www.kora1911.com Open in urlscan Pro
2a00:1450:4001:81f::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html
Effective URL:
https://www.kora1911.com/
Submission: On September 23 via manual (September 23rd 2019, 10:29:46 am UTC) from IL

Summary HTTP 66 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 16 domains to perform 66 HTTP transactions. The main IP is 2a00:1450:4001:81f::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE - Google LLC, US. The main domain is www.kora1911.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 22nd 2019. Valid for: 3 months.

This is the only time www.kora1911.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	128.139.7.33 128.139.7.33	378 (MACHBA-AS...) (MACHBA-AS ILAN)
8	2a00:1450:400... 2a00:1450:4001:81f::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
14	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
18	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:e0:... 2606:4700:e0::ac40:6d08	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681c:1f87	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	67.202.94.93 67.202.94.93	32748 (STEADFAST) (STEADFAST - Steadfast)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
66	18

3 128.139.7.33 (Jerusalem, Israel)

ASN378 (MACHBA-AS ILAN, IL)

libraries.huji.ac.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.kora1911.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6d08 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

raw.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:1f87 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.fontstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	blogspot.com 3.bp.blogspot.com 2.bp.blogspot.com 1.bp.blogspot.com 4.bp.blogspot.com	1 MB
8	kora1911.com www.kora1911.com	106 KB
7	doubleclick.net googleads.g.doubleclick.net
3	googlesyndication.com pagead2.googlesyndication.com	196 KB
3	huji.ac.il libraries.huji.ac.il	26 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	ampproject.org cdn.ampproject.org	7 KB
1	amung.us whos.amung.us	144 B
1	googletagservices.com www.googletagservices.com	29 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	fontstatic.com www.fontstatic.com	57 KB
1	githack.com raw.githack.com	7 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	googletagmanager.com www.googletagmanager.com	27 KB
1	youtube.com www.youtube.com
66	16

	Domain	Requested by
18	1.bp.blogspot.com	www.kora1911.com www.googletagservices.com
8	2.bp.blogspot.com	www.kora1911.com www.googletagservices.com
8	www.kora1911.com	libraries.huji.ac.il www.kora1911.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	3.bp.blogspot.com	www.kora1911.com
3	pagead2.googlesyndication.com	www.kora1911.com pagead2.googlesyndication.com
3	libraries.huji.ac.il	libraries.huji.ac.il
2	www.google-analytics.com	www.googletagmanager.com www.kora1911.com
1	cdn.ampproject.org	pagead2.googlesyndication.com
1	whos.amung.us	raw.githack.com
1	4.bp.blogspot.com	www.googletagservices.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.fontstatic.com	www.kora1911.com
1	raw.githack.com	www.kora1911.com
1	ajax.googleapis.com	www.kora1911.com
1	www.googletagmanager.com	www.kora1911.com
1	www.youtube.com	libraries.huji.ac.il
66	19

This site contains links to these domains. Also see Links.

Domain
www.mshareq.net
plus.google.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
*.libraries.huji.ac.il TERENA SSL CA 3	`2019-09-05` - `2021-09-09`	2 years	crt.sh
www.kora1911.com Let's Encrypt Authority X3	`2019-08-22` - `2019-11-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
sni177193.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-07` - `2020-02-13`	6 months	crt.sh
sni113267.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-24` - `2020-03-01`	6 months	crt.sh
whos.amung.us GeoTrust EV RSA CA 2018	`2018-03-09` - `2020-05-25`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.kora1911.com/
Frame ID: 355587BC271C888DD2E0C32745212CBE
Requests: 62 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XzSgrwxhdHc
Frame ID: 3CB067774C1A313350B7043A81F11590
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js
Frame ID: 1EFB3AACAC3F3E736226163BB34053E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190918/r20190131/zrt_lookup.html
Frame ID: 21FEF6C87B9E73D55F16D93B5CD19A8A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&adk=1812271804&adf=3025194257&lmt=1569157934&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.kora1911.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1569234570645&bpp=10&bdt=70&fdt=81&idt=81&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1760147223411&frm=20&pv=2&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=2271371&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=0.8j44hqn2ujr6&fsb=1&dtd=95
Frame ID: 0D99E2562BC00FDB87CF513B1D19ACF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&h=90&slotname=8396321698&adk=1025775158&adf=2432364517&w=1090&fwrn=4&lmt=1569157934&rafmt=10&guci=1.2.0.0.2.2.0.0&format=1090x90_0ads_al&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1569234570655&bpp=7&bdt=80&fdt=95&idt=95&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=35825803&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=249&ady=90&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=1.9s0606p5l6ja&fsb=1&xpc=x2qg6MRTYR&p=https%3A//www.kora1911.com&dtd=101
Frame ID: 0FA7F7D87F0E452FAE0DF819F7746080
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&h=200&slotname=6129251004&adk=2685860993&adf=751016156&w=1090&fwrn=4&lmt=1569157934&rafmt=11&guci=1.2.0.0.2.2.0.0&format=1090x200&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&wgl=1&adsid=NT&dt=1569234570663&bpp=4&bdt=88&fdt=123&idt=123&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=35825803&dssz=28&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=249&ady=180&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=2.n3nc8wboaa54&fsb=1&xpc=cJTmh5ffD9&p=https%3A//www.kora1911.com&dtd=126
Frame ID: 167B11C860BA8E8672528E183901E128
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&h=90&slotname=8396321698&adk=2376473324&adf=3582494552&w=1096&fwrn=4&lmt=1569157934&rafmt=10&guci=1.2.0.0.2.2.0.0&format=1096x90_0ads_al&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1569234570667&bpp=4&bdt=92&fdt=132&idt=132&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al%2C1090x200&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=143303215&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=1246&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=3.r4vrd6y4qqf5&fsb=1&xpc=ehkdUYdkT0&p=https%3A//www.kora1911.com&dtd=135
Frame ID: E481638790972F2FB8EFC2088A109329
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&h=280&slotname=7494303561&adk=2722845333&adf=3092315985&w=1096&fwrn=4&fwrnh=100&lmt=1569157934&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1096x280&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1569234570671&bpp=5&bdt=96&fdt=174&idt=174&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al%2C1090x200%2C1096x90_0ads_al&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=573212863&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=1336&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=4&uci=4.c9rxhbnc7nqt&fsb=1&xpc=sy2prxzgzT&p=https%3A//www.kora1911.com&dtd=181
Frame ID: 18515CD1796A6DE4F4B1FD44A6A558BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&h=280&adk=513214378&adf=446550095&w=343&fwrn=4&fwrnh=100&lmt=1569157934&rafmt=1&to=qs&pwprc=1253768548&guci=1.2.0.0.2.2.0.0&format=343x280&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1569234570880&bpp=3&bdt=305&fdt=4&idt=4&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al%2C1090x200%2C1096x90_0ads_al%2C1096x280&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=9171405823&dssz=32&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=988&ady=2613&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopveEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=5&uci=5.ncxjm2jz6ae&fsb=1&xpc=vjt0mt4OAx&p=https%3A//www.kora1911.com&dtd=7
Frame ID: 2501CB89C8302370033688DD0E64D3E0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html Page URL
https://www.kora1911.com/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

66
Requests

98 %
HTTPS

88 %
IPv6

16
Domains

19
Subdomains

18
IPs

3
Countries

1728 kB
Transfer

2694 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mshareq.net/
Title: 6

Search URL Search Domain Scan URL

URL: https://plus.google.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html Page URL
https://www.kora1911.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK levarpol-v-tls32.html Show response
libraries.huji.ac.il/sites/default/files/webform/ 30 KB
6 KB 508ms
108ms Document
text/html 128.139.7.33
MACHBA-AS ILAN

General

Check archive.org

Show headers Download Go to

Full URL: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 128.139.7.33 Jerusalem, Israel, ASN378 (MACHBA-AS ILAN, IL),
Reverse DNS
Software: Apache/2 /
Resource Hash: 4f7df343b4bff8c2b03935d9f5d7c262c1d6c67a4b1b005aeeab6d815267d5af

