4k.dimakora4u.live Open in urlscan Pro
2606:4700:3030::6815:1880 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blog2.dimakora4u.live/
Effective URL:
https://4k.dimakora4u.live/
Submission: On March 10 via api (March 10th 2024, 3:45:38 pm UTC) from US — Scanned from US

Summary HTTP 93 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 12 domains to perform 93 HTTP transactions. The main IP is 2606:4700:3030::6815:1880, located in United States and belongs to CLOUDFLARENET, US. The main domain is 4k.dimakora4u.live.
TLS certificate: Issued by GTS CA 1P5 on January 14th 2024. Valid for: 3 months.

This is the only time 4k.dimakora4u.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:303... 2606:4700:3030::6815:1880	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
3	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
16	2606:4700:20:... 2606:4700:20::ac43:4ae0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.13.205 104.26.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.165.130 172.217.165.130	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
93	17

6 2606:4700:3030::6815:1880 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

blog2.dimakora4u.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dimakora4u.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4k.dimakora4u.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

cloud.sting-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:20::ac43:4ae0 (United States)

ASN13335 (CLOUDFLARENET, US)

media.gemini.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:822::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	659 KB
16	gemini.media media.gemini.media — Cisco Umbrella Rank: 284326	183 KB
15	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	74 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 Failed	105 KB
6	dimakora4u.live 1 redirects blog2.dimakora4u.live dimakora4u.live 4k.dimakora4u.live	117 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	65 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 368 fonts.googleapis.com — Cisco Umbrella Rank: 30	63 KB
3	sting-web.com cloud.sting-web.com	89 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 Failed	91 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	189 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2821	153 B
93	12

	Domain	Requested by
16	media.gemini.media	4k.dimakora4u.live
15	pagead2.googlesyndication.com	blog2.dimakora4u.live pagead2.googlesyndication.com 4k.dimakora4u.live googleads.g.doubleclick.net tpc.googlesyndication.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net blog2.dimakora4u.live pagead2.googlesyndication.com tpc.googlesyndication.com
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com blog2.dimakora4u.live googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net blog2.dimakora4u.live
3	4k.dimakora4u.live	blog2.dimakora4u.live 4k.dimakora4u.live
3	cloud.sting-web.com	blog2.dimakora4u.live 4k.dimakora4u.live
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googleadservices.com	4k.dimakora4u.live
2	fonts.googleapis.com	googleads.g.doubleclick.net blog2.dimakora4u.live
2	www.google-analytics.com	www.googletagmanager.com
2	ajax.googleapis.com	blog2.dimakora4u.live 4k.dimakora4u.live
2	www.googletagmanager.com	blog2.dimakora4u.live 4k.dimakora4u.live
2	blog2.dimakora4u.live	blog2.dimakora4u.live
1	fonts.gstatic.com	fonts.googleapis.com
1	api.ipify.org	ajax.googleapis.com
1	dimakora4u.live	1 redirects
93	18

This site contains links to these domains. Also see Links.

Domain
bit.ly
sting-web.blogspot.com

Subject Issuer	Validity	Valid
dimakora4u.live GTS CA 1P5	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
cloud.sting-web.com R3	`2024-03-09` - `2024-06-07`	3 months	crt.sh
gemini.media Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-04`	a year	crt.sh
ipify.org GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://4k.dimakora4u.live/
Frame ID: A1AF3F9A94D35A7B70BC5EB6B1A5F2CF
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 975AA83470C178C47409629BCA1C7D20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html
Frame ID: A5EE74D56AA62E823FE52D92B66B3FA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5461003252820909&output=html&adk=293675617&adf=814277786&lmt=1710084267&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2F4k.dimakora4u.live%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710085533066&bpp=3&bdt=206&idt=309&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6653902825553&frm=20&pv=2&ga_vid=1027669674.1710085533&ga_sid=1710085533&ga_hid=1370570944&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081082%2C31081586%2C44795922%2C31081674%2C95321957%2C95324160%2C95325785%2C95326935&oid=2&pvsid=388126316288640&tmod=2022047093&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fblog2.dimakora4u.live%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=347
Frame ID: 8B0BE5C839AFD1423C5A020455AD3271
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5461003252820909&output=html&h=280&slotname=7820584697&adk=3147063403&adf=509025599&pi=t.ma~as.7820584697&w=1000&fwrn=4&fwrnh=100&lmt=1710084267&rafmt=1&format=1000x280&url=https%3A%2F%2F4k.dimakora4u.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710085533069&bpp=3&bdt=210&idt=355&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6653902825553&frm=20&pv=1&ga_vid=1027669674.1710085533&ga_sid=1710085533&ga_hid=1370570944&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081082%2C31081586%2C44795922%2C31081674%2C95321957%2C95324160%2C95325785%2C95326935&oid=2&pvsid=388126316288640&tmod=2022047093&uas=0&nvt=1&ref=https%3A%2F%2Fblog2.dimakora4u.live%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=366
Frame ID: 0365EED5AE75F1B14BBB34AAEF584C7B
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js
Frame ID: B7AA9C956EB29FC069976CDCCDF5379C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Frame ID: B115D8738B79BC0A12A3D9E718383961
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AF4C881FADC3E095F680E4C0FA65E82C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 31D802B3F61EE3A542A2D23F2B19FE5D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js
Frame ID: 71AF42D09103E07E55C4B5FC335D5092
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 564B5C78A9F14392F3A2EC5DDA8840B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61A2F357E9823277A54A0FFD6890E1EB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ديما كورة - Dima kora - مباريات اليوم

Page URL History Show full URLs

https://blog2.dimakora4u.live/ Page URL
https://dimakora4u.live/ HTTP 301
https://4k.dimakora4u.live/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

93
Requests

95 %
HTTPS

88 %
IPv6

12
Domains

18
Subdomains

17
IPs

2
Countries

1544 kB
Transfer

3899 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://bit.ly/3TtqKuI
Title: أستون فيلا 03:00 AM4-0إنتهت المباراة توتنهام هوتسبربى ان سبورت 1HD --الأسبوع الثامن والعشرون

Search URL Search Domain Scan URL

URL: https://bit.ly/4c9w7q6
Title: وست هام يونايتد 04:00 AM0-0جارية الآن بيرنلي بى ان سبورت 2 HD --الأسبوع الثامن والعشرون

Search URL Search Domain Scan URL

URL: https://bit.ly/49ZIgfw
Title: برايتون 04:00 AM0-0جارية الآن نوتينجهام فورستبى ان سبورت اكسترا 1 --الأسبوع الثامن والعشرون

Search URL Search Domain Scan URL

URL: https://bit.ly/43rESZ3
Title: ميلان 04:00 AM0-0جارية الآن إمبوليStarz Play App --الأسبوع الثامن والعشرون

Search URL Search Domain Scan URL

URL: https://bit.ly/3TcVEGB
Title: الملعب التونسي 03:30 AM0-0إنتهت المباراة الصفاقســــي --الأسبوع الثاني

Search URL Search Domain Scan URL

URL: https://bit.ly/48RKpca
Title: النجم الساحلى 03:30 AM0-0إنتهت المباراة الترجى الرياضي --الأسبوع الثاني

