urlscan.io logo urlscan.io
SecurityTrails logo

bola.tempo.co Open in urlscan Pro
65.9.95.84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bola.tempo.co/read/1740228/di
Effective URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Submission: On December 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 139 IPs in 14 countries across 87 domains to perform 746 HTTP transactions. The main IP is 65.9.95.84, located in United States and belongs to AMAZON-02, US. The main domain is bola.tempo.co. The Cisco Umbrella rank of the primary domain is 879626.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 3rd 2023. Valid for: a year.
This is the only time bola.tempo.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 65.9.95.84 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:264... 16509 (AMAZON-02)
2 39 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 223.119.20.21 58453 (CMI-INT-H...)
1 65.9.95.100 16509 (AMAZON-02)
5 2.19.122.48 20940 (AKAMAI-ASN1)
17 2600:9000:212... 16509 (AMAZON-02)
1 139.99.126.163 16276 (OVH)
21 41.63.96.2 22822 (LLNW)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2.19.105.180 16625 (AKAMAI-AS)
1 18.66.97.37 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 65.9.95.38 16509 (AMAZON-02)
11 136.243.84.75 24940 (HETZNER-AS)
1 2600:9000:212... 16509 (AMAZON-02)
1 2a04:4e42::714 54113 (FASTLY)
20 2a00:1450:400... 15169 (GOOGLE)
2 52.220.193.46 16509 (AMAZON-02)
15 188.65.124.90 41690 (DAILYMOTI...)
14 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.19 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 146.75.120.157 54113 (FASTLY)
1 65.9.99.119 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 185.64.189.226 62713 (AS-PUBMATIC)
8 188.65.124.58 41690 (DAILYMOTI...)
3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 34.102.146.192 396982 (GOOGLE-CL...)
60 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.95.6 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
3 162.19.138.119 16276 (OVH)
1 139.99.126.164 16276 (OVH)
1 54.220.142.223 16509 (AMAZON-02)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 34.199.59.187 14618 (AMAZON-AES)
4 18.66.97.99 16509 (AMAZON-02)
20 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 95 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 133.186.12.51 10010 (TOKAI TOK...)
4 2a02:2638:3::12 44788 (ASN-CRITE...)
1 8 2a00:1450:400... 15169 (GOOGLE)
52 2a00:1450:400... 15169 (GOOGLE)
33 142.250.184.198 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 178.250.1.6 44788 (ASN-CRITE...)
3 23.197.128.137 16625 (AKAMAI-AS)
1 1 54.237.176.146 14618 (AMAZON-AES)
3 2600:9000:223... 16509 (AMAZON-02)
2 6 2a02:2638:3::c 44788 (ASN-CRITE...)
9 17 142.250.185.162 15169 (GOOGLE)
6 12 172.64.151.101 13335 (CLOUDFLAR...)
8 20 37.252.173.215 29990 (ASN-APPNEX)
9 2a02:2638:3::1a 44788 (ASN-CRITE...)
10 2606:4700::68... 13335 (CLOUDFLAR...)
6 216.58.206.34 15169 (GOOGLE)
2 138.201.220.30 24940 (HETZNER-AS)
2 2a02:2638:3::9 44788 (ASN-CRITE...)
2 2a02:2638:d::c 44788 (ASN-CRITE...)
1 2.16.164.25 20940 (AKAMAI-ASN1)
1 4 78.46.111.106 24940 (HETZNER-AS)
1 2 52.18.63.104 16509 (AMAZON-02)
1 183.79.248.252 24572 (YAHOO-JP-...)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.226 15169 (GOOGLE)
2 91.121.248.44 16276 (OVH)
1 2 216.58.206.38 15169 (GOOGLE)
1 1 94.23.99.218 16276 (OVH)
10 2600:1f18:1ac... 14618 (AMAZON-AES)
2 2406:da12:fbe... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 151.101.67.52 54113 (FASTLY)
2 65.9.90.93 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.39 16509 (AMAZON-02)
2 34.107.231.31 396982 (GOOGLE-CL...)
1 188.65.124.91 41690 (DAILYMOTI...)
1 188.65.124.66 41690 (DAILYMOTI...)
1 2620:116:800d... 16509 (AMAZON-02)
5 52.223.40.198 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 178.250.1.9 44788 (ASN-CRITE...)
2 2 37.157.6.233 198622 (ADFORM)
2 35.186.253.211 15169 (GOOGLE)
3 3 46.228.174.117 56396 (AMOBEE)
1 133.186.12.50 10010 (TOKAI TOK...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3.75.37.27 16509 (AMAZON-02)
1 147.75.84.158 54825 (PACKET)
1 188.42.34.65 7979 (SERVERS-COM)
1 88.221.125.39 16625 (AKAMAI-AS)
1 2607:4f00:944... 55081 (24SHELLS)
2 23.88.17.186 24940 (HETZNER-AS)
2 162.210.196.208 30633 (LEASEWEB-...)
2 2a02:6b8::90 13238 (YANDEX)
1 3.120.213.234 16509 (AMAZON-02)
2 185.86.138.32 201081 (SMARTADSE...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2602:803:c003... 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 216.52.2.16 32475 (SINGLEHOP...)
1 185.106.140.18 7979 (SERVERS-COM)
2 51.89.9.251 16276 (OVH)
2 184.30.16.183 16625 (AKAMAI-AS)
1 74.125.133.157 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 43.129.34.52 ()
1 131.153.158.209 ()
1 2606:4700:303... ()
1 2606:4700:20:... ()
1 23.35.228.23 ()
2 2.19.217.60 ()
2 13.248.245.213 ()
1 138.201.8.249 ()
1 35.157.73.176 ()
1 198.47.127.19 ()
1 141.95.98.65 ()
1 69.173.144.165 ()
746 139
28    65.9.95.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-84.prg50.r.cloudfront.net
bola.tempo.co
www.tempo.co
9    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
15    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2600:9000:2646:c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
39    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
2    223.119.20.21 (Hong Kong)

