOzb4HSx1nje7b53Q0l260i3kdzn_6mIrTh5yxs0kp6UmmqFGil05ncjQ3lm1IqAVa8up8Cnh9KC_k7bC6ZtqW67emcUQvVF_3TlQc3T2LsfCaXgTgfGTUW6examxo6QdRkOxpHMHhZlXfjawJ... 16 KB
16 KB 563ms
398ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOzb4HSx1nje7b53Q0l260i3kdzn_6mIrTh5yxs0kp6UmmqFGil05ncjQ3lm1IqAVa8up8Cnh9KC_k7bC6ZtqW67emcUQvVF_3TlQc3T2LsfCaXgTgfGTUW6examxo6QdRkOxpHMHhZlXfjawJ3FowmUqHgsm7ulh8CeEhYMBGoiZwHzqACsGEtYitdAcA/w250-h150-p-k-no-nu/drr6.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db4974235882a9484cc062efacd886282ab0aefbc050cd2c1a27af5099b22829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v1e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="drr6.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16690
x-xss-protection: 0
expires: Tue, 26 Dec 2023 18:21:30 GMT

GET
H2 200 ty6.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0h8NzQyswwRqm62PSAPZKzR-2kzzUp942s380_IcLL9nTHu0SEXK0LY70C3nV20pmc0Yt9Ex5pA5cEar88wp00TSuEMbB5tXmLVvtm6T2egFqeVRFV1m0Rl8wTIye-iOmMP0fbM1ywt11Dxyh... 13 KB
13 KB 656ms
491ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0h8NzQyswwRqm62PSAPZKzR-2kzzUp942s380_IcLL9nTHu0SEXK0LY70C3nV20pmc0Yt9Ex5pA5cEar88wp00TSuEMbB5tXmLVvtm6T2egFqeVRFV1m0Rl8wTIye-iOmMP0fbM1ywt11Dxyhuz7CCIKwbUb_JmeDGM8BC7BfjlfaxbQ8Rl8dHyerduf5/w250-h150-p-k-no-nu/ty6.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b26e27845fa4c8c826092845efcced49583fb594799745ad7f7e030c2e2c7780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v22"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ty6.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13490
x-xss-protection: 0
expires: Tue, 26 Dec 2023 18:21:30 GMT

GET
H2 200 uuu8.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIfxkZ1CDh7jpuE2YwwzA_MHa0oj5rRNKBI2RTQp9XO-6yNScra12eIrkuM9rkIuoxDSGExjvZKwBwR-b4vMRS6jxeF7vJhPh_zndH5ENdPj1J-dYQUNzgNDoZMqTlcdDpuZuA0-Hc6VW1I14V... 23 KB
23 KB 519ms
458ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIfxkZ1CDh7jpuE2YwwzA_MHa0oj5rRNKBI2RTQp9XO-6yNScra12eIrkuM9rkIuoxDSGExjvZKwBwR-b4vMRS6jxeF7vJhPh_zndH5ENdPj1J-dYQUNzgNDoZMqTlcdDpuZuA0-Hc6VW1I14ViIfPHC1C4Kh8HDBUwSFtX22CdDiueCcR4bpRLqoWx2bn/w250-h150-p-k-no-nu/uuu8.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

811454f9a603076a2845c93a0fdcec2e155d2c59a5c5ef316e6ae3c188cb4d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v26"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="uuu8.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23831
x-xss-protection: 0
expires: Tue, 26 Dec 2023 18:21:30 GMT

GET
H2 200 6yu.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFjcXcr1ggrVDqVQVjGZ2WvySfnv3B40lqtQvcC4AUMtBQWIclcRBRa3xvo3KzIw2jC20MYHHtWF6YzEJEoPjdyi3wWXR7UdLX_f5mGFiQCzXoxmp2Xh-rCXkmIRwnLt3ZwhrZGJCk2IHPgdu9... 25 KB
25 KB 655ms
629ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFjcXcr1ggrVDqVQVjGZ2WvySfnv3B40lqtQvcC4AUMtBQWIclcRBRa3xvo3KzIw2jC20MYHHtWF6YzEJEoPjdyi3wWXR7UdLX_f5mGFiQCzXoxmp2Xh-rCXkmIRwnLt3ZwhrZGJCk2IHPgdu9qeZfuMgSLtvrH5xACcRQ0yGmRXE2tuOlCYHj-WVXDw4q/w250-h150-p-k-no-nu/6yu.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a89d01cf9ec5a816844a8d6869c19e9b2a6ba1718121b7c43204659b52fb42e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
server: fife
etag: "ve"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6yu.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25897
x-xss-protection: 0
expires: Tue, 26 Dec 2023 18:21:30 GMT