Search URL Search Domain Scan URL

URL: https://sting-web.blogspot.com/
Title: تصميم وتطوير ستينج ويب

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://blog2.dimakora4u.live/ Page URL
https://dimakora4u.live/ HTTP 301
https://4k.dimakora4u.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct5qbndXtZfCJOqLC998PqK2FwAToldqmdujCtsDVEue8udGODhABII750ixgye6Oi8CkjBCgAf6E1ZApyAEJqQIX2amYD1qyPqgDAcgDywSqBIcCT9DXWOCO0CmFeTk5H83SWN4B-PqO8L9Y19l-5DsD4x7ruYXgo0AVUgAJ4fLnAySu6-Ye3qHeo-kEjGvxAjBM0dvpJW60Q4dl1QBqLMPOPU-qJKykD0C9aUPv6SjBR1K0p7mAzL4R8toql_DtcI-2BZCEOsYun0tOHGFnXMJh6gdOI7sswyYicmA_iwwWya5IYfQYJZiMZmw5R0q2JgBmd60kSDmWcj9jVTYLrq5DZA_mHdhSi9EOjjRmyE_TO5Td6zUchGDGzTF0Tl-_SLU69NLV7GWxR3QBm94vbjNs_1kYYLbHp2YbIsyG0AWIOCMYpGFBkO4060EF9n00_o2veymi-PeBnS_ABJXogOPLBIgF9vqkiU6SBQQIBBgBkgUECAUYBKAGLoAH_ryl8AOoB9m2sQKoB6--sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAtgHAPIHBBD3jgTSCCQIgGEQARgfMgKKAjoJgECAwICAgKAoSL39wTpYmdajhoXqhAOaCRtodHRwczovL3RlbXBvc2VhcmNoLmNvbS9kc3KACgHICwHaDBEKCxCgwL2Tvrefss0BEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi01NDYxMDAzMjUyODIwOTA5GACyGAUYLiIBAA&sigh=IYQwZokfezw&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqcJMBKXfWkuIIo1SaGrAgBKimMGKzjWQUlYfslwfS8E_lluEiPggHrZ5axfKU_N3GDLSda5l4fPiU_ruVjhJXJ8xzvKg2bweTnmsYAQ&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa3dbeb87285cee9f0000000000000000%22,%222%22:%220xbdffcd3cad42da850000000000000000%22,%223%22:%220x47ca3c4439030a610000000000000000%22,%224%22:%220x4b6dc263d3dfb1e10000000000000000%22,%225%22:%220x65b5f45d834d23b50000000000000000%22},%22debug_key%22:%2218194561488592304838%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040801406%22],%2222%22:[%22true%22],%224%22:[%2203-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221431848511518809681%22}&andc=true

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

93 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
blog2.dimakora4u.live/ 62 KB
20 KB 282ms
140ms Document
text/html 2606:4700:3030::6815:1880
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:1880 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a17e80aa74582d427be7cb16eee5c59457942a00e58471a9c86dae3249d41ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 86246ead0f714343-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 15:45:31 GMT
expires: Sun, 10 Mar 2024 15:45:31 GMT
last-modified: Sun, 10 Mar 2024 14:06:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZ0stu6lYL8RSoiNe6ZquOCU9vdE7UK1PJEkbz9Z0vvWBo6%2FoDbA9WtFjzP%2FPKm7RIviRedqxi3J8oSFrPimVOESjzu7b0HX8c4c8Bjlz072Ym5%2Btvb5xGfUNKGOUwTYzYXMsnTbUyMRXUpGXjnRWqBzV%2FM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 js
www.googletagmanager.com/gtag/ 280 KB
94 KB 414ms
96ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-09NY6B698L

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog2.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96284
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 15:45:32 GMT

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 380ms
66ms Script
text/javascript 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog2.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 22:25:19 GMT

GET
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 254ms
124ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5461003252820909

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blog2.dimakora4u.live/
Origin: https://blog2.dimakora4u.live
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51037
x-xss-protection: 0
server: cafe
etag: 16931504415732329001
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 10 Mar 2024 15:45:32 GMT

GET
H2 200 EN-Clubs.js
cloud.sting-web.com/Plugin/ 37 KB
12 KB 409ms
92ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.sting-web.com/Plugin/EN-Clubs.js

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog2.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fastly-request-id: 41c0780c70bdf90846f50a59e830e7062832f023
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Sun, 10 Mar 2024 15:45:32 GMT
age: 0
x-cache: HIT
x-cache-hits: 1
x-proxy-cache: MISS
content-length: 11767
x-served-by: cache-nyc-kteb1890058-NYC
last-modified: Wed, 06 Mar 2024 21:19:42 GMT
server: GitHub.com
x-github-request-id: 0F48:6975:1FAA133:264B1C3:65EDB3C9
x-timer: S1710085532.302019,VS0,VE10
etag: W/"65e8ddee-95de"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Sun, 10 Mar 2024 13:31:13 GMT

GET
H2 200 / Show response
blog2.dimakora4u.live/ 62 KB
20 KB 105ms
104ms Fetch
text/html 2606:4700:3030::6815:1880
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog2.dimakora4u.live/

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:1880 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a17e80aa74582d427be7cb16eee5c59457942a00e58471a9c86dae3249d41ec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://blog2.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 10 Mar 2024 14:06:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FV4q0nVNiGKtoBmFBPPg0r3UGbNAErhsIlRHpap9%2BNL8%2FT031x17K3SxKVbG5k2AkEfymW0rG3gOIvo0cV838MrxCtppzZvvAE0O2r5Da1KNDJ6jn0MD8VABbJ3kypIcJk%2FCIHeso0ApZ8O5i5EdiDE7RU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
cf-ray: 86246eaf09ff4343-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 10 Mar 2024 15:45:32 GMT

GET
H2

200

Primary Request / Show response
4k.dimakora4u.live/
Redirect Chain

https://dimakora4u.live/
https://4k.dimakora4u.live/

102 KB
26 KB

156ms
121ms

Document
text/html

2606:4700:3030::6815:1880
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://4k.dimakora4u.live/

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:1880 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34096104e9d2c85b443a052174268cc1c674bfcc15407dc6e3a454372143573b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog2.dimakora4u.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 86246eb33e764343-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 15:45:32 GMT
expires: Sun, 10 Mar 2024 15:45:32 GMT
last-modified: Sun, 10 Mar 2024 15:24:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKe9MYoel3DNZAmiRr%2BTHWhuUXXx%2B1VGYURaYXOt1hf3l00LsE56YxfMiV0MzvLiB9mUZSOjwCBKaTQBzKCn9ZPxRTD68iX%2BePEqVpBi1h0706EDwsh7iG%2BIZHcXBaJN%2FzyOZBRlvKJd%2F5avD6hGpHE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 86246eb29dc74343-EWR
date: Sun, 10 Mar 2024 15:45:32 GMT
expires: Sun, 10 Mar 2024 16:45:32 GMT
location: https://4k.dimakora4u.live
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Y0bLf5jX%2B791F%2Ff5Sv5C7Nbo9AkkLBa3MWW1r%2F3fbMrD6XcsT%2FQGXFx%2FP7xar9MTXi6MxjG2%2BqXaQ6yhLe%2BjPQ6kLPy7xLg037TA1Ogkwx9OUTnFHJLTe0nBmGc5UPng3ynNzJsHgHoI%2BxM0Kc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 NeoSansArabic.woff2
cloud.sting-web.com/font/ 38 KB
39 KB 214ms
101ms Font
font/woff2 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.sting-web.com/font/NeoSansArabic.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://blog2.dimakora4u.live/
Origin: https://blog2.dimakora4u.live
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fastly-request-id: ea1941ec2168f2cd0893b1f2732eb61ef3a14db6
strict-transport-security: max-age=31556952
date: Sun, 10 Mar 2024 15:45:32 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 39336
x-served-by: cache-nyc-kteb1890061-NYC
last-modified: Wed, 06 Mar 2024 21:19:42 GMT
server: GitHub.com
x-github-request-id: 6D2A:45B8:1D9F393:2435019:65EDAB34
x-timer: S1710085533.572336,VS0,VE39
etag: "65e8ddee-99a8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Sun, 10 Mar 2024 12:54:36 GMT

GET
DATA 200
OK truncated
/ 26 B
26 B Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

POST collect
www.google-analytics.com/g/ 0
0

GET show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403040101/ 0
0

GET zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame 975A 0
0

POST collect
www.google-analytics.com/g/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 130ms
127ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5461003252820909

Requested by

Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8da6d9f786fc66fef41ad2f3d132a99d994c94519fa47ea190d1723324060866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
Origin: https://4k.dimakora4u.live
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50835
x-xss-protection: 0
server: cafe
etag: 4284654450325987495
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 10 Mar 2024 15:45:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
94 KB 77ms
75ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-09NY6B698L

Requested by

Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7b797b3350ee7c2a178a1d6127707074661abbb593039b9192684d552534e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96282
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 10 Mar 2024 15:45:32 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 47ms
45ms Script
text/javascript 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 22:25:19 GMT

GET
H3 200 / Show response
4k.dimakora4u.live/ 102 KB
26 KB 949ms
949ms Fetch
text/html 2606:4700:3030::6815:1880
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://4k.dimakora4u.live/

Requested by

Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1880 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34096104e9d2c85b443a052174268cc1c674bfcc15407dc6e3a454372143573b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 10 Mar 2024 15:24:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsbTKm%2FXJ6GlcnYmq%2F6hpJPl79O%2FbYGTS%2FP1O945oybE7V23jani2Z6M1E0yZNzG543vlbziQKity2VtLskwmVv%2B6vQSFKnPfVZ3YUn5oYxrEAdrzJYkOUb9nE%2BIbUPrZ%2BMoQeZ0AsYQGWQZGPSAkP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
cf-ray: 86246eb4abf16a55-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 10 Mar 2024 15:45:33 GMT