ASN58453 (CMI-INT-HK Level 30, Tower 1, HK)
scripts.jixie.media
1    65.9.95.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-100.prg50.r.cloudfront.net
pixel.cosmose.co
5    2.19.122.48 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-122-48.deploy.static.akamaitechnologies.com
analytics.tiktok.com
17    2600:9000:2127:2c00:1:3676:a640:93a1 (United States)

ASN16509 (AMAZON-02, US)
statik.tempo.co
1    139.99.126.163 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: tinong247.vn
click.advertnative.com
21    41.63.96.2 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-41-63-96-2.hhn.llnw.net
statics.dmcdn.net
static1.dmcdn.net
vendorlist.dmcdn.net
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net
static.hotjar.com
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    65.9.95.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-38.prg50.r.cloudfront.net
www.tempo.co
11    136.243.84.75 (Mehlingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de
go.rcvlink.com
st11.rcvlink.com
1    2600:9000:2127:bc00:8:50ba:2500:93a1 (United States)

ASN16509 (AMAZON-02, US)
images-tm.tempo.co
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
20    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    52.220.193.46 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-193-46.ap-southeast-1.compute.amazonaws.com
kaikai-now.sg.cosmose.co
15    188.65.124.90 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: fp.dc3.dailymotion.com
geo.dailymotion.com
api.dailymotion.com
www.dailymotion.com
14    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    13.32.27.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-19.fra56.r.cloudfront.net
script.hotjar.com
3    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    65.9.99.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-99-119.prg50.r.cloudfront.net
js.adsrvr.org
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
8    188.65.124.58 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ebed1.dm.gg
pebed.dm-event.net
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
60    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2250:7400:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
3    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    65.9.95.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-6.prg50.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
15    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
e5914f7e7310376f93d54505df63b4f2.safeframe.googlesyndication.com
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
87dc6a7e1bfdce1605ecb15dc49bb6f3.safeframe.googlesyndication.com
87e221c1dabb468bc443309c456b8d25.safeframe.googlesyndication.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
3    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    139.99.126.164 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip164.ip-139-99-126.net
advertnative.com
1    54.220.142.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-142-223.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
rtbdemand-d.openx.net
1    34.199.59.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-59-187.compute-1.amazonaws.com
ping.chartbeat.net
4    18.66.97.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-99.fra56.r.cloudfront.net
compass.adop.cc
20    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
12    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
95    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2606:4700:10::6816:30fd (United States)

ASN13335 (CLOUDFLARENET, US)
tag.adbro.me
3    133.186.12.51 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p051.net133186012.broadline.ne.jp
cpt.geniee.jp
4    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
8    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
52    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
33    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
s0.2mdn.net
3    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
3    23.197.128.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-128-137.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
1    54.237.176.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-176-146.compute-1.amazonaws.com
pixel.adsafeprotected.com
3    2600:9000:223f:fc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
17    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
12    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
20    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
fra1-ib.adnxs.com
9    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
10    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
www.googleadservices.com
2    138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de
hal9000.redintelligence.net
2    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
2    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    2.16.164.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-164-25.deploy.static.akamaitechnologies.com
s2.dmcdn.net
4    78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de
hal900027.redintelligence.net
2    52.18.63.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-63-104.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    183.79.248.252 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
yads.c.yimg.jp
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
2    91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
2    216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net
5994599.fls.doubleclick.net
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
10    2600:1f18:1aca:4281:5c29:1117:1290:d127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    2406:da12:fbe:4202:41d:1858:3645:ec6 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
data.adop.cc
1    2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)
rec.izooto.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rtbdemand.apiip.net
1    151.101.67.52 (United States)

ASN54113 (FASTLY, US)
rtbpass-us.andbeyond.media
2    65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
2    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    188.65.124.91 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: st.dc3.dailymotion.com
speedtest.dailymotion.com
1    188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com
dmxleo.dailymotion.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
1    2a05:d018:d29:3601:7018:7dc3:a4e8:e820 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    133.186.12.50 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p050.net133186012.broadline.ne.jp
js.genieessp.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    3.75.37.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-37-27.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    188.42.34.65 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    88.221.125.39 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-125-39.deploy.static.akamaitechnologies.com
a.teads.tv
1    2607:4f00:944:0:3eec:efff:fed0:86a2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    23.88.17.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.17.88.23.clients.your-server.de
shb.richaudience.com
2    162.210.196.208 (Bowie, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
bs.yandex.ru
1    3.120.213.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-213-234.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg-apac.smartadserver.com
1    2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
2    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
2    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
2    184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com
cdn.adnxs.com
acdn.adnxs.com
1    74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net
bid.g.doubleclick.net
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
2    43.129.34.52 (None, )

ASN- ()
traid.jixie.io
1    131.153.158.209 (None, )

ASN- ()
id.a-mx.com
1    2606:4700:3035::6815:30d7 (None, )

ASN- ()
adxbid.info
1    2606:4700:20::681a:467 (None, )

ASN- ()
cdn.aralego.net
1    23.35.228.23 (None, )

ASN- ()
contextual.media.net
2    2.19.217.60 (None, )

ASN- ()
eus.rubiconproject.com
2    13.248.245.213 (None, )

ASN- ()
eb2.3lift.com
1    138.201.8.249 (None, )

ASN- ()
sync.richaudience.com
1    35.157.73.176 (None, )

ASN- ()
x.bidswitch.net
1    198.47.127.19 (None, )

ASN- ()
image6.pubmatic.com
1    141.95.98.65 (None, )

ASN- ()
lb.eu-1-id5-sync.com
1    69.173.144.165 (None, )