GET
H2 200 tttj.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgazYDhPywSF6oD-qX3zia-CCq8QdG4yGjKezSNg_W9QwtmO0_hiFQCcue6gS10M4ybko6U50hllAJkWyn0DGicUry1F_yj_sBVpujFxve7nJgcJA9PZ0SMeppY2MbF_mv6zY8tu7JdVY1DHn8e... 14 KB
15 KB 556ms
555ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgazYDhPywSF6oD-qX3zia-CCq8QdG4yGjKezSNg_W9QwtmO0_hiFQCcue6gS10M4ybko6U50hllAJkWyn0DGicUry1F_yj_sBVpujFxve7nJgcJA9PZ0SMeppY2MbF_mv6zY8tu7JdVY1DHn8e2t0L2kDxzrc5kWCEj3xzySF1NefMF3ePRJNslUj6musu/w250-h150-p-k-no-nu/tttj.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9912da9b209979933b7343d04c24d924d990a1671fa6538e41dc6f6bf64d7047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v12"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="tttj.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
expires: Tue, 26 Dec 2023 18:21:30 GMT

GET
H2 200 yy7.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlMI7zP9mnBKRYP0AhpGOZU73jDN8Wfo81soooCV8Aat3ReF3U4vsRO_N54VLH9d1kgJ_p8YB-FXMnjhcZGFVN9TlMmdq3X2U9_JATBGNv8f3ftHIyj6Oi96ZMH5xH9wU8ZJvESWWM1vCGhZYK... 22 KB
22 KB 505ms
504ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlMI7zP9mnBKRYP0AhpGOZU73jDN8Wfo81soooCV8Aat3ReF3U4vsRO_N54VLH9d1kgJ_p8YB-FXMnjhcZGFVN9TlMmdq3X2U9_JATBGNv8f3ftHIyj6Oi96ZMH5xH9wU8ZJvESWWM1vCGhZYKJDLJixYz0HQrTX8dLlpXQl5IFD9WdWFbvSwVsJldN1SA/w250-h150-p-k-no-nu/yy7.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb11c123d0115925fe4cd93bf819399cc6f028961f56136591487f83f2238a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v14"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="yy7.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22351
x-xss-protection: 0
expires: Tue, 26 Dec 2023 18:21:30 GMT

GET
H2 200 n.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjtLhlEMjeGlszPtCFrGl6VCcm21I_oOuDYsuc1tPC6gTMx8nPm5cOruuhG79aKt156S8Z5n8EIk8wpqdkC4IC3PzuPoQkrrE-zfA5wQLiC6TopstHD7Af3ADijeN1Dc1JfF4-mkVXWFzzEKq_... 3 KB
3 KB 444ms
443ms Image
image/webp 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjtLhlEMjeGlszPtCFrGl6VCcm21I_oOuDYsuc1tPC6gTMx8nPm5cOruuhG79aKt156S8Z5n8EIk8wpqdkC4IC3PzuPoQkrrE-zfA5wQLiC6TopstHD7Af3ADijeN1Dc1JfF4-mkVXWFzzEKq_v_9JbH_04m0Np2yA9ET8MlWedzBn-l7_YAgg42BdLNQ/s300-rw-e90/n.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c6133ff3e64aa65bcb798d55e66515b15a0d703762af96d9c39dfb815bdea598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v6"
vary: Origin
content-type: image/webp
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
content-disposition: inline;filename="n.webp"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2924
x-xss-protection: 0
expires: Sun, 24 Mar 2024 18:21:30 GMT