GET
H3 200 / Show response
4k.dimakora4u.live/ 102 KB
26 KB 131ms
131ms Fetch
text/html 2606:4700:3030::6815:1880
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://4k.dimakora4u.live/

Requested by

Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:1880 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34096104e9d2c85b443a052174268cc1c674bfcc15407dc6e3a454372143573b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sun, 10 Mar 2024 15:24:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bW3BwITYZ%2FKqtKZqV9Yv3qyfIbkehPuj90CrvDW2UhpEIqJJefwlzSq4heizgp03MxsEpMvGpTuo1sIahv6KZJaOb5N2xyAzoeEoOC4SqHISam40QZjzHqsizO4mDrLAwN6L2v%2BqwulfrUfrPBI1VSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
cf-ray: 86246eb50cb36a55-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 10 Mar 2024 15:45:33 GMT

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 690dd607cbc8f953c6daeb0d59a0385c740b517257cf7d518076095d05e472ed

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b0892f2e1c509762ae43642e6e05a54e052151125e23729f3b0382fea603591

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 500 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 NeoSansArabic.woff2
cloud.sting-web.com/font/ 38 KB
39 KB 49ms
49ms Font
font/woff2 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.sting-web.com/font/NeoSansArabic.woff2

Requested by

Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

30f861fc5a3276106cc12f170c99ec38e816be301fbeb97cf9f500109bfb6726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://4k.dimakora4u.live/
Origin: https://4k.dimakora4u.live
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fastly-request-id: 0544665ccd139b51aa70551ab5579a078ac785ed
strict-transport-security: max-age=31556952
date: Sun, 10 Mar 2024 15:45:33 GMT
via: 1.1 varnish
x-cache-hits: 2
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 39336
x-served-by: cache-nyc-kteb1890061-NYC
last-modified: Wed, 06 Mar 2024 21:19:42 GMT
server: GitHub.com
x-github-request-id: 6D2A:45B8:1D9F393:2435019:65EDAB34
x-timer: S1710085533.000811,VS0,VE1
etag: "65e8ddee-99a8"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Sun, 10 Mar 2024 12:54:36 GMT

GET
DATA 200
OK truncated
/ 26 B
26 B Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 %5C2018%5C7%5C29%5CWestham2018_7_29_15_29.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 13 KB
14 KB 239ms
63ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CWestham2018_7_29_15_29.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a97b842557589889977538fc9d1f385ed523ece1a30b0561abf341f1c21dbf0f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 260184
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 13477
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:31:29 GMT
server: cloudflare
etag: "81b7c9744027d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQ7yxWMFSpCMsL5%2F6OEv07tLfmy5hRwmdD3y6UEfACCmGgi4pwFLpC8JG1b8s4hLE1HryaiMvf5R9c5%2BBgMekuZphheL0A37BCA3%2FSOhlYkec%2F0oTqQr4NQ0vJDHdKuWDAPcxfy22QRAzl1ylPwBzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6ac244380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2023%5C11%5C23%5Cburnley-fc2023_11_23_16_21.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 12 KB
12 KB 293ms
118ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2023%5C11%5C23%5Cburnley-fc2023_11_23_16_21.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b22f066e1dfc358508ed9fe0f666c1232f15ca946b7da93cfa9b28685783a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244663
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 11894
cf-bgj: h2pri
last-modified: Thu, 23 Nov 2023 14:21:30 GMT
server: cloudflare
etag: "51c815a181eda1:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FqKNSPVkEhiNinsihYV3FlVRiiaPdWZkgGO5lwzIzf9CMqggJLjD%2B%2B0%2BLpiRO355vF9p5T1p4m78vVWJSx9EtBWjcgKH9AeCyfbzUfvVxSf9wW5k6jNzUE79bwCL5i8AKuFvWuT%2F%2FeQGAVy6yz%2BCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6ac234380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C7%5C29%5CBrighton2018_7_29_15_31.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 12 KB
12 KB 291ms
116ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CBrighton2018_7_29_15_31.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 83386ef5bc7063e7bd11f0583588a132973920d742ee4db515dfcb8c4fe32881

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255979
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 12221
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:32:58 GMT
server: cloudflare
etag: "6136cca94027d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQRbNHMZH%2B%2BjiEvAu%2BRu%2Fl2gkg8fUt33biNw9Wgn0Yn4yyueqcPaScHCDxbVENYZA8XTtIjHA4EqGZ5CKWPGkJz35a%2BMozoscYI8fjUga7BPkrWR%2BbkOcTJgf%2Fpznp%2FlTvFxRWrp3gW1EV7W%2FYaQPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6ac214380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C9%5C24%5CNottinghamForest2018_9_24_13_1.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 9 KB
9 KB 236ms
61ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C9%5C24%5CNottinghamForest2018_9_24_13_1.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b9a3b68a0a52950c48f2b8d2ac0bd8982ae4fdf517fcf948f9ba9aefd9101feb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244663
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 9297
cf-bgj: h2pri
last-modified: Mon, 24 Sep 2018 11:01:05 GMT
server: cloudflare
etag: "f7bce0e3f553d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgeBn5wHxDoRSdFKNC3WOH2dstuFgnzwQVHikFByvWgbov2P1%2BK4OuM9%2Bstd7j%2F8QZ7QVBx8uYwEXrE36VNk1MY7pzVESkugXJrJhAcyxGMn0HjZZYKKi1%2Biecwj%2BSuKDwyz5SdWH5BG%2B3F%2B22E3YA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6ac1e4380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C7%5C29%5CLiverpool2018_7_29_15_27.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 19 KB
20 KB 232ms
58ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CLiverpool2018_7_29_15_27.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8466d6b2acbd5d6242b34db72f789896879d3f016906c706b307d7efa7ea1b28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 265123
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 19669
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:29:52 GMT
server: cloudflare
etag: "8149ea3a4027d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1jfB05V1j%2FsO3vJgFP5VfZFyA6MyrYjGV9oCxYS0rl35DbBuU9zWPUuybAYQsMbEqWNdmW629b8QPYuQGLtd9uQ7ADa31MuMPOZLhHnKUv6Vhw890Z5Y851BbBlp7NYjs5KNC%2FL%2BiUIQLVo0E0EsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6ac1f4380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C7%5C29%5CManchesterCity2018_7_29_15_27.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 22 KB
22 KB 235ms
62ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CManchesterCity2018_7_29_15_27.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a7ca742ab6a48a404380801720c8b179ed8e37ddbb1afd0d9f7c0295c48ca0b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244663
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 22507
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:29:32 GMT
server: cloudflare
etag: "e1eb3e2f4027d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1qxh5oO%2BWhHZkygY1MP5mlklyqeMWzb0DuYuTdQZeBlTWR1oZOnGNHzrcGLrh3BWNHJp8O2iEd4dvjg2bnKWuxcUMrY6XXoSPYtHnvRy67TAy7xIg9R%2BWsyywTPGdcpLaHGHZ4Tb7ip4avMKCHEag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6ac224380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C7%5C29%5CRealMadrid2018_7_29_14_47.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 16 KB
16 KB 72ms
71ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CRealMadrid2018_7_29_14_47.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 19b7681ad6b2f23f511744340fd8815409918f0a67ccf15edcae821c38bc3cab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244651
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 16404
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 12:49:21 GMT
server: cloudflare
etag: "e1e451923a27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGJYt0zz85fxSRYm7L9xic%2Bk09DogttkUFHEnbBceZPA0udB6h7DB9pVnHvBp59Q%2BSIoESKEvpOUg52vfe4PJsXwHA6p9tE8Y%2FKk1mbG%2BZdAbbV9nMKEQNF3WgfwVBozQ8ufdwIpPdVl3J5MwK47Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6fc754380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2021%5C7%5C8%5CCeltaVigo2021_7_8_18_14.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 6 KB
7 KB 69ms
67ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2021%5C7%5C8%5CCeltaVigo2021_7_8_18_14.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d8741cd8cd7395684b2b82975889a2bdad220344bc1eb6185a4f76989b721ef4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244652
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 6155
cf-bgj: h2pri
last-modified: Thu, 08 Jul 2021 16:14:24 GMT
server: cloudflare
etag: "9c6fa8511474d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xd9tOcil8pRqBp4fP1GCjlAvxyczssUZ6TJxDqy1BFVD3PE4pJjd248FAFt%2BA%2BFKvUHVZvUp7e0%2FuZjfedL5jkpiHpZQJ0m6UCnh2gJ96yZSEzwGN4%2Bj%2FgIB7aiQJ%2FuHcNf7vOLdKC3K%2F68QT7qrsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6fc774380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C7%5C29%5CACMilan2018_7_29_15_9.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 8 KB
8 KB 121ms
120ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CACMilan2018_7_29_15_9.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 288b0c2671ad8af06d66949597d4f73f629baf8c5587f7d7326759e22572fb01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 313103
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8103
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:11:32 GMT
server: cloudflare
etag: "c119c6ab3d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfSIBwEx%2Bh2Ebke8MMOwYrhdzlPSN%2Bo08PnitozbM9bTCfmcsaoEM7j2wRGuZvSpTD33aJH2jra0yYqv6LnTnh7VZi9JKbj8zGq%2BhzeefZxNTCmsow6jXGvlgAp3QA5D1xmRJrQy%2BYm%2BckaFlM4VbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6fc794380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C7%5C29%5CEmpoli2018_7_29_15_24.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 10 KB
10 KB 71ms
69ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CEmpoli2018_7_29_15_24.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fbefd0f89d8680dae4835d314338021a7e3413ef4245c37ddae5fcc015a2c2df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 328773
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 10190
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:26:39 GMT
server: cloudflare
etag: "61c2f5c73f27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FHRGQkkKMMkpbkQiXMUMcdMOwjaWqAoX%2Fl6mhCneG8HyPtfQnu2oSxJAkejqBwg8oK%2BiRAX%2FKsLvuvSHObAzzcp88F7wzu%2FWq7e6GAibqR0XEC91CAqRaH6mRc6cgJs7TpINwcCfybe1HaMyUgxTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6fc7a4380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2021%5C7%5C14%5CJuventus12021_7_14_17_22.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 4 KB
5 KB 121ms
120ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2021%5C7%5C14%5CJuventus12021_7_14_17_22.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75e5f23880072b2c56d1be5b965ab83359211dc1f2a26361fe9a32a586085089