Request headers

Host: libraries.huji.ac.il
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Mon, 23 Sep 2019 10:29:30 GMT
Server: Apache/2
Last-Modified: Mon, 23 Sep 2019 06:18:31 GMT
ETag: "77d5-59332638c7a9c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1209600
Expires: Mon, 07 Oct 2019 10:29:30 GMT
Content-Length: 6196
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 404
Not Found OttuX3_xWDU
libraries.huji.ac.il/sites/default/files/webform/ 10 KB
10 KB 141ms
140ms Image
text/html 128.139.7.33
MACHBA-AS ILAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libraries.huji.ac.il/sites/default/files/webform/OttuX3_xWDU
Requested by: Host: libraries.huji.ac.il
URL: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 128.139.7.33 Jerusalem, Israel, ASN378 (MACHBA-AS ILAN, IL),
Reverse DNS
Software: Apache/2 /
Resource Hash: eccd83fa50618aa7a75e2e56f9d655635289839dc99a49368e05075a5ee614b8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 10:29:30 GMT
Content-Encoding: gzip
x-drupal-cache-os-boxes-cache-id: os_boxes_cache:58351:1554371511:0,os_boxes_cache:58351:1530523117:0,os_boxes_cache:58351:1539600879:0,os_boxes_cache:58351:1533030933:0,os_boxes_cache:58351:1534923110:0,os_boxes_cache:58351:1553762832:0,os_boxes_cache:58351:1563191442:0,os_boxes_cache:58351:1563190746:0,os_boxes_cache:58351:1563190796:0,os_boxes_cache:58351:1563190827:0,os_boxes_cache:58351:1563190854:0,os_boxes_cache:58351:1563190970:0,os_boxes_cache:58351:1562246757:0,os_boxes_cache:58351:1562479507:0,os_boxes_cache:58351:1539685429:0,os_boxes_cache:58351:1529423395:0,os_boxes_cache:58351:1546431999:0,os_boxes_cache:58351:1530524824:0,os_boxes_cache:58351:1541071535:0,os_boxes_cache:58351:1547567372:0,os_boxes_cache:58351:1563177473:0
Connection: Keep-Alive
x-drupal-cache-os-boxes-plugin: os_boxes_media,os_boxes_html,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_html,os_boxes_html,os_boxes_html,os_boxes_html,os_boxes_html,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media
Link: <https://libraries.huji.ac.il/>; rel="canonical",<https://libraries.huji.ac.il/>; rel="shortlink"
Last-Modified: Mon, 23 Sep 2019 10:29:24 GMT
Server: Apache/2
Etag: "1569234564-1"
Vary: Cookie,Accept-Encoding
Content-Language: he
X-Generator: OpenScholar for Drupal 7 (http://theopenscholar.org)
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=5, max=99
X-Drupal-Cache: HIT
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 liverpool-v-newcastle-united.html Show response
www.kora1911.com/2019/09/ 0
0 268ms
177ms Script
text/html 2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kora1911.com/2019/09/liverpool-v-newcastle-united.html
Requested by: Host: libraries.huji.ac.il
URL: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 404
Not Found CsGBdOrqyPbN2IZc8cJkJXtUPoII
libraries.huji.ac.il/sites/default/files/webform/ 10 KB
10 KB 324ms
107ms Image
text/html 128.139.7.33
MACHBA-AS ILAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libraries.huji.ac.il/sites/default/files/webform/CsGBdOrqyPbN2IZc8cJkJXtUPoII
Requested by: Host: libraries.huji.ac.il
URL: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 128.139.7.33 Jerusalem, Israel, ASN378 (MACHBA-AS ILAN, IL),
Reverse DNS
Software: Apache/2 /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 23 Sep 2019 10:29:30 GMT
Content-Encoding: gzip
x-drupal-cache-os-boxes-cache-id: os_boxes_cache:58351:1554371511:0,os_boxes_cache:58351:1530523117:0,os_boxes_cache:58351:1539600879:0,os_boxes_cache:58351:1533030933:0,os_boxes_cache:58351:1534923110:0,os_boxes_cache:58351:1553762832:0,os_boxes_cache:58351:1563191442:0,os_boxes_cache:58351:1563190746:0,os_boxes_cache:58351:1563190796:0,os_boxes_cache:58351:1563190827:0,os_boxes_cache:58351:1563190854:0,os_boxes_cache:58351:1563190970:0,os_boxes_cache:58351:1562246757:0,os_boxes_cache:58351:1562479507:0,os_boxes_cache:58351:1539685429:0,os_boxes_cache:58351:1529423395:0,os_boxes_cache:58351:1546431999:0,os_boxes_cache:58351:1530524824:0,os_boxes_cache:58351:1541071535:0,os_boxes_cache:58351:1547567372:0,os_boxes_cache:58351:1563177473:0
Connection: Keep-Alive
x-drupal-cache-os-boxes-plugin: os_boxes_media,os_boxes_html,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_html,os_boxes_html,os_boxes_html,os_boxes_html,os_boxes_html,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media,os_boxes_media
Link: <https://libraries.huji.ac.il/>; rel="canonical",<https://libraries.huji.ac.il/>; rel="shortlink"
Last-Modified: Mon, 23 Sep 2019 10:29:24 GMT
Server: Apache/2
Etag: "1569234564-1"
Vary: Cookie,Accept-Encoding
Content-Language: he
X-Generator: OpenScholar for Drupal 7 (http://theopenscholar.org)
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Keep-Alive: timeout=5, max=100
X-Drupal-Cache: HIT
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET email-decode.min.js
libraries.huji.ac.il/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 0
0

GET
H2 200 XzSgrwxhdHc
www.youtube.com/embed/ Frame 3CB0 0
0 66ms
66ms Document
text/html 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XzSgrwxhdHc

Requested by

Host: libraries.huji.ac.il
URL: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/XzSgrwxhdHc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html

Response headers

status: 200
expires: Tue, 27 Apr 1971 19:44:06 EST
content-type: text/html; charset=utf-8
cache-control: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
date: Mon, 23 Sep 2019 10:29:30 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=t_ecwPFRwUE; path=/; domain=.youtube.com; expires=Sat, 21-Mar-2020 10:29:30 GMT; httponly YSC=5AK8SsNKw90; path=/; domain=.youtube.com; httponly VISITOR_INFO1_LIVE=t_ecwPFRwUE; path=/; domain=.youtube.com; expires=Sat, 21-Mar-2020 10:29:30 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Sat, 23-May-2020 22:22:30 GMT GPS=1; path=/; domain=.youtube.com; expires=Mon, 23-Sep-2019 10:59:30 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Primary Request / Show response
www.kora1911.com/ 85 KB
19 KB 157ms
157ms Document
text/html 2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kora1911.com/

Requested by

Host: libraries.huji.ac.il
URL: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

d42acdba6ef735791d8e8a8be952608011824ef9022f6878e21c9c7685c41e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.kora1911.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://libraries.huji.ac.il/sites/default/files/webform/levarpol-v-tls32.html

Response headers

status: 200
x-robots-tag: all
content-type: text/html; charset=UTF-8
expires: Mon, 23 Sep 2019 10:29:30 GMT
date: Mon, 23 Sep 2019 10:29:30 GMT
cache-control: private, max-age=0
last-modified: Sun, 22 Sep 2019 13:12:14 GMT
etag: W/"cfb93ce1fb0f0b7f571d470d07ec1282f5e201a10e2628f8b5f0ad4aba4e89ab"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19201
server: GSE

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 96 KB
35 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b828b9394042c891d554cd5b25bb5e7ae6e199c9069379154e00f3a47f86866c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 35481
x-xss-protection: 0
server: cafe
etag: 10678239320863688587
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Sep 2019 10:29:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
27 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-146428914-1

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1313e81a9937da2242d15e35fb1f5eca10771264fe10c94c89ce134dd85db46

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: br
last-modified: Mon, 23 Sep 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 27179
x-xss-protection: 0
expires: Mon, 23 Sep 2019 10:29:30 GMT

GET
H2 200 Capture.png
3.bp.blogspot.com/-6j0WTII4bhQ/XV_4qf9MG9I/AAAAAAAAAQc/rA5TEdpjRFI0ETv9RZZR1ber2MG5P2PvgCK4BGAYYCw/w800/ 74 KB
75 KB 41ms
20ms Image
image/png 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-6j0WTII4bhQ/XV_4qf9MG9I/AAAAAAAAAQc/rA5TEdpjRFI0ETv9RZZR1ber2MG5P2PvgCK4BGAYYCw/w800/Capture.png

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

f4e55c93d94594a3ca6ccdea3a0a112b6056613eda3b0efc127528c02b3813cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="Capture.png"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 76258
x-xss-protection: 0
server: fife
etag: "v108"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 21:37:15 GMT

GET
H2 200 manchester%2Bunited%2Bvs%2Bastana.jpg
3.bp.blogspot.com/-BdBgB1EfW_E/XYORrgknN4I/AAAAAAAAAaI/VvDiwoLoElYNTFDdMYke_OwnvBtgqiK0ACLcBGAsYHQ/s1600/ 64 KB
65 KB 27ms
6ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-BdBgB1EfW_E/XYORrgknN4I/AAAAAAAAAaI/VvDiwoLoElYNTFDdMYke_OwnvBtgqiK0ACLcBGAsYHQ/s1600/manchester%2Bunited%2Bvs%2Bastana.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

4fdc768f304b2ec9274d11512decb48daa1d31a5331540f6b49a3784f2f6269f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="manchester united vs astana.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 65755
x-xss-protection: 0
server: fife
etag: "v1a3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 20 Sep 2019 16:41:08 GMT

GET
H2 200 as-roma-vs-medipol-basaksehir-f.k.jpg
3.bp.blogspot.com/-gPZkF83E9-w/XYONJ4iJskI/AAAAAAAAAZw/Dqwd_DdvJ_c3AFP1yS8M4Olr-Hgo6zCBgCLcBGAsYHQ/s1600/ 63 KB
63 KB 36ms
15ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-gPZkF83E9-w/XYONJ4iJskI/AAAAAAAAAZw/Dqwd_DdvJ_c3AFP1yS8M4Olr-Hgo6zCBgCLcBGAsYHQ/s1600/as-roma-vs-medipol-basaksehir-f.k.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

490ebee91fe15ae118d591f453b1fecc1404722aff3816ef1c9fa1fbcffea29f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="as-roma-vs-medipol-basaksehir-f.k.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 64782
x-xss-protection: 0
server: fife
etag: "v19d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 20 Sep 2019 16:41:08 GMT