GET
H2 200 6g6y.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7Oi-Xz5rzFfICFIhtxxvwsElnOabnP45FUWnfWMoe6hBIHdE_SN9wfDrKfHzCFAnjZM0BcL5N_n7Sqz-8BrQnTNlkIjetpEjnQFNkN425G3rzx7j_Wsv7CA1w-AVH0x0AtZaRzGQWASo4AV3B... 17 KB
17 KB 524ms
523ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh7Oi-Xz5rzFfICFIhtxxvwsElnOabnP45FUWnfWMoe6hBIHdE_SN9wfDrKfHzCFAnjZM0BcL5N_n7Sqz-8BrQnTNlkIjetpEjnQFNkN425G3rzx7j_Wsv7CA1w-AVH0x0AtZaRzGQWASo4AV3BU_2l1IkibRbgY9rHI9uB4MA59QJ3OfnG31DXE81B603A/w250-h150-p-k-no-nu/6g6y.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8644a1dd874ad03cd561cd8da9f2d142197da295820b3b075b8217f625737bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v16"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="6g6y.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16967
x-xss-protection: 0
expires: Tue, 26 Dec 2023 18:21:30 GMT

GET
H2 200 gttg.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWhpB9_aJJJTpV78k_ftHCZmqSjLSE1PneNp3N-AS39BSZtM9VJbELijzV1la5VGDrzLMzezN0MUQ28BOuA-ptEHr8wdrZZfRYuEiNBZQ1vNNZptYYcf0xpOnhOU8FNsrfrSqTkBYfM5LwEKpj... 22 KB
22 KB 538ms
538ms Image
image/jpeg 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWhpB9_aJJJTpV78k_ftHCZmqSjLSE1PneNp3N-AS39BSZtM9VJbELijzV1la5VGDrzLMzezN0MUQ28BOuA-ptEHr8wdrZZfRYuEiNBZQ1vNNZptYYcf0xpOnhOU8FNsrfrSqTkBYfM5LwEKpj-Pl6hiO3g8glCoBEWRie39a8WBDJCD4XyFKfwqdyHG8s/w250-h150-p-k-no-nu/gttg.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

66ce9c5ea49cb726927bf8f8c2fa99e55d2769aacbe9018c80bcf55cf6b15714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v18"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gttg.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22798
x-xss-protection: 0
expires: Tue, 26 Dec 2023 18:21:30 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 118ms
117ms XHR
application/json 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56598808b9d48a356f7ecda45d518056f43df459af785182e177f61858266056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12300
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 256ms
99ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 18:21:30 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B39 13 KB
5 KB 71ms
70ms Document
text/html 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 57504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 02:23:06 GMT
expires: Tue, 24 Dec 2024 02:23:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8269 829 B
1 KB 350ms
100ms Document
text/html 2607:f8b0:4020:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

447fe6527e33c2d95fadac84cf70bed797654229f3b9519b67f68256cc19fbeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FmYdbVHP3KwUNC6iM-1iLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ksa.okkora.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-FmYdbVHP3KwUNC6iM-1iLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 18:21:30 GMT
expires: Mon, 25 Dec 2023 18:21:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B39 39 KB
15 KB 74ms
73ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 00:52:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Dec 2024 00:52:04 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 5B39 0
40 B 71ms
70ms Image
text/plain 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iwNYcQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8269 0
0 100ms
99ms Image
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4029571262947610&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 112ms
111ms Image
image/gif 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.022017405468319

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-EWZOiktDfWt_ei2xWYAA9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-EWZOiktDfWt_ei2xWYAA9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 117ms
116ms Image
image/gif 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.180240303478608