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 231758
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 4355
cf-bgj: h2pri
last-modified: Wed, 14 Jul 2021 15:22:54 GMT
server: cloudflare
etag: "9567561ec478d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0tvbhT2%2FsEmkkenKhBZ7YjMIgFnt0IwQtQ9g0O803Q1bSCOWtrD%2F%2BTSWuXU6Sx9H8yJax6ejFNnxlywAGx%2BEzQRDjYH8xk74zaog9CwVPebKw547XwgIK8I941ZfJPaK2W4JALtOvYpXu8W9EKzGw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6fc7c4380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C7%5C29%5CAtalanta2018_7_29_15_5.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 9 KB
10 KB 117ms
116ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CAtalanta2018_7_29_15_5.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9f949f724e264e1571045f61be31a2a0f24b80b265a080b62f636f14e9ee0d20

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 231758
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 9490
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:07:43 GMT
server: cloudflare
etag: "81f837233d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maZE2RCOI%2F%2BiRDbRzekIYcbj66PubrfBy6r2KUx5zxlCFXN0SuYfVeUr8BoaVlIlQi5Y49y2uxZDFNB%2BbZOhUPivj%2B4daxK4cGpCXNY7NDgymoElaY6BPkvH1xBjYAlRrf89NQszyHTlrLgS6263aA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6fc7d4380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C7%5C29%5CFiorentina2018_7_29_15_7.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 9 KB
9 KB 120ms
119ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CFiorentina2018_7_29_15_7.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8a79f50b45187c7ee60c966edcc5f286ef44d1f6324a0b69131b0af822a78299

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 324067
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 9021
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:09:49 GMT
server: cloudflare
etag: "1d94f6e3d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSxqKbS9aardXxRWdCqaukxKIWZCOB46uhVNrgxGouPkTYZDwaOpT6SafTHBA8jB%2FBhgpVHn0eUCxAya1O0bA2tL9yfZN1jsLI619D1fYlIWl044Bh3TeGts3R%2BWROYKUatckn4V8uFkXE01N79Qbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6fc7e4380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C7%5C29%5CASRoma2018_7_29_15_7.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 13 KB
13 KB 120ms
119ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CASRoma2018_7_29_15_7.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 50ae85df1a485aafa0b3cbca31ff4290eaf046d5d1fb853bc5646fe9119c26cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 250470
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 13103
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 13:09:10 GMT
server: cloudflare
etag: "81a99e563d27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuGNszuFOeDn8aJ%2BKtWYZF%2BIDrnZ0IyisM3aMzjwWyU92zFOlc4yRYRXGEUYd92ay8pylHYlhnGSVWxVrN3OSlMTRQSbg49JVcbn5plnoosw8dn24pynodIaXcrmgFBzF%2B%2FyZ16ERe4fG5qxemH6VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6fc804380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2018%5C7%5C29%5CMarseille2018_7_29_17_12.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 8 KB
8 KB 118ms
117ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2018%5C7%5C29%5CMarseille2018_7_29_17_12.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 010022e9c25331a8974d06c42986db43a308487da284a31d662fb09c6fbbe3c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 422215
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 8321
cf-bgj: h2pri
last-modified: Sun, 29 Jul 2018 15:14:51 GMT
server: cloudflare
etag: "a13b88e54e27d41:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9%2BRF7%2BUrA49KR2948qSdtIJ7v%2BsHxFBKRGhTj7zpnsbVcTGdCAA6%2BBRkkIHXxIYw9xcRTGQk%2F3IJ3N9%2Fw2RAjbe1ZVy9Q4pR5I%2BPcfEZpmTe3VDRa60bxB36ZQYUnOI0E%2BuUaFFwishzWSHwv8tPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6fc814380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 %5C2021%5C9%5C5%5CNantes2021_9_5_14_49.jpg
media.gemini.media/img/yallakora/IOSTeams//120/ 7 KB
7 KB 119ms
118ms Image
image/jpeg 2606:4700:20::ac43:4ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.gemini.media/img/yallakora/IOSTeams//120/%5C2021%5C9%5C5%5CNantes2021_9_5_14_49.jpg
Requested by: Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1c71bad6dd528a9656e581158036670805a0fea9fe66e28335066d4b73da74cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244652
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 6938
cf-bgj: h2pri
last-modified: Sun, 05 Sep 2021 12:49:07 GMT
server: cloudflare
etag: "7976966a54a2d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: image/jpeg
access-control-allow-origin: https://www.yallakora.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gY9EdvuN3GO0SfCIH4aNT3CgZ%2BkUbMlKfqtyOLdvrIg0zKmGja18S66a06ULROFndYvHcwBz5pCakSBamiohPNNye4%2FxWeGcTqMtlJzrvDS%2B5U%2Bzr42Mm3H0nEyPvdER%2FjC2aQimACh0%2BdOMnAqISA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 86246eb6fc824380-EWR
access-control-allow-headers: Content-Type, Cache-Control , x-requested-with

GET
H2 200 / Show response
api.ipify.org/ 20 B
153 B 217ms
64ms XHR
application/json 104.26.13.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd44f071142743d8a7cfbc4a4de98c4fe68ae9c5e62e890e145a7d89e7b1678

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://4k.dimakora4u.live/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 86246eb68c9b39c6-YYZ
content-length: 20

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/ 405 KB
137 KB 140ms
140ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5461003252820909

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a47d74874166bc61cbaeca87c289d9c0a95a8c2a135cbb335365ab4b974fdfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140512
x-xss-protection: 0
server: cafe
etag: 6863353166688483840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 15:45:33 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame A5EE 9 KB
4 KB 46ms
45ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5461003252820909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 07:16:42 GMT
etag: 5035419970550746386
expires: Sun, 24 Mar 2024 07:16:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B0B 198 KB
54 KB 940ms
938ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5461003252820909&output=html&adk=293675617&adf=814277786&lmt=1710084267&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2F4k.dimakora4u.live%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710085533066&bpp=3&bdt=206&idt=309&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6653902825553&frm=20&pv=2&ga_vid=1027669674.1710085533&ga_sid=1710085533&ga_hid=1370570944&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081082%2C31081586%2C44795922%2C31081674%2C95321957%2C95324160%2C95325785%2C95326935&oid=2&pvsid=388126316288640&tmod=2022047093&uas=0&nvt=1&fsapi=1&ref=https%3A%2F%2Fblog2.dimakora4u.live%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=347