GET
H2 200 eintracht-frankfurt-vs-arsenal-fc.jpg
2.bp.blogspot.com/-b1beFr7JROw/XYODkrjdVLI/AAAAAAAAAZY/AhkD_f1rV6AcET3dbcvnnWjW3mISJr2HwCLcBGAsYHQ/s1600/ 65 KB
65 KB 39ms
15ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-b1beFr7JROw/XYODkrjdVLI/AAAAAAAAAZY/AhkD_f1rV6AcET3dbcvnnWjW3mISJr2HwCLcBGAsYHQ/s1600/eintracht-frankfurt-vs-arsenal-fc.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

7969a95ed1d72454dfb8cc0f15725bb67ce8dd9ff650e189e2a8afdb6c42a7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="eintracht-frankfurt-vs-arsenal-fc.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 66744
x-xss-protection: 0
server: fife
etag: "v197"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 20 Sep 2019 16:41:08 GMT

GET
H2 200 qaraba%25C4%259F-a%25C4%259Fdam-fk-vs-sevilla.jpg
1.bp.blogspot.com/-55DTTnwDF7o/XYN72hmFLhI/AAAAAAAAAZM/4so4Osh1Y94sGgRdhAomKasfOaxCmtw-gCLcBGAsYHQ/s1600/ 62 KB
62 KB 12ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-55DTTnwDF7o/XYN72hmFLhI/AAAAAAAAAZM/4so4Osh1Y94sGgRdhAomKasfOaxCmtw-gCLcBGAsYHQ/s1600/qaraba%25C4%259F-a%25C4%259Fdam-fk-vs-sevilla.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

7059c6064a3458ffc012b176fdf14c939a3df2886c28bea3864a2776a9a67056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="qaraba_-a_dam-fk-vs-sevilla.jpg";filename*=UTF-8''qaraba%C4%9F-a%C4%9Fdam-fk-vs-sevilla.jpg
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 63125
x-xss-protection: 0
server: fife
etag: "v194"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 20 Sep 2019 17:04:46 GMT

GET
H2 200 %25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25B4%25D8%25A8%25D8%25A7%25D8%25A8-%25D9%2588%25D...
2.bp.blogspot.com/--p6kYzDEFE4/XYM6fP5o0bI/AAAAAAAAAZA/2WvRf8nZ8lkZnzn55miitRqE1XJG9M18ACLcBGAsYHQ/s1600/ 40 KB
41 KB 32ms
8ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/--p6kYzDEFE4/XYM6fP5o0bI/AAAAAAAAAZA/2WvRf8nZ8lkZnzn55miitRqE1XJG9M18ACLcBGAsYHQ/s1600/%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A7%25D9%2584%25D8%25B4%25D8%25A8%25D8%25A7%25D8%25A8-%25D9%2588%25D8%25B6%25D9%2585%25D9%2583-%25D8%25A7%25D9%2584%25D8%25B3%25D8%25B9%25D9%2588%25D8%25AF%25D9%258A-%25D8%25A7%25D9%2584%25D9%258A%25D9%2588%25D9%2585.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

ee7eed961468344fb512eb3cbd5b9ab31bd75a04981014a112519dd8ab46f7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="______-______-______-____-_______-_____.jpg";filename*=UTF-8''%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A7%D9%84%D8%B4%D8%A8%D8%A7%D8%A8-%D9%88%D8%B6%D9%85%D9%83-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-%D8%A7%D9%84%D9%8A%D9%88%D9%85.jpg
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 41346
x-xss-protection: 0
server: fife
etag: "v191"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 20 Sep 2019 08:46:04 GMT

GET
H2 200 90425.jpg
2.bp.blogspot.com/-wgfnViZ7-UU/XYI5N-6XjmI/AAAAAAAAAY0/spcMT3ak5EAPJ7fgTSurjrLxjkzqEp-QgCLcBGAsYHQ/s1600/ 55 KB
55 KB 47ms
23ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-wgfnViZ7-UU/XYI5N-6XjmI/AAAAAAAAAY0/spcMT3ak5EAPJ7fgTSurjrLxjkzqEp-QgCLcBGAsYHQ/s1600/90425.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

d6c7c07fbe4a5de6dad07d3e77b19b7d6cbcc280f2decf73a5ae64fddf9a7d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="90425.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 55885
x-xss-protection: 0
server: fife
etag: "v18e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 19 Sep 2019 15:15:14 GMT

GET
H2 200 %25D8%25AF%25D9%2588%25D8%25B1%25D9%258A-%25D8%25A3%25D8%25A8%25D8%25B7%25D8%25A7%25D9%2584-%25D8%25A3%25D9%2588%25D8%25B1%25D9%2588%25D8%25A8%25D8%25A7.jpg
2.bp.blogspot.com/-q0vxJrnrmlY/XYI33gx087I/AAAAAAAAAYo/EpMP42A6nzcFHwEYDJCSFYZ3ZrH8VXXzACPcBGAYYCw/s1600/ 84 KB
85 KB 42ms
19ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-q0vxJrnrmlY/XYI33gx087I/AAAAAAAAAYo/EpMP42A6nzcFHwEYDJCSFYZ3ZrH8VXXzACPcBGAYYCw/s1600/%25D8%25AF%25D9%2588%25D8%25B1%25D9%258A-%25D8%25A3%25D8%25A8%25D8%25B7%25D8%25A7%25D9%2584-%25D8%25A3%25D9%2588%25D8%25B1%25D9%2588%25D8%25A8%25D8%25A7.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

0d0584f13aabe7ef0f2ecb0c668efc398885a0810c06022b240bb06c3f66bde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="____-_____-______.jpg";filename*=UTF-8''%D8%AF%D9%88%D8%B1%D9%8A-%D8%A3%D8%A8%D8%B7%D8%A7%D9%84-%D8%A3%D9%88%D8%B1%D9%88%D8%A8%D8%A7.jpg
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 86306
x-xss-protection: 0
server: fife
etag: "v18b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 23 Sep 2019 19:09:40 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 22:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2201727
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 30306
x-xss-protection: 0
last-modified: Fri, 24 Mar 2017 20:55:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Aug 2020 22:54:03 GMT

GET
H2 200 t.js Show response
raw.githack.com/shalhop/2travel.info/master/ 13 KB
7 KB 108ms
74ms Script
application/javascript 2606:4700:e0::ac40:6d08
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githack.com/shalhop/2travel.info/master/t.js

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6d08 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

05081103d0687c342c33f2f07f0e9aad576e9fb26fdb5564f510d6a76c656cf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id: 48cb606e0f1fddb397bf386816409b554a71eb03
date: Mon, 23 Sep 2019 10:29:30 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-geo-block-list
x-cache: MISS
status: 200
x-cache-hits: 0
strict-transport-security: max-age=31536000
content-encoding: br
source-age: 0
x-served-by: cache-bma1625-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: 14E2:4A6A:EDD19:124A35:5D5D142C
x-timer: S1566381101.461828,VS0,VE181
etag: W/"ea66c45c0f3efe85bfa834364d8794294c1e76b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=300, s-maxage=300, public
cf-ray: 51abd682882adfeb-FRA
expires: Mon, 23 Sep 2019 10:34:30 GMT

GET
H2 200 %D8%A7%D8%AE%D8%A8%D8%A7%D8%B1 Show response
www.kora1911.com/feeds/posts/default/-/ 60 KB
13 KB 160ms
155ms Script
text/javascript 2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kora1911.com/feeds/posts/default/-/%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1?alt=json-in-script&redirect=false&start-index=1&max-results=3&callback=plist

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

fae6a1a005964f5722cc71b7bf791704cba10cbc0a585ed869de912a37b9ce13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Sep 2019 13:12:14 GMT
server: blogger-renderd
etag: W/"2e343f5f2565d31d231a87c8c78d293dd2df33d197fa861d4a149718d7274689"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
vary: Accept-Encoding
content-length: 13111
x-xss-protection: 0
expires: Mon, 23 Sep 2019 10:29:31 GMT

GET
H2 200 %D8%A7%D8%B9%D9%84%D8%A7%D9%86%20%D8%AA%D9%88%D8%B8%D9%8A%D9%81 Show response
www.kora1911.com/feeds/posts/default/-/ 59 KB
12 KB 162ms
157ms Script
text/javascript 2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kora1911.com/feeds/posts/default/-/%D8%A7%D8%B9%D9%84%D8%A7%D9%86%20%D8%AA%D9%88%D8%B8%D9%8A%D9%81?alt=json-in-script&redirect=false&start-index=1&max-results=3&callback=plist

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

1bd2b0cff6687463465b7b3bad801becdd9af8f6e7a27c05d53a449dfc230ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Sep 2019 13:12:14 GMT
server: blogger-renderd
etag: W/"df9baeddd0fe8672f40a781ea73801b8b7b55a4ba8eecc019f0709b5fa3063e5"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
vary: Accept-Encoding
content-length: 12381
x-xss-protection: 0
expires: Mon, 23 Sep 2019 10:29:31 GMT

GET
H2 200 %D8%B1%D9%8A%D8%A7%D8%B6%D8%A9 Show response
www.kora1911.com/feeds/posts/default/-/ 109 KB
18 KB 172ms
168ms Script
text/javascript 2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kora1911.com/feeds/posts/default/-/%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9?alt=json-in-script&redirect=false&start-index=1&max-results=6&callback=plist

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

96ebe6b9c0282497b3c8792a8f05f40f3973b9426d2a1c16993b210d31dad6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Sep 2019 13:12:14 GMT
server: blogger-renderd
etag: W/"c5b816660257dc60299e6b5136faae6206555378ea82576a6d67c066fb6b5ff1"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
vary: Accept-Encoding
content-length: 18285
x-xss-protection: 0
expires: Mon, 23 Sep 2019 10:29:31 GMT