ASN- ()
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
162 googlesyndication.com
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
e5914f7e7310376f93d54505df63b4f2.safeframe.googlesyndication.com
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
87dc6a7e1bfdce1605ecb15dc49bb6f3.safeframe.googlesyndication.com
87e221c1dabb468bc443309c456b8d25.safeframe.googlesyndication.com
1 MB
77 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
ad.doubleclick.net — Cisco Umbrella Rank: 139
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
1 MB
69 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
csm.eu.criteo.net — Cisco Umbrella Rank: 9625
572 KB
47 tempo.co
bola.tempo.co — Cisco Umbrella Rank: 879626
www.tempo.co — Cisco Umbrella Rank: 233121
statik.tempo.co — Cisco Umbrella Rank: 120149
images-tm.tempo.co — Cisco Umbrella Rank: 906123
706 KB
33 google.com
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
region1.analytics.google.com — Cisco Umbrella Rank: 2693
adservice.google.com — Cisco Umbrella Rank: 93
204 KB
31 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
1 MB
30 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
1 MB
22 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
cdn.adnxs.com — Cisco Umbrella Rank: 1605
fra1-ib.adnxs.com — Cisco Umbrella Rank: 8028
acdn.adnxs.com — Cisco Umbrella Rank: 610
77 KB
22 dmcdn.net
statics.dmcdn.net — Cisco Umbrella Rank: 66636
s2.dmcdn.net — Cisco Umbrella Rank: 14597
static1.dmcdn.net — Cisco Umbrella Rank: 10600
vendorlist.dmcdn.net — Cisco Umbrella Rank: 14271
760 KB
20 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 9522
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971
gum.criteo.com — Cisco Umbrella Rank: 424
mug.criteo.com — Cisco Umbrella Rank: 2811
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16218
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316
dis.criteo.com — Cisco Umbrella Rank: 550
bidder.criteo.com — Cisco Umbrella Rank: 776
82 KB
20 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
1 MB
17 dailymotion.com
geo.dailymotion.com — Cisco Umbrella Rank: 10311
api.dailymotion.com — Cisco Umbrella Rank: 27398
www.dailymotion.com — Cisco Umbrella Rank: 12031
speedtest.dailymotion.com — Cisco Umbrella Rank: 12516
dmxleo.dailymotion.com — Cisco Umbrella Rank: 11551
59 KB
16 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 718
static.adsafeprotected.com — Cisco Umbrella Rank: 602
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
103 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
ajax.googleapis.com — Cisco Umbrella Rank: 340
imasdk.googleapis.com — Cisco Umbrella Rank: 487
535 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
7 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
240 KB
11 rcvlink.com
go.rcvlink.com — Cisco Umbrella Rank: 43372
st11.rcvlink.com — Cisco Umbrella Rank: 53646
96 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
114 KB
8 dm-event.net
pebed.dm-event.net — Cisco Umbrella Rank: 11074
3 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37721
hal900027.redintelligence.net — Cisco Umbrella Rank: 201555
23 KB
6 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
6 adop.cc
compass.adop.cc — Cisco Umbrella Rank: 67436
data.adop.cc — Cisco Umbrella Rank: 74073
8 KB
6 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
rtb.openx.net — Cisco Umbrella Rank: 695
rtbdemand-d.openx.net
1 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
www.linkedin.com — Cisco Umbrella Rank: 629
px4.ads.linkedin.com — Cisco Umbrella Rank: 6419
6 KB
6 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1355
match.adsrvr.org — Cisco Umbrella Rank: 331
insight.adsrvr.org — Cisco Umbrella Rank: 557
4 KB
5 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
eus.rubiconproject.com
token.rubiconproject.com
16 KB
5 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
ut.pubmatic.com — Cisco Umbrella Rank: 7777
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image6.pubmatic.com
153 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 617
149 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 893
id5-sync.com — Cisco Umbrella Rank: 425
35 KB
4 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 15007
rec.izooto.com — Cisco Umbrella Rank: 100725
80 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com
804 B
3 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 4065
sync.richaudience.com
718 B
3 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1196
x.bidswitch.net
872 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1628
mp.4dex.io — Cisco Umbrella Rank: 2346
25 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
74 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 47317
medialead.de — Cisco Umbrella Rank: 46843
851 B
3 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 923
1 KB
3 geniee.jp
cpt.geniee.jp — Cisco Umbrella Rank: 66003
87 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
18 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 cosmose.co
pixel.cosmose.co
kaikai-now.sg.cosmose.co — Cisco Umbrella Rank: 371248
5 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1767
mab.chartbeat.com — Cisco Umbrella Rank: 2658
26 KB
2 jixie.io
traid.jixie.io
849 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
410 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
contextual.media.net
9 KB
2 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10220
1 KB
2 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 12645
605 B
2 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 30104
sync.aralego.com Failed
350 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 24966
4 KB
2 adbro.me
tag.adbro.me — Cisco Umbrella Rank: 25395
11 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
12 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6765
515 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 700
script.hotjar.com — Cisco Umbrella Rank: 933
59 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
90 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
187 KB
2 advertnative.com
click.advertnative.com — Cisco Umbrella Rank: 52581
advertnative.com — Cisco Umbrella Rank: 49565
6 KB
2 jixie.media
scripts.jixie.media — Cisco Umbrella Rank: 36487
16 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com
273 B
1 aralego.net
cdn.aralego.net
1 KB
1 adxbid.info
adxbid.info
3 KB
1 a-mx.com
id.a-mx.com
266 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9875
2 KB
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 650