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3df6cf391f919af090d0689494c52360ad93e8cd65160864376f6ab75abff19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55068
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 15:45:34 GMT
expires: Sun, 10 Mar 2024 15:45:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0365 129 KB
42 KB 579ms
578ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5461003252820909&output=html&h=280&slotname=7820584697&adk=3147063403&adf=509025599&pi=t.ma~as.7820584697&w=1000&fwrn=4&fwrnh=100&lmt=1710084267&rafmt=1&format=1000x280&url=https%3A%2F%2F4k.dimakora4u.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710085533069&bpp=3&bdt=210&idt=355&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6653902825553&frm=20&pv=1&ga_vid=1027669674.1710085533&ga_sid=1710085533&ga_hid=1370570944&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081082%2C31081586%2C44795922%2C31081674%2C95321957%2C95324160%2C95325785%2C95326935&oid=2&pvsid=388126316288640&tmod=2022047093&uas=0&nvt=1&ref=https%3A%2F%2Fblog2.dimakora4u.live%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=366

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ed53f4d67b6ea642ce41a8631e6477958a97da01391e61754fefb75f0253461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42693
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 15:45:34 GMT
expires: Sun, 10 Mar 2024 15:45:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 0365 14 KB
2 KB 139ms
53ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5461003252820909&output=html&h=280&slotname=7820584697&adk=3147063403&adf=509025599&pi=t.ma~as.7820584697&w=1000&fwrn=4&fwrnh=100&lmt=1710084267&rafmt=1&format=1000x280&url=https%3A%2F%2F4k.dimakora4u.live%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710085533069&bpp=3&bdt=210&idt=355&shv=r20240306&mjsv=m202403060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6653902825553&frm=20&pv=1&ga_vid=1027669674.1710085533&ga_sid=1710085533&ga_hid=1370570944&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081082%2C31081586%2C44795922%2C31081674%2C95321957%2C95324160%2C95325785%2C95326935&oid=2&pvsid=388126316288640&tmod=2022047093&uas=0&nvt=1&ref=https%3A%2F%2Fblog2.dimakora4u.live%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Mar 2024 15:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 15:09:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Mar 2024 15:45:34 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 0365 2 KB
903 B 129ms
43ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 05:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Mar 2024 05:13:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/ Frame 0365 23 KB
9 KB 111ms
46ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 22:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 22:13:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 0365 3 KB
1 KB 109ms
44ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 22:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 22:10:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 0365 20 KB
8 KB 121ms
36ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 22:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 22:18:30 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0365 207 KB
63 KB 38ms
38ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64070
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 15:57:12 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 0365 36 KB
15 KB 141ms
47ms Script
text/javascript 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 22:31:05 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9416810853295852980/ Frame 0365 77 KB
78 KB 129ms
77ms Image
image/jpeg 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9416810853295852980/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd17b0acf76acf7a488bac6b8893675476cec50a7f79fe891f7c4410ec00570d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sat, 08 Mar 2025 22:27:26 GMT
date: Fri, 08 Mar 2024 22:27:26 GMT
x-content-type-options: nosniff
age: 148688
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79344
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 04:24:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 0365 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfe4d3189c24a864812c91d7bc293710f2256491fbecad9878f58a7f940925bd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
www.google-analytics.com/g/ 0
74 B 50ms
48ms Ping
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-09NY6B698L&gtm=45je4360v874070184za200&_p=1710085532889&gcd=13l3l3l3l1&npa=0&dma=0&cid=1027669674.1710085533&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1710085532&sct=1&seg=1&dl=https%3A%2F%2F4k.dimakora4u.live%2F&dr=https%3A%2F%2Fblog2.dimakora4u.live%2F&dt=%D8%AF%D9%8A%D9%85%D8%A7%20%D9%83%D9%88%D8%B1%D8%A9%20-%20Dima%20kora%20-%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85&en=page_view&_ee=1&tfd=2437
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-09NY6B698L
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 15:45:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://4k.dimakora4u.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0365 33 KB
34 KB 149ms
57ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 18:24:54 GMT
x-content-type-options: nosniff
age: 249641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Mar 2025 18:24:54 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/ 166 KB
56 KB 138ms
137ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/reactive_library_fy2021.js?bust=31081674

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f67c9758ad57e66a52ad417e27e51d8dd4a5b1e29712b5c93a264242bff0c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57242
x-xss-protection: 0
server: cafe
etag: 8011268991995098055
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 15:45:35 GMT

GET
H2 200 ca-pub-5461003252820909 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 391ms
71ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-5461003252820909?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e94c25b430be6602221a71faf578547cb63de168bd71e4d792fed6cf2e30df4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-t6wWngqtjV7PBtjDd-9IDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-t6wWngqtjV7PBtjDd-9IDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitHikmJw1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgCxEA_H_NXb17MJHJj_fRcjAHifKaA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 110ms
108ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759842%2C31081082%2C31081586%2C44795922%2C31081674%2C95321957%2C95324160%2C95325785%2C95326935&hl=ar&pvc=388126316288640

Requested by

Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 15:45:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0365
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ct5qbndXtZfCJOqLC998PqK2FwAToldqmdujCtsDVEue8udGODhABII750ixgye6Oi8CkjBCgAf6E1ZApyAEJqQIX2amYD1qyPqgDAcgDywSqBIcCT9DXWOCO0CmFeTk5H83SWN4B-PqO8L9...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa3dbeb87285cee9f0000000000000000%22,%222%22:%220xbdffcd3cad42da850000000000000000%22,%223%22:%220x47ca3c...

0
0

532ms
115ms

Fetch
text/css

172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa3dbeb87285cee9f0000000000000000%22,%222%22:%220xbdffcd3cad42da850000000000000000%22,%223%22:%220x47ca3c4439030a610000000000000000%22,%224%22:%220x4b6dc263d3dfb1e10000000000000000%22,%225%22:%220x65b5f45d834d23b50000000000000000%22},%22debug_key%22:%2218194561488592304838%22,%22debug_reporting%22:true,%22destination%22:%22https://temposearch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040801406%22],%2222%22:[%22true%22],%224%22:[%2203-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221431848511518809681%22}&andc=true

Requested by

Host: 4k.dimakora4u.live
URL: https://4k.dimakora4u.live/

Protocol

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa3dbeb87285cee9f0000000000000000","2":"0xbdffcd3cad42da850000000000000000","3":"0x47ca3c4439030a610000000000000000","4":"0x4b6dc263d3dfb1e10000000000000000","5":"0x65b5f45d834d23b50000000000000000"},"debug_key":"18194561488592304838","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040801406"],"22":["true"],"4":["03-10"],"6":["true"]},"priority":"500","source_event_id":"1431848511518809681"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 10 Mar 2024 15:45:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 10 Mar 2024 15:45:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa3dbeb87285cee9f0000000000000000","2":"0xbdffcd3cad42da850000000000000000","3":"0x47ca3c4439030a610000000000000000","4":"0x4b6dc263d3dfb1e10000000000000000","5":"0x65b5f45d834d23b50000000000000000"},"debug_key":"18194561488592304838","debug_reporting":true,"destination":"https://temposearch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040801406"],"22":["true"],"4":["03-10"],"6":["true"]},"priority":"500","source_event_id":"1431848511518809681"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js Show response
pagead2.googlesyndication.com/bg/ Frame B7AA 51 KB
20 KB 44ms
44ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7380722fecf4601be898b31e0ca788104b2b737e023671dd2187c5b1757d9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20147
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 22:09:37 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 246ms
117ms Preflight
text/html 172.217.165.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.165.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 10 Mar 2024 15:45:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/ Frame B115 9 KB
4 KB 411ms
48ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 66122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Mar 2024 21:23:33 GMT
etag: 5035419970550746386
expires: Sat, 23 Mar 2024 21:23:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxU8AB-yztgxawdlv12MgmDK5qivSnsuV0XnAfxjKTbQ1g1klpxaDN1Am4gSVlJYhMjEi0FOunUOkAAMohm4OYrDI57xyGNCXmFvE331RrFY3FTt89yuN7MZIYj5pxJlkznRTRTcxw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 67ms
67ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU8AB-yztgxawdlv12MgmDK5qivSnsuV0XnAfxjKTbQ1g1klpxaDN1Am4gSVlJYhMjEi0FOunUOkAAMohm4OYrDI57xyGNCXmFvE331RrFY3FTt89yuN7MZIYj5pxJlkznRTRTcxw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMDg1NTM1LDYyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly80ay5kaW1ha29yYTR1LmxpdmUvIixudWxsLFtbOCwiYndyTWNzNlpjWWciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bwrMcs6ZcYg.es5.O/am=wA/d=1/rs=AJlcJMzkjt-1iIsG81Xe67gadpAQdcYYpg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae2415981333d53e0b0f0f2c01b7c70fa62deca9f26517bc001db33d3ff9943