GET
H2 200 %D8%A7%D9%84%D9%81%D9%86 Show response
www.kora1911.com/feeds/posts/default/-/ 72 KB
15 KB 177ms
172ms Script
text/javascript 2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kora1911.com/feeds/posts/default/-/%D8%A7%D9%84%D9%81%D9%86?alt=json-in-script&redirect=false&start-index=1&max-results=4&callback=plist

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

b6a29b91d709c0cd30b48ac4792b4d3d86ce0a5faa01f21becc842719e6847ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Sep 2019 13:12:14 GMT
server: blogger-renderd
etag: W/"d9c4dd0614ee28e83790209ad420359a1d891832b061c41ac4ee942a6501300d"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
vary: Accept-Encoding
content-length: 15357
x-xss-protection: 0
expires: Mon, 23 Sep 2019 10:29:31 GMT

GET
H2 200 %D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7 Show response
www.kora1911.com/feeds/posts/default/-/ 69 KB
14 KB 168ms
164ms Script
text/javascript 2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kora1911.com/feeds/posts/default/-/%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7?alt=json-in-script&redirect=false&start-index=1&max-results=4&callback=plist

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

d5eea6136038c5300119732567f23bca6b7c496236e275d87f4bc006a10843d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Sep 2019 13:12:14 GMT
server: blogger-renderd
etag: W/"e9f32338b4b1d895402ae8aed71c88e0091d8f3a4d157a40d39c6b6eec162432"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
vary: Accept-Encoding
content-length: 14362
x-xss-protection: 0
expires: Mon, 23 Sep 2019 10:29:31 GMT

GET
H2 200 %D9%85%D9%86%D9%88%D8%B9%D8%A7%D8%AA Show response
www.kora1911.com/feeds/posts/default/-/ 65 KB
14 KB 165ms
161ms Script
text/javascript 2a00:1450:4001:81f::2013
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kora1911.com/feeds/posts/default/-/%D9%85%D9%86%D9%88%D8%B9%D8%A7%D8%AA?alt=json-in-script&redirect=false&start-index=1&max-results=4&callback=plist

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

f26785f085b624fd247d29b9cfb7415eea6e5203ee09692dd15980c7c6397f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 22 Sep 2019 13:12:14 GMT
server: blogger-renderd
etag: W/"fa180772737933072dae07e61a22d589d25ac60af1dd0e421afd850ea568430e"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
vary: Accept-Encoding
content-length: 14572
x-xss-protection: 0
expires: Mon, 23 Sep 2019 10:29:31 GMT

GET
H2 200 bein-normal.woff
www.fontstatic.com/fonts/bein-normal/ 56 KB
57 KB 56ms
21ms Font
application/font-woff 2606:4700:30::681c:1f87
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fontstatic.com/fonts/bein-normal/bein-normal.woff
Requested by: Host: www.kora1911.com
URL: https://www.kora1911.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1f87 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1572db5eedd96375fca4c86c7e145981634e07999fa7baa01ccec7ced18b194c

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.kora1911.com/
Origin: https://www.kora1911.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 339
status: 200
pragma: public
last-modified: Thu, 18 Jul 2019 17:49:59 GMT
server: cloudflare
etag: W/"5d30b147-e174"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
expires: Sat, 28 Sep 2019 10:29:30 GMT
cache-control: public, max-age=432000
cf-ray: 51abd6828c4259a0-VIE
x-proxy-cache: BYPASS

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kora1911.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kora1911.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/ 219 KB
81 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fc210097c624aab58388cb77889ef8f56a5fdf2192a1ff0df46153bdee5b9ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 82617
x-xss-protection: 0
server: cafe
etag: 8503094575604046247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Sep 2019 10:29:30 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/ Frame 1EFB 219 KB
81 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fc210097c624aab58388cb77889ef8f56a5fdf2192a1ff0df46153bdee5b9ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 82617
x-xss-protection: 0
server: cafe
etag: 8503094575604046247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Sep 2019 10:29:30 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190918/r20190131/ Frame 21FE 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190918/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190918/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.kora1911.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm7y5kzqDcr_34hvAlANZRxjmU_7bonHhsYudbq3-tRPHJNIhsCvJrVlLZ5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.kora1911.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 18 Sep 2019 14:16:14 GMT
expires: Wed, 02 Oct 2019 14:16:14 GMT
content-type: text/html; charset=UTF-8
etag: 14866779439905550351
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7273
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 418396
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146428914-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6357
date: Mon, 23 Sep 2019 08:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Mon, 23 Sep 2019 10:43:33 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0D99 0
0 73ms
73ms Document
text/html 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&adk=1812271804&adf=3025194257&lmt=1569157934&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.kora1911.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1569234570645&bpp=10&bdt=70&fdt=81&idt=81&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1760147223411&frm=20&pv=2&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=2271371&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=0.8j44hqn2ujr6&fsb=1&dtd=95

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6503249664722230&output=html&adk=1812271804&adf=3025194257&lmt=1569157934&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.kora1911.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1569234570645&bpp=10&bdt=70&fdt=81&idt=81&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1760147223411&frm=20&pv=2&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=2271371&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=0.8j44hqn2ujr6&fsb=1&dtd=95
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.kora1911.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm7y5kzqDcr_34hvAlANZRxjmU_7bonHhsYudbq3-tRPHJNIhsCvJrVlLZ5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.kora1911.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 23 Sep 2019 10:29:30 GMT
server: cafe
content-length: 430
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3a96269ebd1d5bb4f34e34c40aa42a5f980ad1751336bde61d7aae4aa81dcdea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568978262986714"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29169
x-xss-protection: 0
expires: Mon, 23 Sep 2019 10:29:30 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0FA7 0
0 189ms
188ms Document
text/html 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&h=90&slotname=8396321698&adk=1025775158&adf=2432364517&w=1090&fwrn=4&lmt=1569157934&rafmt=10&guci=1.2.0.0.2.2.0.0&format=1090x90_0ads_al&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1569234570655&bpp=7&bdt=80&fdt=95&idt=95&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=35825803&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=249&ady=90&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=1.9s0606p5l6ja&fsb=1&xpc=x2qg6MRTYR&p=https%3A//www.kora1911.com&dtd=101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6503249664722230&output=html&h=90&slotname=8396321698&adk=1025775158&adf=2432364517&w=1090&fwrn=4&lmt=1569157934&rafmt=10&guci=1.2.0.0.2.2.0.0&format=1090x90_0ads_al&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1569234570655&bpp=7&bdt=80&fdt=95&idt=95&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=35825803&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=249&ady=90&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=1&uci=1.9s0606p5l6ja&fsb=1&xpc=x2qg6MRTYR&p=https%3A//www.kora1911.com&dtd=101
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.kora1911.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm7y5kzqDcr_34hvAlANZRxjmU_7bonHhsYudbq3-tRPHJNIhsCvJrVlLZ5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.kora1911.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 23 Sep 2019 10:29:30 GMT
server: cafe
content-length: 5741
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
104 B 15ms
14ms Image
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=681286053&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kora1911.com%2F&dr=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&ul=en-us&de=UTF-8&dt=%D9%83%D9%88%D8%B1%D8%A9%20%D8%AA%D8%B1%D8%A7%D9%81%D9%84&sd=24-bit&sr=1600x1200&vp=1588x1200&je=0&_u=IAhAAUAB~&jid=1943687258&gjid=1626850136&cid=1704187942.1569234571&tid=UA-146428914-1&_gid=902800928.1569234571&_r=1&gtm=2ou9b0&z=1307647100

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Sep 2019 10:29:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 167B 0
0 292ms
291ms Document
text/html 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&h=200&slotname=6129251004&adk=2685860993&adf=751016156&w=1090&fwrn=4&lmt=1569157934&rafmt=11&guci=1.2.0.0.2.2.0.0&format=1090x200&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&wgl=1&adsid=NT&dt=1569234570663&bpp=4&bdt=88&fdt=123&idt=123&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=35825803&dssz=28&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=249&ady=180&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=2.n3nc8wboaa54&fsb=1&xpc=cJTmh5ffD9&p=https%3A//www.kora1911.com&dtd=126

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6503249664722230&output=html&h=200&slotname=6129251004&adk=2685860993&adf=751016156&w=1090&fwrn=4&lmt=1569157934&rafmt=11&guci=1.2.0.0.2.2.0.0&format=1090x200&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&wgl=1&adsid=NT&dt=1569234570663&bpp=4&bdt=88&fdt=123&idt=123&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=35825803&dssz=28&mdo=0&mso=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=249&ady=180&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevE%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=2&uci=2.n3nc8wboaa54&fsb=1&xpc=cJTmh5ffD9&p=https%3A//www.kora1911.com&dtd=126
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.kora1911.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm7y5kzqDcr_34hvAlANZRxjmU_7bonHhsYudbq3-tRPHJNIhsCvJrVlLZ5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.kora1911.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 23 Sep 2019 10:29:31 GMT
server: cafe
content-length: 24226
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 images.jpeg
1.bp.blogspot.com/-uPuTkaCk7fk/XRB0jmkrGxI/AAAAAAAAAI4/zFrHCRJldPYLpKgeuP-y7aOZPw-3JblkQCLcBGAs/s400/ 11 KB
11 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-uPuTkaCk7fk/XRB0jmkrGxI/AAAAAAAAAI4/zFrHCRJldPYLpKgeuP-y7aOZPw-3JblkQCLcBGAs/s400/images.jpeg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