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-QwXNb8tQRHjeDeRjK-iqQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-QwXNb8tQRHjeDeRjK-iqQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 248ms
102ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7a51NuVR0sGTAfZKSNnDWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Dec 2023 18:21:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7a51NuVR0sGTAfZKSNnDWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ksa.okkora.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 103ms
103ms Image
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4029571262947610&bg=!_f6l_rHNAAY3kmNgF5I7ADQBe5WfODq146smyVXR45taOnvSBPuNFGZXAe_wEgB6HTQvrYAkuqWCglBOEjQLSBpVTAQhAgAAAF9SAAAAAmgBBwoANZ-uSViq16pt4t3uMKGAb5Z6NvyYiLolNRuNFxrUoUEyzwnXzyJF4ry440sr-zcR_QMFHswTmQMDUvAoI2B5P5L09_dwTFyqkhOHKgk4cMeR3lBzS9tXSwh6v_l6LIvaXCCRwrT_Q5H-sTHf3pfD4JpvtOJKuUR-tgJ3aByaJ_KMfGUbdMNzma9KYN3T1nSdIAdszywqPSNQ0eeAsb8TbOoNaO0N_LAlAyC4HSHUUcaHs07LeD4t_7sfTShGNnhoP2fQFXl9XDqabkNkaREmjuvTthJl9GouhC-rVToVHoyr3sPF79Zls2hW8ZPomRgw81w51qeUdsWaDvNAYNwFSdYZ0fOCaN5a5FucGESqvpb8Tb36vjOBfyzPwGC-kI_9lYe0LwQtm10IhjoNURP6Lm6qSWugDwTstmSVnofJHG6Qh5n_zwChCNOr8SgP1JXA9eOCW8JIrIvDd-4AkZowysezKOq2eCpF2a74NfBR0sKfEQCYkLERLuiIM6nK6VuKGl82altbR1K1AHtXzPs9Yd_0H0zbIcd1OgM3T2qTtKB7U0BQJyP1bL6vLGtinWjvVTthFPDd8W4LazfmC1VcY7mfgM7NRb26tOcUChLNIBZi0UQYiuidcvha8JpfiRdiUHY0b1xe2B2lsNkVH79bZ8880ela749VH7toOtrW2zspkYPoWI5vv0gCNkDQ7FTaJLmr1WjfcVBa4EHhcNL507YuEZ9dvSTVyO2L3n5_hRr_RVfzvZ8_Lzi3GmrwQXSFs5mutHNcjAJFEHTstEDbvf9uVCr_OjQqF2XZWS6fIW2BBBvaVt8LT1AMz-d-YdCVU2QqIuSJwCVFxqF1vrQtZQxUotnQb-8ta9nLNGuXx6NDbB41kfOEM7iQoW9ELxrMEH1Mp62xSrRV_yrCJggc98sRcRbiGyZtLb014x3TS88S4ECF7HMCIF6v-Qg1mZlizILVrw5cl5x8AlQbl3xBUpWVef9dNASIEusigFqwyI5Itvn7UeG3Jk0HH9PR-U6xvDG2t8nmZv9FJHVxz2MH9HuZBDvYAh7XA-3bEaz1lsOmM5yfSy2UHZsNxXYGAAPkU1jfOKFRBnsZRqUf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 top3. Show response
fundingchoicesmessages.google.com/f/AGSKWxUzAC5aQWPxxB7I2rA5h9eerIlM9vwclkmP_q5rQD0PSCpK7ypFJc-2XJoG1fbeU0KyFgaIxZhsNUeE5agnq5Jid3Z7gVXYIAGUiGHOdVctwZVwv38bBvUJDMpJTMbzYiMHL8upMVokUFzeNJUjQondkMa06... 54 B
109 B 105ms
104ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUzAC5aQWPxxB7I2rA5h9eerIlM9vwclkmP_q5rQD0PSCpK7ypFJc-2XJoG1fbeU0KyFgaIxZhsNUeE5agnq5Jid3Z7gVXYIAGUiGHOdVctwZVwv38bBvUJDMpJTMbzYiMHL8upMVokUFzeNJUjQondkMa06WbzMValJJS6ILb4BC3ahnqqci07totK/_/livejasmin./livejasmin_/randomad120x600nsfw./ad_choices./ad/top3.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4eeffa43f4b096d46ef883eb48487966ed2fa8d387443193ad9f8aa1dfb80b20

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-j0ZTRORS-1NSZNDt17DMpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:31 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-j0ZTRORS-1NSZNDt17DMpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 73ms
72ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 19:26:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Jan 2024 19:26:49 GMT

POST
H3 204 AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 103ms
102ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f37g8SEb00OjVnDLkexw_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Dec 2023 18:21:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-f37g8SEb00OjVnDLkexw_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ksa.okkora.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 102ms
101ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-no_qZxCf5M9RlZoqfW4_QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Dec 2023 18:21:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-no_qZxCf5M9RlZoqfW4_QA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ksa.okkora.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 105ms
105ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-o8oGL4rLwOz7lE2fPNucBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Dec 2023 18:21:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-o8oGL4rLwOz7lE2fPNucBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ksa.okkora.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 103ms
103ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LdakNtswAbkucquGLXxEug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Dec 2023 18:21:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-LdakNtswAbkucquGLXxEug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ksa.okkora.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXrQcbHwY5S50ju2w3DUOEZA8Mu86se3BgsFpHycJScnrNQyUTmEeI5mMaB1quZ_ZC1cy-1AqJfMCEhTAD0LMkDe4UCtzIRPTwZSHeirrePTYbbwkw5CqTqNFfwPX6kj_DDqV6Jdg== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 115ms
115ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXrQcbHwY5S50ju2w3DUOEZA8Mu86se3BgsFpHycJScnrNQyUTmEeI5mMaB1quZ_ZC1cy-1AqJfMCEhTAD0LMkDe4UCtzIRPTwZSHeirrePTYbbwkw5CqTqNFfwPX6kj_DDqV6Jdg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNTI4NDkyLDcwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3LDZdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2tzYS5va2tvcmEuY29tLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