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rTile1rYC6Jf-gL4oHDI9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rTile1rYC6Jf-gL4oHDI9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitHikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgCxEA_H_NXb17MJvNhweTcTAH88KcY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AF4C 14 KB
1 KB 68ms
67ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Mar 2024 15:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 14:41:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Mar 2024 15:45:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame AF4C 2 KB
861 B 48ms
47ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 05:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Mar 2024 05:13:20 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/ Frame AF4C 23 KB
9 KB 49ms
48ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/abg_lite_fy2021.js

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 22:13:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 22:13:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31D8 143 B
166 B 61ms
58ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 15:26:59 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame AF4C 3 KB
1 KB 56ms
53ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 22:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 22:10:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame AF4C 20 KB
8 KB 51ms
48ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 22:18:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 22:18:30 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AF4C 207 KB
63 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 14:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2904
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64070
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 15:57:12 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame AF4C 36 KB
15 KB 49ms
47ms Script
text/javascript 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 03:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 22:31:05 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/ Frame B115 15 KB
6 KB 50ms
50ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a1433553dad10b1617e945447ce8d2a7a4ce6542ad50fdb8b563f85560cbc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 05:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6454
x-xss-protection: 0
server: cafe
etag: 9518204868993021864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Mar 2024 05:28:51 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B115 205 B
520 B 54ms
53ms Image
image/png 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:20:09 GMT
x-content-type-options: nosniff
age: 149127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Mar 2025 22:20:09 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B115 604 B
696 B 55ms
54ms Image
image/png 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:20:20 GMT
x-content-type-options: nosniff
age: 149116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Mar 2025 22:20:20 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/ Frame B115 22 KB
9 KB 48ms
48ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 19:23:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9093
x-xss-protection: 0
server: cafe
etag: 981128176822753981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Mar 2024 19:23:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0365 42 B
64 B 107ms
107ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFVLYjL73HazFdpcZilE5mG86e6OTzXewl25CNsnLOrwwXCwFa_2sJ9nhZ2dhC6rKI2LE5b3P8qfew9BqcSCnjCqDxY8IfCGNXhTOq3oXENZwupar9bBLlvJxVWjDUELUZL9Zjjec8F6KJZfVhuK3xAaJQyfHZGV0&sai=AMfl-YRwsJei67mERxjR2Q3UtgJ_csPeiO-nqXlxu8EXrqwzrvoaVp3FBccOpATayRHx2mSCG9KsVB4e8cp4B_yB1TNDwyZn5M4DByKOlKZNYXWpFbF7SGor0Ghfc1cULZArMkYbtNguxJuXMglP1KCkOQ&sig=Cg0ArKJSzOCJQUrjB7nMEAE&cid=CAQSTwB7FLtqcJMBKXfWkuIIo1SaGrAgBKimMGKzjWQUlYfslwfS8E_lluEiPggHrZ5axfKU_N3GDLSda5l4fPiU_ruVjhJXJ8xzvKg2bweTnmsYAQ&id=lidar2&mcvt=1011&p=0,0,280,1000&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20240306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3147063403&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=601833400&rst=1710085533437&rpt=1676&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 15:45:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 59ms
58ms Ping
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-09NY6B698L&gtm=45je4360v874070184za200&_p=1710085532889&gcd=13l3l3l3l1&npa=0&dma=0&cid=1027669674.1710085533&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EEI&_s=2&sid=1710085532&sct=1&seg=1&dl=https%3A%2F%2F4k.dimakora4u.live%2F&dr=https%3A%2F%2Fblog2.dimakora4u.live%2F&dt=%D8%AF%D9%8A%D9%85%D8%A7%20%D9%83%D9%88%D8%B1%D8%A9%20-%20Dima%20kora%20-%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85&en=ad_impression&ep.query_id=CLDMpYaF6oQDFSLh_QUdqFYBSA&_et=1717&tfd=3743
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-09NY6B698L
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Mar 2024 15:45:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://4k.dimakora4u.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 151ms
150ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ae3212b7993599dbc8bf64ccc3003abff2425161af7bba3f3fa59434ec7f7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12342
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31D8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

87ms
86ms

Document
text/html

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 15:45:36 GMT
expires: Sun, 10 Mar 2024 15:45:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 15:45:36 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js Show response
pagead2.googlesyndication.com/bg/ Frame 71AF 51 KB
20 KB 50ms
49ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js

Requested by

Host: blog2.dimakora4u.live
URL: https://blog2.dimakora4u.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7380722fecf4601be898b31e0ca788104b2b737e023671dd2187c5b1757d9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20147
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 22:09:37 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
59ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403060101/show_ads_impl_fy2021.js?bust=31081674

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 15:45:36 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 564B 13 KB
5 KB 49ms
48ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 149469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 22:14:27 GMT
expires: Sat, 08 Mar 2025 22:14:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 61A2 829 B
994 B 70ms
68ms Document
text/html 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05558c267f2a236caa9db848e3ee820c9e79238864f79ec268b7cd6f3601ce97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cLF3ipRntl-EwsLO50A3_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://4k.dimakora4u.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cLF3ipRntl-EwsLO50A3_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 10 Mar 2024 15:45:36 GMT
expires: Sun, 10 Mar 2024 15:45:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 iframe_ad_ Show response
fundingchoicesmessages.google.com/f/AGSKWxU99Uo5z93IxeNM5xO2Y3qJp8oZF3lQJ-l2tKfN0QV9gKSzBAQNlbj58xWQr9Iv0Fuox9zFJ7pWuB2pBZpQMxa2M2_TwKsKG0KPJh9jnH5l3-B4MZxPB8CDGQIXavX5Y_wtxJaQQKCqcUPNB5CYFQhMKjb67... 54 B
110 B 78ms
77ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU99Uo5z93IxeNM5xO2Y3qJp8oZF3lQJ-l2tKfN0QV9gKSzBAQNlbj58xWQr9Iv0Fuox9zFJ7pWuB2pBZpQMxa2M2_TwKsKG0KPJh9jnH5l3-B4MZxPB8CDGQIXavX5Y_wtxJaQQKCqcUPNB5CYFQhMKjb67qpYt4kvh5vAPnENgm8T47yyNgimSZvo/_;iframeid=ad_/ad-server./top_ads.-template-ads//iframe_ad_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.bwrMcs6ZcYg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwQWmLjf8sNQMgrE_af2VgB3CsMpQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

346b239f1579fcbfc0e4722456ab0bee0c4bfdfadd00fc90969d8eba74bec117

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ng-lKnzDFBVyae11qcC-Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ng-lKnzDFBVyae11qcC-Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitHikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgCxEA_HgtXb17MJ3Fjff50JAHjLKYA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 52ms
50ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ea3ef282e9a348492567a26cc40dd95b6bf81c2c3df2e2a0e5c74d6c0bfe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:30:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31005
x-xss-protection: 0
server: cafe
etag: 1046709972079848081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Mar 2024 16:30:07 GMT

POST
H3 204 AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 181ms
75ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hae5YPr11CUuwSWffbhafQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-hae5YPr11CUuwSWffbhafQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII0JBiqGV4xtQKxDt8PFic0mewBgGxEA_HgtXb17MJrNjzt40ZAPczDZw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://4k.dimakora4u.live
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 61A2 0
0 112ms
111ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=388126316288640&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 564B 39 KB
15 KB 49ms
48ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 149393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 22:15:43 GMT