7318e875d896470607fef5fd796f18679514f527bab2f5877be3df21eb061395

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="images.jpeg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11035
x-xss-protection: 0
server: fife
etag: "v8f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 19:08:36 GMT

GET
H2 200 thumb.jpg
1.bp.blogspot.com/-SjICTXGl83w/XQIMZgzpfoI/AAAAAAAAAHw/6InG6t7h7nkRBVaFcxcZb9Ayiz4cm1zNQCLcBGAs/s400/ 25 KB
25 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SjICTXGl83w/XQIMZgzpfoI/AAAAAAAAAHw/6InG6t7h7nkRBVaFcxcZb9Ayiz4cm1zNQCLcBGAs/s400/thumb.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

60d201b82f6482c201bc19f055c659f0a0e2baff8f52b4bb74a1302ac915b6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="thumb.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25818
x-xss-protection: 0
server: fife
etag: "v7d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:56 GMT

GET
H2 200 thumb.jpg
1.bp.blogspot.com/-rKUpLvB47i8/XQIKp-eabrI/AAAAAAAAAHk/dDEajLOGVKUQb-H1rIhgOvJu691BQCRLgCLcBGAs/s400/ 26 KB
26 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rKUpLvB47i8/XQIKp-eabrI/AAAAAAAAAHk/dDEajLOGVKUQb-H1rIhgOvJu691BQCRLgCLcBGAs/s400/thumb.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

dc720510f04a50702262886de3108ed282af5c1ccab15104726479f0fc115487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="thumb.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26282
x-xss-protection: 0
server: fife
etag: "v7a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:56 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E481 0
0 147ms
147ms Document
text/html 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&h=90&slotname=8396321698&adk=2376473324&adf=3582494552&w=1096&fwrn=4&lmt=1569157934&rafmt=10&guci=1.2.0.0.2.2.0.0&format=1096x90_0ads_al&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1569234570667&bpp=4&bdt=92&fdt=132&idt=132&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al%2C1090x200&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=143303215&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=1246&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=3.r4vrd6y4qqf5&fsb=1&xpc=ehkdUYdkT0&p=https%3A//www.kora1911.com&dtd=135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6503249664722230&output=html&h=90&slotname=8396321698&adk=2376473324&adf=3582494552&w=1096&fwrn=4&lmt=1569157934&rafmt=10&guci=1.2.0.0.2.2.0.0&format=1096x90_0ads_al&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&fwrattr=true&wgl=1&adsid=NT&dt=1569234570667&bpp=4&bdt=92&fdt=132&idt=132&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al%2C1090x200&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=143303215&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=1246&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=3&uci=3.r4vrd6y4qqf5&fsb=1&xpc=ehkdUYdkT0&p=https%3A//www.kora1911.com&dtd=135
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.kora1911.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm7y5kzqDcr_34hvAlANZRxjmU_7bonHhsYudbq3-tRPHJNIhsCvJrVlLZ5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.kora1911.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 23 Sep 2019 10:29:30 GMT
server: cafe
content-length: 5776
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 %25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.png
1.bp.blogspot.com/-SEf5U5r6TX0/XRxiCEqsW9I/AAAAAAAAAJ0/VY99s8gJm6QIKzhl-o9OcotB3DpK0_WIQCLcBGAs/s400/ 11 KB
11 KB 7ms
6ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SEf5U5r6TX0/XRxiCEqsW9I/AAAAAAAAAJ0/VY99s8gJm6QIKzhl-o9OcotB3DpK0_WIQCLcBGAs/s400/%25D8%25AA%25D9%2586%25D8%25B2%25D9%258A%25D9%2584.png

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

efdbef0e647bdec98530e1374bf02744aace700985e982ff5a1b19add4d68639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="_____.png";filename*=UTF-8''%D8%AA%D9%86%D8%B2%D9%8A%D9%84.png
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 11315
x-xss-protection: 0
server: fife
etag: "v9e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:56 GMT

GET
H2 200 PARC.jpg
1.bp.blogspot.com/-LcOTdnGmTn4/XPK9Z-GexlI/AAAAAAAAAEE/gr5V0a9vqnIJBHLqIGwwWibMkH2cMntQgCPcBGAYYCw/s400/ 36 KB
36 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-LcOTdnGmTn4/XPK9Z-GexlI/AAAAAAAAAEE/gr5V0a9vqnIJBHLqIGwwWibMkH2cMntQgCPcBGAYYCw/s400/PARC.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

cb5563da5c934368d72a0109d774f9795c515f79c4ef92a68843361b0773a0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="PARC.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 36633
x-xss-protection: 0
server: fife
etag: "v42"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:56 GMT

GET
H2 200 thumb.jpg
3.bp.blogspot.com/-gyYljcSStrE/XOqmflWnICI/AAAAAAAAALU/Dv8XIzPrVug4MPN0cglxFTdt-ZysX7kwgCLcBGAs/s400/ 30 KB
31 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-gyYljcSStrE/XOqmflWnICI/AAAAAAAAALU/Dv8XIzPrVug4MPN0cglxFTdt-ZysX7kwgCLcBGAs/s400/thumb.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

ee23d4bcf0a9fd330376e7269c73088347e92f36310956246ea3764a60682c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="thumb.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 31154
x-xss-protection: 0
server: fife
etag: "vb6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 15:13:40 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1851 0
0 365ms
365ms Document
text/html 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&h=280&slotname=7494303561&adk=2722845333&adf=3092315985&w=1096&fwrn=4&fwrnh=100&lmt=1569157934&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1096x280&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1569234570671&bpp=5&bdt=96&fdt=174&idt=174&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al%2C1090x200%2C1096x90_0ads_al&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=573212863&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=1336&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=4&uci=4.c9rxhbnc7nqt&fsb=1&xpc=sy2prxzgzT&p=https%3A//www.kora1911.com&dtd=181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6503249664722230&output=html&h=280&slotname=7494303561&adk=2722845333&adf=3092315985&w=1096&fwrn=4&fwrnh=100&lmt=1569157934&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1096x280&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1569234570671&bpp=5&bdt=96&fdt=174&idt=174&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al%2C1090x200%2C1096x90_0ads_al&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=573212863&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=246&ady=1336&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoevEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=4&uci=4.c9rxhbnc7nqt&fsb=1&xpc=sy2prxzgzT&p=https%3A//www.kora1911.com&dtd=181
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.kora1911.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm7y5kzqDcr_34hvAlANZRxjmU_7bonHhsYudbq3-tRPHJNIhsCvJrVlLZ5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.kora1911.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 23 Sep 2019 10:29:31 GMT
server: cafe
content-length: 10024
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 145.jpg
1.bp.blogspot.com/-Fy7JV3niX8g/XXuclAfF-cI/AAAAAAAAAWc/wJkap9s8N1U0mto-gmAkr2N6uoM8u75SgCLcBGAsYHQ/s400/ 43 KB
43 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Fy7JV3niX8g/XXuclAfF-cI/AAAAAAAAAWc/wJkap9s8N1U0mto-gmAkr2N6uoM8u75SgCLcBGAsYHQ/s400/145.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

df242c34fdad0fce265a2cbddd93846215ac9b200b5b928849aa5eef944a9103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="145.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 44031
x-xss-protection: 0
server: fife
etag: "v168"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:56 GMT

GET
H2 200 RDMttL1zYcaI.jpg
2.bp.blogspot.com/-ZQtih0VUDBI/XXd_HFkux0I/AAAAAAAAAVo/LaFRDu8xS6QeXaozQ-oyE96mxpJZGplvgCLcBGAs/s400/ 51 KB
51 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-ZQtih0VUDBI/XXd_HFkux0I/AAAAAAAAAVo/LaFRDu8xS6QeXaozQ-oyE96mxpJZGplvgCLcBGAs/s400/RDMttL1zYcaI.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

2fdffb0989c7402a76a4c0284af54491be6a014a180d14cea415929fbfccec3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="RDMttL1zYcaI.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 52081
x-xss-protection: 0
server: fife
etag: "v15c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 15:13:40 GMT

GET
H2 200 1040467267.jpg
3.bp.blogspot.com/-Qx4yqFSjOtY/XXX6gJN1FRI/AAAAAAAAAUs/Y1DEAM1LxnYQOrttjELzK06lEjCtEDYXgCLcBGAs/s400/ 34 KB
34 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-Qx4yqFSjOtY/XXX6gJN1FRI/AAAAAAAAAUs/Y1DEAM1LxnYQOrttjELzK06lEjCtEDYXgCLcBGAs/s400/1040467267.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

48b2c3eb0fa0e6dcf96d6d98fb0eba6e20cb1610f648d4200e53fab7d93308a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="1040467267.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 34441
x-xss-protection: 0
server: fife
etag: "v14c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 15:13:40 GMT

GET
H2 200 1-1281581.jpg
1.bp.blogspot.com/-_CjYYarIsWk/XXXifSgJ3ZI/AAAAAAAAATA/8sTrD88zvfU3NAlG-C3IwXX7poE04GuUgCLcBGAs/s400/ 25 KB
25 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-_CjYYarIsWk/XXXifSgJ3ZI/AAAAAAAAATA/8sTrD88zvfU3NAlG-C3IwXX7poE04GuUgCLcBGAs/s400/1-1281581.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

a3b5f54e69e621a2fa851664f01758af9de4c44035fa45efa4d2bf7f0b3c54f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="1-1281581.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25438
x-xss-protection: 0
server: fife
etag: "v131"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:56 GMT