beaf83e9193281821cb8867082139e2c9f6f91775d048b969f5cfafb158753c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wO0iPQQU4oJ5l0bl59aIQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-wO0iPQQU4oJ5l0bl59aIQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 101ms
101ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Wf5OC_hCf7sLE2wJQUwu3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Dec 2023 18:21:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-Wf5OC_hCf7sLE2wJQUwu3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ksa.okkora.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUrLKSZ4roys9yL6y7AOqoxVjpX3xGZTGL8pQrAifWEvPUDOhmqoDbAl9ndXIX4DJleVuVZI7lHK0f9J3Z8hp8xYrtuEOjY2iuWwxzedq_zweQvPNNQ0p3FzlYL_aawxx7dUCynng== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 116ms
116ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUrLKSZ4roys9yL6y7AOqoxVjpX3xGZTGL8pQrAifWEvPUDOhmqoDbAl9ndXIX4DJleVuVZI7lHK0f9J3Z8hp8xYrtuEOjY2iuWwxzedq_zweQvPNNQ0p3FzlYL_aawxx7dUCynng==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNTI4NDkyLDE1OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8va3NhLm9ra29yYS5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eeb0aed683c714a9c6b3fa88d9f0b0ef004fc0a44655dedc56f13eb5d72fbaf8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JyYkylie4f9Bn5gRtINX3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-JyYkylie4f9Bn5gRtINX3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWG6DFcS0oiqEMOumIA4ToBCI2yJ613jRefehoHfrtYXJxyDPAXlNnu5ApW_XdGCj4KWkTAlqtIKIUj1E3m8ut-RxcKsAIQOarUj7Z65K9l8Vic0kLxlT9LFhHqCJCTh_T2oXhVBg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 117ms
117ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWG6DFcS0oiqEMOumIA4ToBCI2yJ613jRefehoHfrtYXJxyDPAXlNnu5ApW_XdGCj4KWkTAlqtIKIUj1E3m8ut-RxcKsAIQOarUj7Z65K9l8Vic0kLxlT9LFhHqCJCTh_T2oXhVBg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzNTI4NDkyLDI4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9rc2Eub2trb3JhLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3b91476fe57831e674488aff02b32e26be87d3e303fa8c2ab25cbb2e2ae2bf0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UvnYoy8gQjw60Xsa2z7m0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ksa.okkora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 18:21:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-UvnYoy8gQjw60Xsa2z7m0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXPoB0YZRmDAdgTwK4RCZU3OfJOa68vrcMNjzrxaL33SHrCZGLoHHlHJbtf6TsKLKwmZzuOvyT8CYZ0tag7XNwhyuv9I0R91VtmDknKFB7TDvKsGCIXc1liImdv5pvOR81aRIGi8g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 105ms
105ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXPoB0YZRmDAdgTwK4RCZU3OfJOa68vrcMNjzrxaL33SHrCZGLoHHlHJbtf6TsKLKwmZzuOvyT8CYZ0tag7XNwhyuv9I0R91VtmDknKFB7TDvKsGCIXc1liImdv5pvOR81aRIGi8g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-si18nKT8C361gzRrCKVekA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Dec 2023 18:21:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-si18nKT8C361gzRrCKVekA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ksa.okkora.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 102ms
102ms XHR
text/html 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXuBo6RLrXBO1YzDg5S0Bmh9odNfZiIKifqbLYoFebPwjUCgboLa32C5keCwy-_jqy-k7s_96Q0LsxezKH-5laNMNVx7iSONb1WjuoHCDsdjRkC8GgrOr75TixkSQ0hm_ej7sLdWg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-e1IMw_qFHc7ZHordpkvIxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ksa.okkora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Dec 2023 18:21:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-e1IMw_qFHc7ZHordpkvIxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ksa.okkora.