400 B
1 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 4825
1 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
379 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1601
886 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
168 B
1 genieessp.com
js.genieessp.com — Cisco Umbrella Rank: 42200
159 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258
576 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
714 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
463 B
1 andbeyond.media
rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 44757
159 KB
1 apiip.net
rtbdemand.apiip.net — Cisco Umbrella Rank: 26379
995 B
1 yimg.jp
yads.c.yimg.jp — Cisco Umbrella Rank: 44039
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1455
201 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 713
725 B
1 t.co
t.co — Cisco Umbrella Rank: 589
378 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2789
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 678
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 763
15 KB
0 tokopedia.com Failed
accounts.tokopedia.com Failed
0 ck-ie.com Failed
as.ck-ie.com Failed
746 87
Domain Requested by
95 tpc.googlesyndication.com 1 redirects bola.tempo.co
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
googleads.g.doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
s0.2mdn.net
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
www.gstatic.com
60 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
static.criteo.net
rtbpass-us.andbeyond.media
52 pagead2.googlesyndication.com 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
bola.tempo.co
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
ad.doubleclick.net
s0.2mdn.net
www.googletagservices.com
imasdk.googleapis.com
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
rtbpass-us.andbeyond.media
39 securepubads.g.doubleclick.net 2 redirects bola.tempo.co
securepubads.g.doubleclick.net
www.googletagservices.com
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
compass.adop.cc
30 s0.2mdn.net 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
bola.tempo.co
ad.doubleclick.net
s0.2mdn.net
imasdk.googleapis.com
27 www.tempo.co bola.tempo.co
www.tempo.co
20 www.googletagservices.com securepubads.g.doubleclick.net
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
bola.tempo.co
ads.eu.criteo.com
www.googletagservices.com
s0.2mdn.net
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
googleads.g.doubleclick.net
20 www.gstatic.com www.google.com
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
bola.tempo.co
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
static1.dmcdn.net
www.gstatic.com
googleads.g.doubleclick.net
17 ib.adnxs.com 8 redirects googleads.g.doubleclick.net
rtbpass-us.andbeyond.media
acdn.adnxs.com
17 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
17 statik.tempo.co bola.tempo.co
16 static1.dmcdn.net geo.dailymotion.com
bola.tempo.co
15 www.google.com bola.tempo.co
www.gstatic.com
www.google.com
tpc.googlesyndication.com
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
14 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
bola.tempo.co
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
12 cdn.ampproject.org securepubads.g.doubleclick.net
11 api.dailymotion.com statics.dmcdn.net
10 dt.adsafeprotected.com ad.doubleclick.net
bola.tempo.co
10 cdnjs.cloudflare.com static.criteo.net
s0.2mdn.net
10 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com securepubads.g.doubleclick.net
9 csm.eu.criteo.net ads.eu.criteo.com
9 fonts.googleapis.com bola.tempo.co
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
hal900027.redintelligence.net
8 googleads.g.doubleclick.net 1 redirects 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
pagead2.googlesyndication.com
rtbpass-us.andbeyond.media
googleads.g.doubleclick.net
8 pebed.dm-event.net geo.dailymotion.com
static1.dmcdn.net
6 www.googleadservices.com bola.tempo.co
6 ad.doubleclick.net bola.tempo.co
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
www.googletagservices.com
6 st11.rcvlink.com bola.tempo.co
6 fonts.gstatic.com fonts.googleapis.com
5 go.rcvlink.com bola.tempo.co
go.rcvlink.com
5 analytics.tiktok.com bola.tempo.co
analytics.tiktok.com
4 match.adsrvr.org 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
rtbpass-us.andbeyond.media
scripts.jixie.media
4 hal900027.redintelligence.net 1 redirects 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
hal900027.redintelligence.net
4 gum.criteo.com 2 redirects static.criteo.net
4 cat.nl3.eu.criteo.com ads.eu.criteo.com
4 ads.eu.criteo.com 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
4 compass.adop.cc securepubads.g.doubleclick.net
bola.tempo.co
4 px.ads.linkedin.com 3 redirects snap.licdn.com
3 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
3 fra1-ib.adnxs.com rtbpass-us.andbeyond.media
bola.tempo.co
cdn.adnxs.com
3 imasdk.googleapis.com geo.dailymotion.com
static1.dmcdn.net
imasdk.googleapis.com
3 static.adsafeprotected.com ads.eu.criteo.com
ad.doubleclick.net
3 servedby.flashtalking.com ads.eu.criteo.com
3 cpt.geniee.jp bola.tempo.co
cpt.geniee.jp
3 id5-sync.com cdn.id5-sync.com
rtbpass-us.andbeyond.media
3 cdn.jsdelivr.net securepubads.g.doubleclick.net
compass.adop.cc
3 region1.analytics.google.com www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
bola.tempo.co
3 geo.dailymotion.com statics.dmcdn.net
geo.dailymotion.com
3 statics.dmcdn.net bola.tempo.co
statics.dmcdn.net
3 cdn.izooto.com bola.tempo.co
cdn.izooto.com
2 eb2.3lift.com rtbpass-us.andbeyond.media
adxbid.info
2 eus.rubiconproject.com rtbpass-us.andbeyond.media
eus.rubiconproject.com
2 traid.jixie.io scripts.jixie.media
2 onetag-sys.com rtbpass-us.andbeyond.media
2 fastlane.rubiconproject.com rtbpass-us.andbeyond.media
2 prg-apac.smartadserver.com rtbpass-us.andbeyond.media
2 bs.yandex.ru rtbpass-us.andbeyond.media
2 hb.aralego.com rtbpass-us.andbeyond.media
2 shb.richaudience.com rtbpass-us.andbeyond.media
2 grid.bidswitch.net rtbpass-us.andbeyond.media
2 script.4dex.io rtbpass-us.andbeyond.media
script.4dex.io
2 sync.1rx.io 2 redirects
2 rtb.openx.net 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
rtbpass-us.andbeyond.media
2 c1.adform.net 2 redirects
2 p.adlooxtracking.com bola.tempo.co
p.adlooxtracking.com
2 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 vendorlist.dmcdn.net static1.dmcdn.net
2 c.amazon-adsystem.com bola.tempo.co
c.amazon-adsystem.com
2 data.adop.cc bola.tempo.co
2 5994599.fls.doubleclick.net 1 redirects bola.tempo.co