GET
H2 200 %25D8%25A5%25D8%25B3%25D8%25A8%25D8%25A7%25D9%2586%25D9%258A%25D8%25A7%2B%25D9%2581%25D9%258A%2B%25D9%2585%25D9%2588%25D8%25A7%25D8%25AC%25D9%2587%25D8%25A9%2B%25D8%25B3%25D9%2587%25D9%2584%25D8%25...
1.bp.blogspot.com/-SYewtH6Y7ks/XXSGyrAG8eI/AAAAAAAAAS0/khu-m6fCJKkojUkd_za_4Me1-YKT8B5pQCLcBGAs/s400/ 17 KB
17 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-SYewtH6Y7ks/XXSGyrAG8eI/AAAAAAAAAS0/khu-m6fCJKkojUkd_za_4Me1-YKT8B5pQCLcBGAs/s400/%25D8%25A5%25D8%25B3%25D8%25A8%25D8%25A7%25D9%2586%25D9%258A%25D8%25A7%2B%25D9%2581%25D9%258A%2B%25D9%2585%25D9%2588%25D8%25A7%25D8%25AC%25D9%2587%25D8%25A9%2B%25D8%25B3%25D9%2587%25D9%2584%25D8%25A9%2B%25D8%25A3%25D9%2585%25D8%25A7%25D9%2585%2B%25D8%25AC%25D8%25B2%25D8%25B1%2B%25D9%2581%25D8%25A7%25D8%25B1%25D9%2588%25D9%2587%2B%25D9%2581%25D9%258A%2B%25D8%25AA%25D8%25B5%25D9%2581%25D9%258A%25D8%25A7%25D8%25AA%2B%25D9%258A%25D9%2588%25D8%25B1%25D9%2588%2B2020.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

90f3bedc5d47d13d46bec6fcb24527c308ab2ad9db1ce47fbeaa93fc500f8093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="_______ __ ______ ____ ____ ___ _____ __ ______ ____ 2020.jpg";filename*=UTF-8''%D8%A5%D8%B3%D8%A8%D8%A7%D9%86%D9%8A%D8%A7%20%D9%81%D9%8A%20%D9%85%D9%88%D8%A7%D8%AC%D9%87%D8%A9%20%D8%B3%D9%87%D9%84%D8%A9%20%D8%A3%D9%85%D8%A7%D9%85%20%D8%AC%D8%B2%D8%B1%20%D9%81%D8%A7%D8%B1%D9%88%D9%87%20%D9%81%D9%8A%20%D8%AA%D8%B5%D9%81%D9%8A%D8%A7%D8%AA%20%D9%8A%D9%88%D8%B1%D9%88%202020.jpg
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17496
x-xss-protection: 0
server: fife
etag: "v12e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Sep 2019 22:05:25 GMT

GET
H2 200 %25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A5%25D9%258A%25D8%25B7%25D8%25A7%25D9%2584%25D9%258A%25D8%25A7-%25D...
1.bp.blogspot.com/-N6dvV3lAfUc/XXR1yR66acI/AAAAAAAAASs/RTwsHBEFnrw5_cVKPHMjr0uL8twci9DCQCEwYBhgL/s400/ 18 KB
18 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-N6dvV3lAfUc/XXR1yR66acI/AAAAAAAAASs/RTwsHBEFnrw5_cVKPHMjr0uL8twci9DCQCEwYBhgL/s400/%25D9%2585%25D8%25B4%25D8%25A7%25D9%2587%25D8%25AF%25D8%25A9-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B1%25D8%25A7%25D8%25A9-%25D8%25A5%25D9%258A%25D8%25B7%25D8%25A7%25D9%2584%25D9%258A%25D8%25A7-%25D9%2588%25D9%2581%25D9%2586%25D9%2584%25D9%2586%25D8%25AF%25D8%25A7-%25D8%25A8%25D8%25AB-%25D9%2585%25D8%25A8%25D8%25A7%25D8%25B4%25D8%25B1.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

244a504ab5fcf8c0f76d324ffe77b30c994311a80e46022cda683c0a941bccde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="______-______-_______-_______-__-_____.jpg";filename*=UTF-8''%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9-%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9-%D8%A5%D9%8A%D8%B7%D8%A7%D9%84%D9%8A%D8%A7-%D9%88%D9%81%D9%86%D9%84%D9%86%D8%AF%D8%A7-%D8%A8%D8%AB-%D9%85%D8%A8%D8%A7%D8%B4%D8%B1.jpg
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 18546
x-xss-protection: 0
server: fife
etag: "v12b"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 17 Sep 2019 22:05:25 GMT

GET
H2 200 FB_IMG_1561626394639.jpg
1.bp.blogspot.com/-ZxyNCwH0SPY/XRSHUAVdDiI/AAAAAAAAAJg/9hidIOFlMY4v_6u-M_x6UguAF-uuwOX9ACEwYBhgL/s400/ 24 KB
24 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZxyNCwH0SPY/XRSHUAVdDiI/AAAAAAAAAJg/9hidIOFlMY4v_6u-M_x6UguAF-uuwOX9ACEwYBhgL/s400/FB_IMG_1561626394639.jpg

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

fd7d75152368853d3047e403ce554fb3307e3615050afa05a93d7dcc2eb83d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="FB_IMG_1561626394639.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24774
x-xss-protection: 0
server: fife
etag: "v98"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:59 GMT

GET
H2 200 20190531110247.jpg
4.bp.blogspot.com/-Z8fp1CKCRwI/XPKJ0ypSSHI/AAAAAAAAADU/bY1XNHjyaxgchLlKr_TNDbCYQOxqwkfGACLcBGAs/s400/ 21 KB
21 KB 11ms
7ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-Z8fp1CKCRwI/XPKJ0ypSSHI/AAAAAAAAADU/bY1XNHjyaxgchLlKr_TNDbCYQOxqwkfGACLcBGAs/s400/20190531110247.jpg

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

3aa20bdc2192106734e14691159f8b885bb8b017350ee9f25e97376cd67e1ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:52 GMT
x-content-type-options: nosniff
age: 338
status: 200
content-disposition: inline;filename="20190531110247.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 21135
x-xss-protection: 0
server: fife
etag: "v36"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 18:20:12 GMT

GET
H2 200 b063158913199d15f5414a2410b1e298b1b7bc66-230419105749.jpg
2.bp.blogspot.com/-zJMAHnt8L6g/XNGNW1jXW-I/AAAAAAAAABk/1ZLpafd3TDQJkVbXifmXbgFiY-cQ4svCACLcBGAs/s400/ 29 KB
29 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-zJMAHnt8L6g/XNGNW1jXW-I/AAAAAAAAABk/1ZLpafd3TDQJkVbXifmXbgFiY-cQ4svCACLcBGAs/s400/b063158913199d15f5414a2410b1e298b1b7bc66-230419105749.jpg

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

4bc66518196249e2fab7f87c185f7b294c8ac743775f50d0f822224b5b299a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="b063158913199d15f5414a2410b1e298b1b7bc66-230419105749.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 29959
x-xss-protection: 0
server: fife
etag: "v1a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 15:13:40 GMT

GET
H2 200 %25D9%2585%25D8%25B3%25D9%2584%25D8%25B3%25D9%2584%2B%25D8%25AD%25D8%25AF%25D9%2588%25D8%25AA%25D8%25A9%2B%25D9%2585%25D8%25B1%25D8%25A9%2B%25D8%25A8%25D8%25B7%25D9%2588%25D9%2584%25D8%25A9%2B%25D8...
2.bp.blogspot.com/-99VFlFiYkzw/XN5WckfVqzI/AAAAAAAAAYw/w0FpJOklp4M2IhLjKUO0M6R__vWnahU0ACLcBGAs/s400/ 25 KB
25 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-99VFlFiYkzw/XN5WckfVqzI/AAAAAAAAAYw/w0FpJOklp4M2IhLjKUO0M6R__vWnahU0ACLcBGAs/s400/%25D9%2585%25D8%25B3%25D9%2584%25D8%25B3%25D9%2584%2B%25D8%25AD%25D8%25AF%25D9%2588%25D8%25AA%25D8%25A9%2B%25D9%2585%25D8%25B1%25D8%25A9%2B%25D8%25A8%25D8%25B7%25D9%2588%25D9%2584%25D8%25A9%2B%25D8%25BA%25D8%25A7%25D8%25AF%25D8%25A9%2B%25D8%25B9%25D8%25A8%25D8%25AF%2B%25D8%25A7%25D9%2584%25D8%25B1%25D8%25A7%25D8%25B2%25D9%2582.jpg