POST
H3 204 AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 107ms
77ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FCLJW9uQSbkALbFYkY-lsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FCLJW9uQSbkALbFYkY-lsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII1JBiqGV4xtQKxDt8PFic0mewBgGxEA_HgtXb17MJ3HgysYMZAPepDYs"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://4k.dimakora4u.live
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 96ms
71ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8nRBAo3KZ4RIVTNmN0YIbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-8nRBAo3KZ4RIVTNmN0YIbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII1pBiqGV4xtQKxDt8PFic0mewBgGxEA_HgtXb17MJ_Hj8tY0ZAPm5Dg4"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://4k.dimakora4u.live
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 102ms
78ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6Z_r4b3X2jTtaRoH_ESDpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6Z_r4b3X2jTtaRoH_ESDpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmLw1pBiqGV4xtQKxDt8PFic0mewBgGxEA_HgtXb17MJNBzu6mAGAPR0DQU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://4k.dimakora4u.live
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW4ECaAA4E9Ogc_h-Rn4_1kOsCNsdh1-5yUH89w1bi-lIndUBHrYf5PKCPj_Uu0cB8cE2iyAwNmZdULH_Q6Svn5Fcf7e2810aXK2KNZXD5BfBZJkbBH5O3N0GsIvBswZi9PJfQNEQ== Show response
fundingchoicesmessages.google.com/f/ 8 KB
3 KB 86ms
85ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW4ECaAA4E9Ogc_h-Rn4_1kOsCNsdh1-5yUH89w1bi-lIndUBHrYf5PKCPj_Uu0cB8cE2iyAwNmZdULH_Q6Svn5Fcf7e2810aXK2KNZXD5BfBZJkbBH5O3N0GsIvBswZi9PJfQNEQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMDg1NTM2LDc3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vNGsuZGltYWtvcmE0dS5saXZlLyIsbnVsbCxbWzgsImJ3ck1jczZaY1lnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98c04116b1ebd7ae4b92927d57bb20820c72ac0e7bc460392db1dd1bebab0927

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Lwxv1JxxJDLDl5aq1COSEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-Lwxv1JxxJDLDl5aq1COSEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitHikmLw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgCxEA_HgtXb17MJbJj8pYUZAHuzKVg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 73ms
73ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UD5c6zr5HusnWr8Doz6fug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UD5c6zr5HusnWr8Doz6fug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmLw1JBiqGV4xtQKxDt8PFic0mewBgGxEA_HgtXb17MJ7PiyfDMzAPaxDbQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://4k.dimakora4u.live
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXt2IYkdb4jgZfoKe6-5TZE1BUIeaMCkvSGobZ0DLT541AiOlsikBSVAAlGV2Og8UG-zG6Dn_437a5EoB_FeuxUHFVsrGcqnvhTwUk_uCEr6hdVceB_mzhvDyLpf9UKT3tjGjyaEA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 84ms
84ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXt2IYkdb4jgZfoKe6-5TZE1BUIeaMCkvSGobZ0DLT541AiOlsikBSVAAlGV2Og8UG-zG6Dn_437a5EoB_FeuxUHFVsrGcqnvhTwUk_uCEr6hdVceB_mzhvDyLpf9UKT3tjGjyaEA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMDg1NTM2LDg4NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vNGsuZGltYWtvcmE0dS5saXZlLyIsbnVsbCxbWzgsImJ3ck1jczZaY1lnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

071c151f8391729d6164572dbda930f1b9c680f43cd2b420cb6844081b5ef6e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gLqZsY3h_ltDGnywYvLfUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-gLqZsY3h_ltDGnywYvLfUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitHikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgCxEA_HgtXb17MJzNg1exczAH5oKUw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 564B 0
10 B 48ms
48ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IXqRNA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 AGSKWxXEqzeF1l8npxbfx6XhfhwqWj0PVZ_ugOu0vdAufbd8x5AAKiMXPg9FVswqxc9rnxWcyj6OqgtHTJ2TBqeLankKAIuxmVHhDg1fVQ0KiexSIlQDwqa0NCTTQM7fKJf1IIN6HntRHw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 85ms
84ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXEqzeF1l8npxbfx6XhfhwqWj0PVZ_ugOu0vdAufbd8x5AAKiMXPg9FVswqxc9rnxWcyj6OqgtHTJ2TBqeLankKAIuxmVHhDg1fVQ0KiexSIlQDwqa0NCTTQM7fKJf1IIN6HntRHw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEwMDg1NTM2LDk4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly80ay5kaW1ha29yYTR1LmxpdmUvIixudWxsLFtbOCwiYndyTWNzNlpjWWciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b56646f9fb523d0e6e6874630d55d71d53f6168d3ae7218df91b3fbc114ea60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lEFutda7ldsqYDhPqx91jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 15:45:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-lEFutda7ldsqYDhPqx91jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitHikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiHf4eLDwrZvOqgLEuuuns4YCcczz6awpQOyUPoM1CIh96mewxgCxEDfHwtXb17MJXLj_jgsAT6opOA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWFZoIg8q7uBiI8Jsiz6HdApOnM3w3WqvBkpUYhmWDhrGgFglUUNqBaZBorOS3JGScwC6AfxKXm9vnaCK2ygIDBCWRuSvS94JBzD2A7-XZEkqqd7IBYi30euE6Mu01vlOGDNAo3Cg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 71ms
69ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWFZoIg8q7uBiI8Jsiz6HdApOnM3w3WqvBkpUYhmWDhrGgFglUUNqBaZBorOS3JGScwC6AfxKXm9vnaCK2ygIDBCWRuSvS94JBzD2A7-XZEkqqd7IBYi30euE6Mu01vlOGDNAo3Cg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-erVWJcj515qrtFpO8iFWbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Mar 2024 15:45:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-erVWJcj515qrtFpO8iFWbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII0JBiqGV4xtQKxDt8PFic0mewBgGxEDfHwtXb17MJ7Pg3zwAA6YcNNg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://4k.dimakora4u.live
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 71ms
69ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGVJGJyjC-1BhL4vmfHc-x6m5PJ-R12py_SEGSFYJcnwr_y-INy06-kIaeUiwnm8Hl7LKNUTUHHqJoAzi_ZdVwSDbpLLMbIO1qHgYyTelzP8-EBsCS3BOPhKHCC-cFKummEaUx8A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4WNxEWs8TednQQq554Yg5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://4k.dimakora4u.live/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Mar 2024 15:45:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4WNxEWs8TednQQq554Yg5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmII0pBiqGV4xtQKxDt8PFic0mewBgGxEDfHwtXb17MJfNgw2RAA6bINGA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://4k.dimakora4u.live
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 117ms
116ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=388126316288640&bg=!DQ6lDkHNAAZsmiNCTJo7ADQBe5WfOFVC_wlS2huJr6yJtEkEAcp7MKCJbBX5xLRioOR3WuaW8HoZNv0KT9MaWqw9i-XOAgAAAKxSAAAABGgBBwoAndsq_bjFvI8JWLkqVv1w36wjgS6p0JqHr5km5K0jrDkndRfkVa60hGUHD0LUQRkZ9GCWTDdEK-Sk5KATBkjaOVy2vXn4qXql9t3Jh0GMW3R6yvlsQvWOmxij1JT6mviAI0gmyc5YAAlBQwAGSko28jNmxD4Bwm3UeS-9oVty-mHYugT8GS-3QQtO45Uc6npqNAcCzIzG5pajl_l9-SGZAtev1FtWWErMJB15w5JjMCYQQvVet1zjf-Hsz82Od6O3k2zpHbEoZEORyG2UXLUnKOFFCT1RYsOUL8Tx4iPaknP7kBea8d31rUbtjbAXJDao9Xz0GEGE2mR1nSOBZpDLUNvNeEqO8zVqIdZ_J17CNDfQumw-K0G9fdPYPY6WHysufUDrXHnG7jiyR0IaJgiNxYaDf4PhYUOVa5z_sbn_9HkmC5ssB5yzWuJDlcnH8RgoxIMPNyWLCW8lJ4DS02xFP7QBDACcizf54B0wpvJZwbuc5KKJ88EfKqCV6arN4gPMkHNwu9Q8XcBHdqgb9npIBWfFi2N5Wa89MQCoMTctyhtpf9nn1CdqO494BSnLBnRYGoNFVApiRm38vYWBo6PCmxTkZH6_5-Q1EHV0RMZRsZmXNqapj6CcQdiTNzwIv_ZQicnePbTWAqN2J3XPCgnaVxtdLYFkRrBJmwjGZ1BjIAssPYOZiLKW_2Ia0dwshxoCfZLiy5bFbEiBKuKIhveilbHxt_vSGOmLlFkbdwbd4-g7xIKtdBJV1HrWXk7E-pgHWucx3g9Tjn5oULUugN2LklX7X--aF0XwbP1mVGsWtl7GhK68aicHgExTY-lMOA-age9KXT7BDKOJwrWop-HpvZ5b_Or8UhTTzRmwc1fXhun_nSAdha4j44WMOV0f8GRZG1JXtSuW1e0kQMoLLoMLNBpG8yfpOQavjGQgdozNRwCbtYu_zKEfNlyNcNX2kXqspUEWFIwrwkVnDt9rwntyBU92idpgYyuHo3YPXI9ul0gDofkv1JQO4BWtIgbpattToOlmxxdMRXfO-D-CM7ZlaTiwRc-ho97ljZ5i-cPRvUrDWT-y2_WrUqQ7dEKnXC4uUI92-XtcbqOq5-cTomWrreRG-Zoe7txoSPnjgw3uUZXhI3vdNRTrG2KrCIjt-vkLzb4e2dEGgKVC72fkFwpotl9Y3icgOx_l
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://4k.dimakora4u.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-09NY6B698L&gtm=45je4360v874070184za220&_p=1710085531994&gcd=13l3l3l3l1&npa=0&dma=0&cid=1027669674.1710085533&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1710085532&sct=1&seg=0&dl=https%3A%2F%2Fblog2.dimakora4u.live%2F&dt=Dima%20kora%20Blog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1026