2 pv.medialead.de hal900027.redintelligence.net
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 fw.adsafeprotected.com 1 redirects ad.doubleclick.net
2 rtb.fr3.eu.criteo.com 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
2 rtb.nl3.eu.criteo.com 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
2 hal9000.redintelligence.net 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
hal900027.redintelligence.net
2 mug.criteo.com bola.tempo.co
2 tag.adbro.me bola.tempo.co
2 oajs.openx.net 1 redirects bola.tempo.co
2 www.google.de bola.tempo.co
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 kaikai-now.sg.cosmose.co pixel.cosmose.co
2 ads.pubmatic.com bola.tempo.co
rtbpass-us.andbeyond.media
2 connect.facebook.net bola.tempo.co
connect.facebook.net
2 www.googletagmanager.com bola.tempo.co
www.googletagmanager.com
2 scripts.jixie.media bola.tempo.co
scripts.jixie.media
2 static.chartbeat.com bola.tempo.co
2 bola.tempo.co 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 lb.eu-1-id5-sync.com rtbpass-us.andbeyond.media
1 image6.pubmatic.com ads.pubmatic.com
1 x.bidswitch.net
1 sync.richaudience.com rtbpass-us.andbeyond.media
1 rtbdemand-d.openx.net rtbpass-us.andbeyond.media
1 contextual.media.net rtbpass-us.andbeyond.media
1 cdn.aralego.net rtbpass-us.andbeyond.media
1 adxbid.info rtbpass-us.andbeyond.media
1 id.a-mx.com rtbpass-us.andbeyond.media
1 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
1 acdn.adnxs.com bola.tempo.co
1 bid.g.doubleclick.net rtbpass-us.andbeyond.media
1 cdn.adnxs.com rtbpass-us.andbeyond.media
1 insight.adsrvr.org js.adsrvr.org
1 rtb.adxpremium.services rtbpass-us.andbeyond.media
1 ap.lijit.com rtbpass-us.andbeyond.media
1 prebid.media.net rtbpass-us.andbeyond.media
1 bidder.criteo.com rtbpass-us.andbeyond.media
1 hbopenbid.pubmatic.com rtbpass-us.andbeyond.media
1 mp.4dex.io rtbpass-us.andbeyond.media
1 tlx.3lift.com rtbpass-us.andbeyond.media
1 ghb.adtelligent.com rtbpass-us.andbeyond.media
1 a.teads.tv rtbpass-us.andbeyond.media
1 ads.betweendigital.com rtbpass-us.andbeyond.media
1 prebid.a-mo.net rtbpass-us.andbeyond.media
1 js.genieessp.com securepubads.g.doubleclick.net
1 87e221c1dabb468bc443309c456b8d25.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 dis.criteo.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cms.quantserve.com 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
1 dmxleo.dailymotion.com static1.dmcdn.net
1 87dc6a7e1bfdce1605ecb15dc49bb6f3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 speedtest.dailymotion.com static1.dmcdn.net
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 www.dailymotion.com geo.dailymotion.com
1 rtbpass-us.andbeyond.media bola.tempo.co
1 rtbdemand.apiip.net bola.tempo.co
1 adservice.google.com 5994599.fls.doubleclick.net
1 rec.izooto.com cdn.izooto.com
1 medialead.de 1 redirects
1 ajax.googleapis.com securepubads.g.doubleclick.net
1 yads.c.yimg.jp cpt.geniee.jp
1 s2.dmcdn.net bola.tempo.co
1 e5914f7e7310376f93d54505df63b4f2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.adsafeprotected.com 1 redirects
1 ping.chartbeat.net bola.tempo.co
1 google-bidout-d.openx.net oa.openxcdn.net
1 analytics.twitter.com bola.tempo.co
1 t.co bola.tempo.co
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 advertnative.com bola.tempo.co
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 px4.ads.linkedin.com bola.tempo.co
1 www.linkedin.com 1 redirects
1 ut.pubmatic.com ads.pubmatic.com
1 www.facebook.com bola.tempo.co
1 js.adsrvr.org www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 mab.chartbeat.com static.chartbeat.com
1 images-tm.tempo.co bola.tempo.co
1 static.hotjar.com bola.tempo.co
1 click.advertnative.com bola.tempo.co
1 pixel.cosmose.co bola.tempo.co
0 accounts.tokopedia.com Failed scripts.jixie.media
0 as.ck-ie.com Failed adxbid.info
0 sync.aralego.com Failed cdn.aralego.net
746 163
Subject Issuer Validity Valid
*.tempo.co
Sectigo RSA Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-14 -
2024-05-13		 a year crt.sh
*.jixie.media
Sectigo RSA Organization Validation Secure Server CA		 2023-09-15 -
2024-08-18		 a year crt.sh
pixel.cosmose.co
Amazon RSA 2048 M02		 2023-12-06 -
2025-01-03		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
click.advertnative.com
R3		 2023-12-16 -
2024-03-15		 3 months crt.sh
*.dmcdn.net
ZeroSSL RSA Domain Secure Site CA		 2023-11-12 -
2024-02-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.rcvlink.com
Thawte TLS RSA CA G1		 2023-09-19 -
2024-10-02		 a year crt.sh
kaikai-now.sg.cosmose.co
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
www.dailymotion.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.dm-event.net
ZeroSSL RSA Domain Secure Site CA		 2023-10-17 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
advertnative.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
adop.cc
Amazon RSA 2048 M01		 2023-08-31 -
2024-09-28		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
adbro.me
GTS CA 1P5		 2023-12-10 -
2024-03-09		 3 months crt.sh
*.geniee.jp
GeoTrust RSA CA 2018		 2023-03-17 -
2024-03-09		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-03 -
2024-02-28		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-14 -
2024-09-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
redintelligence.net
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-08 -
2024-03-03		 3 months crt.sh
api.dmcdn.net
R3		 2023-10-23 -
2024-01-21		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2023-11-30 -
2024-12-29		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
pv.medialead.de
R3		 2023-12-04 -
2024-03-03		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
andbeyond.media
Certainly Intermediate R1		 2023-12-10 -
2024-01-09		 a month crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
speedtest.dailymotion.com
ZeroSSL ECC Domain Secure Site CA		 2023-12-12 -
2024-03-11		 3 months crt.sh
dmxleo.dailymotion.com
ZeroSSL RSA Domain Secure Site CA		 2023-10-27 -
2024-01-25		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.genieessp.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-16 -
2024-11-26		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-28 -
2024-02-26		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.jixie.io
Sectigo RSA Organization Validation Secure Server CA		 2023-05-14 -
2024-06-13		 a year crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-12 -
2024-11-10		 a year crt.sh
adxbid.info
E1		 2023-12-05 -
2024-03-04		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh