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

b87316e9cb0833ec42a1baf793750839c6118f750ec4512a42ef9d96450b6a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="_____ _____ ___ _____ ____ ___ ______.jpg";filename*=UTF-8''%D9%85%D8%B3%D9%84%D8%B3%D9%84%20%D8%AD%D8%AF%D9%88%D8%AA%D8%A9%20%D9%85%D8%B1%D8%A9%20%D8%A8%D8%B7%D9%88%D9%84%D8%A9%20%D8%BA%D8%A7%D8%AF%D8%A9%20%D8%B9%D8%A8%D8%AF%20%D8%A7%D9%84%D8%B1%D8%A7%D8%B2%D9%82.jpg
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25201
x-xss-protection: 0
server: fife
etag: "v18d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 15:13:40 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2501 0
0 289ms
288ms Document
text/html 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503249664722230&output=html&h=280&adk=513214378&adf=446550095&w=343&fwrn=4&fwrnh=100&lmt=1569157934&rafmt=1&to=qs&pwprc=1253768548&guci=1.2.0.0.2.2.0.0&format=343x280&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1569234570880&bpp=3&bdt=305&fdt=4&idt=4&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al%2C1090x200%2C1096x90_0ads_al%2C1096x280&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=9171405823&dssz=32&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=988&ady=2613&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopveEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=5&uci=5.ncxjm2jz6ae&fsb=1&xpc=vjt0mt4OAx&p=https%3A//www.kora1911.com&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6503249664722230&output=html&h=280&adk=513214378&adf=446550095&w=343&fwrn=4&fwrnh=100&lmt=1569157934&rafmt=1&to=qs&pwprc=1253768548&guci=1.2.0.0.2.2.0.0&format=343x280&url=https%3A%2F%2Fwww.kora1911.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1569234570880&bpp=3&bdt=305&fdt=4&idt=4&shv=r20190918&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x90_0ads_al%2C1090x200%2C1096x90_0ads_al%2C1096x280&nras=1&correlator=1760147223411&frm=20&pv=1&ga_vid=1704187942.1569234571&ga_sid=1569234571&ga_hid=681286053&ga_fc=0&iag=0&icsg=9171405823&dssz=32&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=988&ady=2613&biw=1588&bih=1200&scr_x=0&scr_y=0&eid=370204019&oid=3&ref=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopveEbr%7C&abl=CS&pfx=0&fu=144&bc=31&ifi=5&uci=5.ncxjm2jz6ae&fsb=1&xpc=vjt0mt4OAx&p=https%3A//www.kora1911.com&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.kora1911.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm7y5kzqDcr_34hvAlANZRxjmU_7bonHhsYudbq3-tRPHJNIhsCvJrVlLZ5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.kora1911.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 23 Sep 2019 10:29:31 GMT
server: cafe
content-length: 29543
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 FB_IMG_1561614582968.jpg
1.bp.blogspot.com/-ggk8r8raD1k/XRRbrYM0klI/AAAAAAAAAJQ/bel40AYjCU0cvXJPHUBCy1qDk--s7E8BQCLcBGAs/s400/ 41 KB
41 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ggk8r8raD1k/XRRbrYM0klI/AAAAAAAAAJQ/bel40AYjCU0cvXJPHUBCy1qDk--s7E8BQCLcBGAs/s400/FB_IMG_1561614582968.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

74ffd347cff5bf2d7c438c889f8a1d4210c2bf096710ed2976cf0773ee861ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="FB_IMG_1561614582968.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42160
x-xss-protection: 0
server: fife
etag: "v95"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:59 GMT

GET
H2 200 2019-1-27-18-57-10-638-jpg-91565033377615563.jpg
1.bp.blogspot.com/-2aDiPhlRJqk/XQIZseJTk_I/AAAAAAAAAII/NO6UVe0aSlU6kTRdLVcaHlTyV8NsmkKKgCLcBGAs/s400/ 34 KB
34 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-2aDiPhlRJqk/XQIZseJTk_I/AAAAAAAAAII/NO6UVe0aSlU6kTRdLVcaHlTyV8NsmkKKgCLcBGAs/s400/2019-1-27-18-57-10-638-jpg-91565033377615563.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

c1afed7fc48a8d9f03189df9af482ca0e36394366b8d68090811c155bb454cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="2019-1-27-18-57-10-638-jpg-91565033377615563.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 34499
x-xss-protection: 0
server: fife
etag: "v83"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:59 GMT

GET
H2 200 Shutdown-e1430516956115-1024x512.png
1.bp.blogspot.com/-ZoQRre97KMM/XQDOcsL6sYI/AAAAAAAAAG0/lX8Of-9CzlENFPsQp32i5kMyVXlGEV6dQCLcBGAs/s400/ 49 KB
49 KB 8ms
7ms Image
image/png 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ZoQRre97KMM/XQDOcsL6sYI/AAAAAAAAAG0/lX8Of-9CzlENFPsQp32i5kMyVXlGEV6dQCLcBGAs/s400/Shutdown-e1430516956115-1024x512.png

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

619ec69eee1ff0ac9237fdee33d197d061e02705ade7d763cb4f99bf4c3ca4d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="Shutdown-e1430516956115-1024x512.png"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 49908
x-xss-protection: 0
server: fife
etag: "v6e"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:59 GMT

GET
H2 200 %25D8%25A7%25D9%2584%25D8%25B1%25D8%25A8%25D8%25AD-%25D9%2585%25D9%2586-%25D8%25A7%25D8%25AF%25D8%25B3%25D9%2586%25D8%25B3.jpg
2.bp.blogspot.com/-NLaqLrxDYDY/XPJZFmlmLeI/AAAAAAAAAA8/vXYVcpgTDEsUDJQbjNdjBFl5qd6yYMe8wCPcBGAYYCw/s400/ 16 KB
16 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-NLaqLrxDYDY/XPJZFmlmLeI/AAAAAAAAAA8/vXYVcpgTDEsUDJQbjNdjBFl5qd6yYMe8wCPcBGAYYCw/s400/%25D8%25A7%25D9%2584%25D8%25B1%25D8%25A8%25D8%25AD-%25D9%2585%25D9%2586-%25D8%25A7%25D8%25AF%25D8%25B3%25D9%2586%25D8%25B3.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

40fbb22c15d7ea17ee292162766c3d5e33a1e036baadf61dabb5f65f8214fe4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:23:51 GMT
x-content-type-options: nosniff
age: 339
status: 200
content-disposition: inline;filename="_____-__-_____.jpg";filename*=UTF-8''%D8%A7%D9%84%D8%B1%D8%A8%D8%AD-%D9%85%D9%86-%D8%A7%D8%AF%D8%B3%D9%86%D8%B3.jpg
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15956
x-xss-protection: 0
server: fife
etag: "v10"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 15:13:41 GMT

GET
H2 200 FB_IMG_1562143664500.jpg
1.bp.blogspot.com/-4Gf7S9v_vgk/XRxrymugFMI/AAAAAAAAAKM/A1DqOmdpj6kBkjbqM27GsxIPkbCFXTVYQCLcBGAs/s400/ 42 KB
42 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-4Gf7S9v_vgk/XRxrymugFMI/AAAAAAAAAKM/A1DqOmdpj6kBkjbqM27GsxIPkbCFXTVYQCLcBGAs/s400/FB_IMG_1562143664500.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

afcbfe4627d2f0db682e90f85fa1470d47400c1e73e963545c9c50e2a4943aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="FB_IMG_1562143664500.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 43261
x-xss-protection: 0
server: fife
etag: "va4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:59 GMT

GET
H2 200 FB_IMG_1562142558069.jpg
1.bp.blogspot.com/-GQ7wzQeGD_k/XRxntgROs5I/AAAAAAAAAKA/JOKZIjqQScstIP9HKRZtQdN_Xt3_121UQCLcBGAs/s400/ 47 KB
47 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-GQ7wzQeGD_k/XRxntgROs5I/AAAAAAAAAKA/JOKZIjqQScstIP9HKRZtQdN_Xt3_121UQCLcBGAs/s400/FB_IMG_1562142558069.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

ebfc9bce0baa2b50bd661b7df7949bc4b9cabfe3301eece3c469b2797168679f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="FB_IMG_1562142558069.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 47616
x-xss-protection: 0
server: fife
etag: "va1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:59 GMT

GET
H2 200 FB_IMG_1561313667362.jpg
1.bp.blogspot.com/-LH7w3x33bCU/XQ_Bmhr1TmI/AAAAAAAAAIs/MHojzkLWv2gO0pHFqTixIPjX-FixJq8jgCLcBGAs/s400/ 34 KB
35 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-LH7w3x33bCU/XQ_Bmhr1TmI/AAAAAAAAAIs/MHojzkLWv2gO0pHFqTixIPjX-FixJq8jgCLcBGAs/s400/FB_IMG_1561313667362.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

187af8114bb8b6a5e13edd6fbfdc2d9ccaa91c0efdadf0145d175fd36fa0326d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="FB_IMG_1561313667362.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35297
x-xss-protection: 0
server: fife
etag: "v8c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 09:49:59 GMT

GET
H2 200 etetestesjaaaaa-jpg-10340389507816573.jpg
1.bp.blogspot.com/-k-ZCuSj6jzM/XQINyGxeYgI/AAAAAAAAAH8/1qwMuPv6JEsk-kIEsuceO2Qd1B_xZyXYACLcBGAs/s400/ 24 KB
24 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-k-ZCuSj6jzM/XQINyGxeYgI/AAAAAAAAAH8/1qwMuPv6JEsk-kIEsuceO2Qd1B_xZyXYACLcBGAs/s400/etetestesjaaaaa-jpg-10340389507816573.jpg