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403040101/show_ads_impl_fy2021.js

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-09NY6B698L&gtm=45je4360v874070184za220&_p=1710085531994&gcd=13l3l3l3l1&npa=0&dma=0&cid=1027669674.1710085533&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EEA&_s=2&sid=1710085532&sct=1&seg=0&dl=https%3A%2F%2Fblog2.dimakora4u.live%2F&dt=Dima%20kora%20Blog&en=scroll&epn.percent_scrolled=90&_et=7&tfd=1332

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dimakora4u.live/	1970-01-21 04:37:25	Name: _ga Value: GA1.1.1027669674.1710085533
.dimakora4u.live/	1970-01-21 04:23:01	Name: __gads Value: ID=90ec2540567fd752:T=1710085533:RT=1710085533:S=ALNI_MZG2JnTM0VcWjTg08Viy9Eu_NkaVg
.dimakora4u.live/	1970-01-21 04:23:01	Name: __gpi Value: UID=00000dd14c813557:T=1710085533:RT=1710085533:S=ALNI_MajsWyPr3AMP-i5Wptza7jhmxGFGg
.dimakora4u.live/	1970-01-20 23:20:37	Name: __eoi Value: ID=8771dab9eb574314:T=1710085533:RT=1710085533:S=AA-AfjYzJTHM8Vt65OdyHCqho2v3
.doubleclick.net/	1970-01-21 04:37:25	Name: IDE Value: AHWqTUkxTnP8zRO7XqWbyUQYugQ0ViozRP28t5ir4qANoBHlGqb8fDOcp2i1qZjE5ek
.googleadservices.com/	1970-01-20 21:11:01	Name: ar_debug Value: 1
.dimakora4u.live/	1970-01-21 04:37:25	Name: _ga_09NY6B698L Value: GS1.1.1710085532.1.1.1710085536.0.0.0
.doubleclick.net/	1970-01-20 19:01:29	Name: DSID Value: NO_DATA

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://4k.dimakora4u.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4k.dimakora4u.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4k.dimakora4u.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4k.dimakora4u.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4k.dimakora4u.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4k.dimakora4u.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4k.dimakora4u.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4k.dimakora4u.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4k.dimakora4u.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://4k.dimakora4u.live/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4k.dimakora4u.live
ajax.googleapis.com
api.ipify.org
blog2.dimakora4u.live
cloud.sting-web.com
dimakora4u.live
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
media.gemini.media
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.google-analytics.com
104.26.13.205
172.217.165.130
2001:4860:4802:38::178
2606:4700:20::ac43:4ae0
2606:4700:3030::6815:1880
2606:50c0:8000::153
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80e::200a
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2004
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::2003
010022e9c25331a8974d06c42986db43a308487da284a31d662fb09c6fbbe3c3
05558c267f2a236caa9db848e3ee820c9e79238864f79ec268b7cd6f3601ce97
071c151f8391729d6164572dbda930f1b9c680f43cd2b420cb6844081b5ef6e8
0bc8ca412c2757b04141fe0ceff1706842aa84596b18c889668718146c7778ea
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19b7681ad6b2f23f511744340fd8815409918f0a67ccf15edcae821c38bc3cab
1a47d74874166bc61cbaeca87c289d9c0a95a8c2a135cbb335365ab4b974fdfc
1ae2415981333d53e0b0f0f2c01b7c70fa62deca9f26517bc001db33d3ff9943
1c71bad6dd528a9656e581158036670805a0fea9fe66e28335066d4b73da74cf
1cd44f071142743d8a7cfbc4a4de98c4fe68ae9c5e62e890e145a7d89e7b1678
288b0c2671ad8af06d66949597d4f73f629baf8c5587f7d7326759e22572fb01
2b0892f2e1c509762ae43642e6e05a54e052151125e23729f3b0382fea603591
30f861fc5a3276106cc12f170c99ec38e816be301fbeb97cf9f500109bfb6726
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
34096104e9d2c85b443a052174268cc1c674bfcc15407dc6e3a454372143573b
346b239f1579fcbfc0e4722456ab0bee0c4bfdfadd00fc90969d8eba74bec117
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ea3ef282e9a348492567a26cc40dd95b6bf81c2c3df2e2a0e5c74d6c0bfe670
50ae85df1a485aafa0b3cbca31ff4290eaf046d5d1fb853bc5646fe9119c26cd
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a1433553dad10b1617e945447ce8d2a7a4ce6542ad50fdb8b563f85560cbc3e
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
690dd607cbc8f953c6daeb0d59a0385c740b517257cf7d518076095d05e472ed
6ae3212b7993599dbc8bf64ccc3003abff2425161af7bba3f3fa59434ec7f7cb
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
6e94c25b430be6602221a71faf578547cb63de168bd71e4d792fed6cf2e30df4
75e5f23880072b2c56d1be5b965ab83359211dc1f2a26361fe9a32a586085089
83386ef5bc7063e7bd11f0583588a132973920d742ee4db515dfcb8c4fe32881
8466d6b2acbd5d6242b34db72f789896879d3f016906c706b307d7efa7ea1b28
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8a79f50b45187c7ee60c966edcc5f286ef44d1f6324a0b69131b0af822a78299
8b56646f9fb523d0e6e6874630d55d71d53f6168d3ae7218df91b3fbc114ea60
8da6d9f786fc66fef41ad2f3d132a99d994c94519fa47ea190d1723324060866
8ed53f4d67b6ea642ce41a8631e6477958a97da01391e61754fefb75f0253461
98c04116b1ebd7ae4b92927d57bb20820c72ac0e7bc460392db1dd1bebab0927
9f67c9758ad57e66a52ad417e27e51d8dd4a5b1e29712b5c93a264242bff0c31
9f949f724e264e1571045f61be31a2a0f24b80b265a080b62f636f14e9ee0d20
a17e80aa74582d427be7cb16eee5c59457942a00e58471a9c86dae3249d41ec6
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a7ca742ab6a48a404380801720c8b179ed8e37ddbb1afd0d9f7c0295c48ca0b2
a97b842557589889977538fc9d1f385ed523ece1a30b0561abf341f1c21dbf0f
b9a3b68a0a52950c48f2b8d2ac0bd8982ae4fdf517fcf948f9ba9aefd9101feb
bd17b0acf76acf7a488bac6b8893675476cec50a7f79fe891f7c4410ec00570d
bfe4d3189c24a864812c91d7bc293710f2256491fbecad9878f58a7f940925bd
d7380722fecf4601be898b31e0ca788104b2b737e023671dd2187c5b1757d9bb
d7b797b3350ee7c2a178a1d6127707074661abbb593039b9192684d552534e62
d8741cd8cd7395684b2b82975889a2bdad220344bc1eb6185a4f76989b721ef4
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b22f066e1dfc358508ed9fe0f666c1232f15ca946b7da93cfa9b28685783a3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3df6cf391f919af090d0689494c52360ad93e8cd65160864376f6ab75abff19
fbefd0f89d8680dae4835d314338021a7e3413ef4245c37ddae5fcc015a2c2df

4k.dimakora4u.live Open in urlscan Pro 2606:4700:3030::6815:1880 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

95 %HTTPS

88 %IPv6

12 Domains

18 Subdomains

17 IPs

2 Countries

1544 kBTransfer

3899 kBSize

8 Cookies

7 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

4k.dimakora4u.live Open in urlscan Pro
2606:4700:3030::6815:1880 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

95 %
HTTPS

88 %
IPv6

12
Domains

18
Subdomains

17
IPs

2
Countries

1544 kB
Transfer

3899 kB
Size

8
Cookies

93 HTTP transactions
10 data transactions