This page contains 89 frames:

Primary Page: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Frame ID: ACAE760CD56168CA14B860009A7F00BB
Requests: 212 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: 7620E7A93DCA0CE6A75ADA3658AAFB1B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 64E76B28E60BA75756EC822ED9C21725
Requests: 1 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: 500607FDCA1C3EC7D9F1D797429D688F
Requests: 9 HTTP requests in this frame

Frame: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1D44D3EE11E82EAC26D6538691D449DA
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 70E7704894718189C79E6EB19DA2C16C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=bsd4pqm3mgr2
Frame ID: 5901C355B0B43164ED218175E521EB91
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jdj2bchr0vnu
Frame ID: 65119B8AA9AB4BACBBE75DDE4D361B21
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFqd-B3SAVb2J3bK68JEFkICsp9ifU6P8dLA0Xmxcl5aCfDO4rGDbwGvDETkKClaE9L2tXMeCp7mefV06chsSI1Gd_88naaqICb2U3gE1sgFhzBRuLGBDcDORXNXkCph5Jm8xwJRkX7KREHYtwsOiI9LCkn3TNBm4Z6zG1geBThYkREVSsykh7gKqvya24au_kE7roMj0Zf3xunDRcqlXlZCMl6E5r5oWtImvSWB23TtComqzdns0WJGKie3U864cwNDVAo-rT3L-RFoQD6udj7APwyAkSznmpJlyosqr19w887z_11xBbzY28TEWFQq9HNbNn0KlzS5U1w_FUJLvsioRAPt50st1viXFnRaWnJ-0h5nE&sai=AMfl-YQAPo8UyUHLdSXZV8kHKq0PI-eLkMiUXmdDtL45xGxU36yCi23KUmTAOm3ZIsW9oSJLr5Bk4lNLenVpA8S2YQ94hy9xrZZd2rsCsT3eTEh5zEBwimTMVIk0m-RjbKNymaeDW6n5Y8oxjVF-r3931-XQ&sig=Cg0ArKJSzMPWcGM8IcVbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 2D61BB16412C12AAFCDCEB723B2AA355
Requests: 5 HTTP requests in this frame

Frame: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4128C5C4E584482F4EADB316D6CC239D
Requests: 9 HTTP requests in this frame

Frame: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 64E35AC7514DB51A17B65AC3FB4261CF
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 37E04492D7989F1D24B3338E5F216ED0
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 1AC23E21B83F9EC03AB0A1761C2A7DD4
Requests: 21 HTTP requests in this frame

Frame: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B24321DBD116719C4E72917D2078E562
Requests: 8 HTTP requests in this frame

Frame: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B693622C80CAB9F49F4D6E55CFBE393
Requests: 8 HTTP requests in this frame

Frame: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FEDC6F2FAC456EBAAC8EFB3B3A49CBE
Requests: 16 HTTP requests in this frame

Frame: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A46149A84FD1F75E36F412574A081F3E
Requests: 13 HTTP requests in this frame

Frame: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 14D09CA81EAD2ABFE97F201F84D2D8D0
Requests: 13 HTTP requests in this frame

Frame: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FE770BC0C3B95E85F70A3A2B743166C8
Requests: 8 HTTP requests in this frame