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 17:12:09	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3727202832078613&output=html&adk=1812271804&adf=3025194257&lmt=1703522559&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fksa.okkora.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703528488916&bpp=3&bdt=489&idt=455&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=473623318653&frm=20&pv=2&ga_vid=728406117.1703528489&ga_sid=1703528489&ga_hid=202324050&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320869%2C95320885&oid=2&pvsid=4029571262947610&tmod=1338549285&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=483 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3koraonline.okkoora.com
blogger.googleusercontent.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i0.wp.com
ksa.okkora.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
192.0.77.2
2606:4700:3033::6815:2318
2607:f8b0:4020:804::200e
2607:f8b0:4020:804::2013
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2002
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2004
051185dd7b0a21ce3f21c1ac3b6d26108e50b6a49b9f16e98b187ff04c098c72
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
26c87b57493b7753a9128d06c5c31528dea4dc614dd564dab00ec3bdc196cf88
27d87079939ae85dd20ef666ec2890ec3331fffeee0b7a7e47261236297b0bfa
2d5dc6dfee260558941971ecef3211d338a7d7fcb4cb482cef91e3e1430e1879
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
447fe6527e33c2d95fadac84cf70bed797654229f3b9519b67f68256cc19fbeb
4eeffa43f4b096d46ef883eb48487966ed2fa8d387443193ad9f8aa1dfb80b20
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56598808b9d48a356f7ecda45d518056f43df459af785182e177f61858266056
61916c032e3700cdf869e76f63bdb93a43724b05c2d12d56f0805ab863d8e27f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66ce9c5ea49cb726927bf8f8c2fa99e55d2769aacbe9018c80bcf55cf6b15714
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c
7da688a3f5542d80b4a1b22ef5c5cb442d4148b485bc5cc0bfc0a6c09e40b21e
811454f9a603076a2845c93a0fdcec2e155d2c59a5c5ef316e6ae3c188cb4d1f
8473635ec57390b76bed61134767726d1c8323e4c8c715fd8f837a9eedc6ed3b
861335c112099c43a1e4880898982eb526c2dee734b332d92c0b99dab53d8b06
8644a1dd874ad03cd561cd8da9f2d142197da295820b3b075b8217f625737bd4
88c5dd280660c0557fd399494802ff9b6583411fe067855fb42f31e8a0cc2b84
953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337
9912da9b209979933b7343d04c24d924d990a1671fa6538e41dc6f6bf64d7047
a89d01cf9ec5a816844a8d6869c19e9b2a6ba1718121b7c43204659b52fb42e6
abf39a326f522d330aa692fbac6584da86b824cda17ec257b9a417a23c0d5383
af49f9981a8773147f8ab91acd0621e37a724755a32f602a5ad8c4ba279c139e
b0762174aa7a48a4d076279ebfce171c32ce9b4b75a10e23dcc20d3d92675653
b26e27845fa4c8c826092845efcced49583fb594799745ad7f7e030c2e2c7780
beaf83e9193281821cb8867082139e2c9f6f91775d048b969f5cfafb158753c6
c3b91476fe57831e674488aff02b32e26be87d3e303fa8c2ab25cbb2e2ae2bf0
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
c6133ff3e64aa65bcb798d55e66515b15a0d703762af96d9c39dfb815bdea598
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ccf52cd91517cd064e683dcf5968612a62f07560dae5cdb5ee7a74c95140506f
db4974235882a9484cc062efacd886282ab0aefbc050cd2c1a27af5099b22829
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb11c123d0115925fe4cd93bf819399cc6f028961f56136591487f83f2238a12
eeb0aed683c714a9c6b3fa88d9f0b0ef004fc0a44655dedc56f13eb5d72fbaf8

ksa.okkora.com Open in urlscan Pro 2607:f8b0:4020:804::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

88 %IPv6

7 Domains

9 Subdomains

8 IPs

2 Countries

625 kBTransfer

1267 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ksa.okkora.com Open in urlscan Pro
2607:f8b0:4020:804::2013 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

625 kB
Transfer

1267 kB
Size

1
Cookies

47 HTTP transactions
8 data transactions