Requested by

Host: www.kora1911.com
URL: https://www.kora1911.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

db6240c02db589f769c5ae36a075933d64729af045b869709f0cb5b5f6185a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 10:28:01 GMT
x-content-type-options: nosniff
age: 89
status: 200
content-disposition: inline;filename="etetestesjaaaaa-jpg-10340389507816573.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24765
x-xss-protection: 0
server: fife
etag: "v80"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 18 Sep 2019 19:08:37 GMT

GET
DATA 200
OK truncated
/ 392 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e390100bfe885a2e9ba97ae431f047884ff829f61a8f94f6af92d732e3283e25

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 654 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd91cf834a444086b865ceaf8fe7dff3d27fe94c48ec5928a37965dd98dda9aa

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc4a534a246d618974b88bf1e24ce9a302204fc0536b92e129a8c7edce8e3285

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 184 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55118ea8289f5dc149f410eae2e10cfc60b095ee63339879bf6ee9a1e829303e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
whos.amung.us/pingjs/ 28 B
144 B 471ms
111ms Script
text/javascript 67.202.94.93
Steadfast

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=0nqw25e2o0&t=%D9%83%D9%88%D8%B1%D8%A9%20%D8%AA%D8%B1%D8%A7%D9%81%D9%84&c=d&y=https%3A%2F%2Flibraries.huji.ac.il%2Fsites%2Fdefault%2Ffiles%2Fwebform%2Flevarpol-v-tls32.html&a=0&r=74
Requested by: Host: raw.githack.com
URL: https://raw.githack.com/shalhop/2travel.info/master/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.94.93 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS: amung.us
Software: /
Resource Hash: ca452e6b7322603122575c93f80bfbb9bcab08e305a5847ec54a108c22f06794

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 23 Sep 2019 10:29:31 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011909141409590/ 21 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909141409590/amp4ads-host-v0.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190918/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8c0029e5f45b2e6a5eb14c686d0af7e384dcd26a1f35fd1814060467a990475c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kora1911.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "e2b632323a79ab9c"
age: 753528
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 7514
x-xss-protection: 0
server: sffe
date: Sat, 14 Sep 2019 17:10:43 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sun, 13 Sep 2020 17:10:43 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: libraries.huji.ac.il
URL: https://libraries.huji.ac.il/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 13:15:30	Name: IDE Value: AHWqTUm7y5kzqDcr_34hvAlANZRxjmU_7bonHhsYudbq3-tRPHJNIhsCvJrVlLZ5
.kora1911.com/	1970-01-19 03:53:54	Name: _gat_gtag_UA_146428914_1 Value: 1
.kora1911.com/	1970-01-19 03:55:20	Name: _gid Value: GA1.2.902800928.1569234571
.kora1911.com/	1970-01-19 21:25:06	Name: _ga Value: GA1.2.1704187942.1569234571

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cdn.ampproject.org
googleads.g.doubleclick.net
libraries.huji.ac.il
pagead2.googlesyndication.com
raw.githack.com
whos.amung.us
www.fontstatic.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.kora1911.com
www.youtube.com
libraries.huji.ac.il
128.139.7.33
2606:4700:30::681c:1f87
2606:4700:e0::ac40:6d08
2a00:1450:4001:806::2001
2a00:1450:4001:815::2002
2a00:1450:4001:816::200e
2a00:1450:4001:818::2002
2a00:1450:4001:819::2001
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81a::200a
2a00:1450:4001:81b::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2013
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
67.202.94.93
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05081103d0687c342c33f2f07f0e9aad576e9fb26fdb5564f510d6a76c656cf1
0d0584f13aabe7ef0f2ecb0c668efc398885a0810c06022b240bb06c3f66bde6
1572db5eedd96375fca4c86c7e145981634e07999fa7baa01ccec7ced18b194c
187af8114bb8b6a5e13edd6fbfdc2d9ccaa91c0efdadf0145d175fd36fa0326d
1bd2b0cff6687463465b7b3bad801becdd9af8f6e7a27c05d53a449dfc230ccc
244a504ab5fcf8c0f76d324ffe77b30c994311a80e46022cda683c0a941bccde
2fdffb0989c7402a76a4c0284af54491be6a014a180d14cea415929fbfccec3a
3a96269ebd1d5bb4f34e34c40aa42a5f980ad1751336bde61d7aae4aa81dcdea
3aa20bdc2192106734e14691159f8b885bb8b017350ee9f25e97376cd67e1ed6
40fbb22c15d7ea17ee292162766c3d5e33a1e036baadf61dabb5f65f8214fe4f
48b2c3eb0fa0e6dcf96d6d98fb0eba6e20cb1610f648d4200e53fab7d93308a9
490ebee91fe15ae118d591f453b1fecc1404722aff3816ef1c9fa1fbcffea29f
4bc66518196249e2fab7f87c185f7b294c8ac743775f50d0f822224b5b299a43
4f7df343b4bff8c2b03935d9f5d7c262c1d6c67a4b1b005aeeab6d815267d5af
4fdc768f304b2ec9274d11512decb48daa1d31a5331540f6b49a3784f2f6269f
55118ea8289f5dc149f410eae2e10cfc60b095ee63339879bf6ee9a1e829303e
60d201b82f6482c201bc19f055c659f0a0e2baff8f52b4bb74a1302ac915b6ae
619ec69eee1ff0ac9237fdee33d197d061e02705ade7d763cb4f99bf4c3ca4d5
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
7059c6064a3458ffc012b176fdf14c939a3df2886c28bea3864a2776a9a67056
7318e875d896470607fef5fd796f18679514f527bab2f5877be3df21eb061395
74ffd347cff5bf2d7c438c889f8a1d4210c2bf096710ed2976cf0773ee861ae6
7969a95ed1d72454dfb8cc0f15725bb67ce8dd9ff650e189e2a8afdb6c42a7fe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c0029e5f45b2e6a5eb14c686d0af7e384dcd26a1f35fd1814060467a990475c
90f3bedc5d47d13d46bec6fcb24527c308ab2ad9db1ce47fbeaa93fc500f8093
96ebe6b9c0282497b3c8792a8f05f40f3973b9426d2a1c16993b210d31dad6cd
a3b5f54e69e621a2fa851664f01758af9de4c44035fa45efa4d2bf7f0b3c54f7
afcbfe4627d2f0db682e90f85fa1470d47400c1e73e963545c9c50e2a4943aec
b6a29b91d709c0cd30b48ac4792b4d3d86ce0a5faa01f21becc842719e6847ff
b828b9394042c891d554cd5b25bb5e7ae6e199c9069379154e00f3a47f86866c
b87316e9cb0833ec42a1baf793750839c6118f750ec4512a42ef9d96450b6a0d
c1313e81a9937da2242d15e35fb1f5eca10771264fe10c94c89ce134dd85db46
c1afed7fc48a8d9f03189df9af482ca0e36394366b8d68090811c155bb454cd2
ca452e6b7322603122575c93f80bfbb9bcab08e305a5847ec54a108c22f06794
cb5563da5c934368d72a0109d774f9795c515f79c4ef92a68843361b0773a0cb
cc4a534a246d618974b88bf1e24ce9a302204fc0536b92e129a8c7edce8e3285
d42acdba6ef735791d8e8a8be952608011824ef9022f6878e21c9c7685c41e75
d5eea6136038c5300119732567f23bca6b7c496236e275d87f4bc006a10843d0
d6c7c07fbe4a5de6dad07d3e77b19b7d6cbcc280f2decf73a5ae64fddf9a7d41
db6240c02db589f769c5ae36a075933d64729af045b869709f0cb5b5f6185a18
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc720510f04a50702262886de3108ed282af5c1ccab15104726479f0fc115487
df242c34fdad0fce265a2cbddd93846215ac9b200b5b928849aa5eef944a9103
e390100bfe885a2e9ba97ae431f047884ff829f61a8f94f6af92d732e3283e25
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebfc9bce0baa2b50bd661b7df7949bc4b9cabfe3301eece3c469b2797168679f
eccd83fa50618aa7a75e2e56f9d655635289839dc99a49368e05075a5ee614b8
ee23d4bcf0a9fd330376e7269c73088347e92f36310956246ea3764a60682c0f
ee7eed961468344fb512eb3cbd5b9ab31bd75a04981014a112519dd8ab46f7fc
efdbef0e647bdec98530e1374bf02744aace700985e982ff5a1b19add4d68639
f26785f085b624fd247d29b9cfb7415eea6e5203ee09692dd15980c7c6397f49
f4e55c93d94594a3ca6ccdea3a0a112b6056613eda3b0efc127528c02b3813cf
fae6a1a005964f5722cc71b7bf791704cba10cbc0a585ed869de912a37b9ce13
fc210097c624aab58388cb77889ef8f56a5fdf2192a1ff0df46153bdee5b9ce0
fd7d75152368853d3047e403ce554fb3307e3615050afa05a93d7dcc2eb83d77
fd91cf834a444086b865ceaf8fe7dff3d27fe94c48ec5928a37965dd98dda9aa

www.kora1911.com Open in urlscan Pro 2a00:1450:4001:81f::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

98 %HTTPS

88 %IPv6

16 Domains

19 Subdomains

18 IPs

3 Countries

1728 kBTransfer

2694 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kora1911.com Open in urlscan Pro
2a00:1450:4001:81f::2013 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

98 %
HTTPS

88 %
IPv6

16
Domains

19
Subdomains

18
IPs

3
Countries

1728 kB
Transfer

2694 kB
Size

4
Cookies

66 HTTP transactions
5 data transactions