Frame: https://tag.adbro.me/tags/ptag.js
Frame ID: 625DCCD8951552232B20EC4A39652193
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqf47D-wVM7l1opM4JUGaw18nlcWHvEnENmS1oqtVNZcPAw23uAAIOcHqHyV6V1tOUVaDYoWMYBFeCCNCXAIXB2xfv4D4YJrO9kootn7CwQHn0WwKLygCGa9UySvtn6THRExhY-m1DVfRdS5lyecvz1MmRQvUayYIdlBNW-CJuUOUfBlEFT9WMTTowOXctmVRMexOyJZJJ3Mb2eBAMCaLoBPF9wNWaFTWi4NbnMmZKI6f3skT3kf_6R37N9imj1I1WEbby6UtNZhI5oXSVD9x_v31mRivSHjfDUeD5D2tT9tkg2pmX5NwgeN299KdKI9af_vjxex6PPrUB9_jLnXr9ZaxgYRsNc8Z1N0jwWeI&sai=AMfl-YRb8Luptske3b_vzCVtn8VRk47-blczNnlgdJeg0ZhtLoFNDmRHG_zOwIx2v3PoMxIUqZiL-vIbP2eziMa1-P-lFR-fYWfTji1a6ZJzrXNwGkZAhRA57TICS_9-p15u8T-dysfBIGFqE3TZB82YlR2r&sig=Cg0ArKJSzJXHJvMCsOWpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: C36E8BAE0A3A45D48FE64015A7A37CE8
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstas4P8mLyPfuGr3okCm-vKfzTsyx1RchU3wuByJcyvpEp-hNtaMnFaPKyo79kBZHbLgJD-jhcOBBvAPClywJQBjyei4HQM3K9XI8GGsVElkIvX0rOPFyqHYstE2pAfz3D6GAJQ8qpsLO9hdHnohhNTxKVH5ZWP7rurh12nC4-JNMkMPFapH2eJg-I2h03dBDHv5BsE7H0vLS9RFAno40vZsjxhb_OQim5SNN94l5HDzgaGwpwyoQuMl5g4JlWlqQsnpPCC2zuhC29wzAcAjXOVkhTP6BRk5u_vXl7DsOnfigMkcepNeVqiErTOc838RWedtQYKa9HfvWxntvqbbno9tl0U0O1YJUEeSvvV84uOqfEJrqNORj_jot9DKA_yXgRy1AnUjOI&sai=AMfl-YT_M0XgB55nIsX7A--mSf4G_iZodIYiejIJzz0bsQjG3g8R21zwWqcC1EDQWIbYWz9IGZL3rCduCXSabZwl7tNpm-vbphaZ0T99qAkTIxCdcrCpwcNKDYCjVfNK1avytp_0ATvDUaMa99UoTetc3Tj4&sig=Cg0ArKJSzNRBCMUT0euaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 1CDE257B79E17AD547B01F739BD9BC11
Requests: 5 HTTP requests in this frame

Frame: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CBD50889544E926A3BD3221331DD2D5F
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Frame ID: BB326DD7FCC4F5E184B01CC6C7FF72B9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi7vbvGATAB&v=APEucNV5KspmEG3llheAcj-0tCio9M_y9Ujgqoq2Ocg55ovgGg-K_nVOCCoN1-Q8MDfHVX9sBN-cBy-wPBdRYvzAYZA2USKZ1rwfdAB-Jic2YmAWzBuV467i2_cBqyoD1clKTXtWywJaDDT8z3UJuKUCYuS2ABeXf7e4TqUPwAUCM7flfCTsFOk
Frame ID: 3E58B699B06D78B41D8BA6A3ACB47E8B
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Frame ID: F55EFE7C57A45659F7C59208E6FE80A0
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Frame ID: CA3DBAB03751F75ECB73030E50136F3A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNWbMzhMBkC2Tgkiqs7WSzFzsGLsU9iuRFvljJKGyw9TfQzc9zacfUXMnIbGUwj1tUG9kG04hew9PvMTSnFODwb2vHzhrjKsMq2D6ERiLqpeLucz08J2N67bsK22qwvf0zV1shzj24busj7zqL5eQLMchpbAlhby24P8trPJMMDXTfdEl3w
Frame ID: 7173EC076102D1C8B35DDEC2E6243967
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNUclMV00DJVLo421Ze8OmkeocDdIy8F9FGYyp8vw0HIqyK46uPPHnR2VcO-Ol0QkCxHGNfFmrlq20URAveTmEl0zsDFQbXvEB34clGcIQoJEJ-L6qPyy9HK9ciZYMyFpFqUxyOKoolHwPr7DhSif9nroC7lmueFHAX-a5At6Bwl4bGTs9M
Frame ID: 21CF76B4748F839B243593514C218AF9
Requests: 5 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Frame ID: 8E79685CDFD9DE0907AA0988E2AEE470
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1BCD052C532AAA1B63663F1EA7A1CCD0
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bola.tempo.co&us_privacy=1---&gpp=&gpp_sid=-1
Frame ID: DAD36E682C9C6248A0AC207BDA5238CB
Requests: 2 HTTP requests in this frame

Frame: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Frame ID: A54B8D32D1FF41B31E6823D721215D36
Requests: 14 HTTP requests in this frame

Frame: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Frame ID: 10C647C12FB4140CEF220D93AD917896
Requests: 14 HTTP requests in this frame

Frame: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/main.html
Frame ID: FE2CCC4F090CC170001E6891C5EAD91B
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw
Frame ID: 06E50DAE6D86881F9670064E25B396DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw
Frame ID: C376494C23E387B628F5B6A4164B8D60
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: ED4BE286E7D2317EEDADAA038F114342
Requests: 3 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/d94268a0-c59d-4278-9196-e578e8f0747f?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=d94268a0-c59d-4278-9196-e578e8f0747f&type=re&loc=https%253A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rnd=&percentage=false&size_width=300&size_height=600&
Frame ID: 9372AC027ADBED0E8F9672FAFCD82CBB
Requests: 9 HTTP requests in this frame

Frame: https://compass.adop.cc/RE/fa545f0a-3b31-40d2-b6d1-b08b4a418e91?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=fa545f0a-3b31-40d2-b6d1-b08b4a418e91&type=re&loc=https%253A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rnd=&percentage=false&size_width=728&size_height=90&
Frame ID: 5F880525768EC2500E94A7E3A329BCF9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5C4434DCE79B9B7C60C005A802ACE789
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: D588D2C85CD483D82373EDB8B95A4826
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Frame ID: 761FA05D9BF21F0D20528BBA3004CEE2
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: F00B46784D6E2BF9C81245CF11E87BC9
Requests: 1 HTTP requests in this frame

Frame: https://e5914f7e7310376f93d54505df63b4f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 68E48529D8083585203D164F29C8BC2A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 36CEECF2BD96D7C15BB72B1B23D1D381
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYoSE25ohA74CpnyqC7XgiL6dpe02pzpBR0JHQbCO8tLegnG7djM8cpnpj31RIpawzLCRMt9xytjL0nts1Yr4tZHIybAr-kybDDmLGdUAaQBkMpySbPXBideQcHbJxfYfOn-wnkB5nrY1pfvGY2XCIFS9I-M8hXHYux-KsJcOBAaSEKgEVnLHqyA8pIist_zhmh0Zg4zfAe1wi74qbpkMSRXUTRJiSqLrJxMa06rCPXVxa91_bnDaOQpHTFf1Bs8M9nz437NpnAWsLcNp3NPl1TOoKEuyyRBRKJ5ZHMEWkED5fNYhEZbmm1o5xh8q-_DotSWVlPfnlInjltRAacYqgrObyMTg&sai=AMfl-YTyeHCnWqBoRpKrzIembGQh-lO1z_zUs4iaqF3uASFCLQsGyywGsrC706JIt5hkehSh55c3teCwVOml_paQg6U0EElBmvMsBt8oBUDKct5KL4yhICnAWW1sV4qgtSc&sig=Cg0ArKJSzE1QXvcTZfrcEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 603E5FC66B601EEF24E27E27E5830871
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E388E8E26C529EE45556534275491865
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Frame ID: A15B4619FF828F6CB4FEE4D2E0659D70
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4948237637754A14DD7E1514516ED454
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D424F8A24E4F6FB59526C151DEF3BAB1
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 31798FA24F61890488D5B7E11FDAEAFF
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=10586500007403004444998012541027&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 7A2A285791A3F7A02DDB41D0D0797485
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPirgK6qlYMDFdgJogMd5WkIGw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009
Frame ID: 10556E51A87CDB79EF43896107B4162E
Requests: 2 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=10586500007403004444998012541027&a=9e770e2f
Frame ID: 5F68272B040524B65FC2D382CB75A49E
Requests: 6 HTTP requests in this frame

Frame: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Frame ID: 8B9828AC0FA2CBDC9AFEA9AB604D3042
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 1E4393BE93E5A78425EB68467767AB31
Requests: 1 HTTP requests in this frame

Frame: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 150984E04C358B3CA2345EBF36B487F6
Requests: 1 HTTP requests in this frame

Frame: https://87dc6a7e1bfdce1605ecb15dc49bb6f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: BE417C257E073154D5DEC6E8FCC5C438
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: DB5C8139F6EFBC73941CB5620435686D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.609.0_en.html
Frame ID: C3F8D6EFBB05530530C47CD3DA6C386D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CADE5D117D38DDB45FCA7A58AB913E1C
Requests: 1 HTTP requests in this frame

Frame: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: DF72CC10C76273B3F97A697BB4AEAA68
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
Frame ID: 8B4BC16E8A6282B87C172768D4FCB40B
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB6AADA4A32B9CEBC0BE379A3C559975
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 3EA4A35740FA07277C6D8F4B8B477D29
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2D6140298B40E867C653AC6C88A9097D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA9B84EC619C023A1A0DCAB1D0493206
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1143306E9184CD119E5ACF190E4092F8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 20AEDA4E226683185B4BB3E1E50F6A6D
Requests: 2 HTTP requests in this frame

Frame: https://87e221c1dabb468bc443309c456b8d25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7D659DDD0423463F7D0162D534A7CA7B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBhkCMsw6iKczgqSFlm4I45FTxeKcDK8_9sNWbBrS3bCQHrTzZaGxzJYsgUP48U1TG1yob2gVB6_b52irQW6q1GGNESsO655rJio885zx7XzYM57tZxVAAlaQ3V8wEO31m9zMOI3V7SSWzTNvPuko-l0ezMFXql7u2JntKeeIJ5YugE2bhMM8T9gsCAqAoK8YsFhFTF6fr2aVh81B778UpvtAd1o6yEHUQnlN_nw-ljNG5ey4qorqZ2J4WAPG-BO7xFv-9lSCfmTXtuqxNh2LLpEMsIKJeB1WUFcbq7p2TVzdLy8IthOTXlPjj3vBpS5KKWVmRjoN8NIifKLOnh1cde_b-EvltrXSQKlmCHvBX5TRpqoheJS-szoG9KEXq4g&sai=AMfl-YT9q44MO8RoR7SteRQ8xkZTyRjSCX0WektHfV0sx4eQgrWUYDccY5Fl7Qj3ED6FVukA9nfJjxueiev1LzAQaOh1kBhfch6rgTogHOMGqqAMsWaxxiRn9D3subQb3Ak&sig=Cg0ArKJSzDj88OLHVfTkEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 19E072C332BDD38A09EEFADD7D72CE78
Requests: 5 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=dau4z8c&ref=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&upid=ms68wdr&upv=1.1.0&gpp_consent=&gpp_sid=-1
Frame ID: F86B0A2332D6B0666D1C87ACF562A6A7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C47F1AD7D0573BE707233DB5A53FEB60
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C845AD768717F7CB15FB9A5BC32E74D0
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstr9sNzLDepg8OVbJFyWNWj6NDxw7AI67k7CdkUcSv8OrGn-oOQDtWW9uAOsXD3GYiQkBzTFlEdmqJ1lQHUXcVKhR2FJH6-jTA3-esIhEETcHLAbH9VtURyFsGI9azcWGnY-mksjlXkXDb_wTv6vVetgfIkKF4EDAv9BtJXAlHaDwZ21V0Bjnt4ITHRn4AXbtnIYmaGsYx-zcAn3GLbJ-rZF-uAS_ZjhAkivi0hexn9A4fFkc07x9Ilu8NoqfqxeEhfCrPYEDPlaxW4PWy1CCoLprH7yaMLlxYAxR42V6DWqddgJPEZ7XPKRPBzuFfIGwC14D2DBQQsTurowLWgCJzxk2mqlF2-IIaQu49XmzbamkGsXtAap-EzGwOaWw&sai=AMfl-YR1GBstVYrTERVvx6J8RJBFmmcy_GZyetvg6_udyNNP5B6z6TKWbMuxCDYNEAfAsYfudYG49q9XWxShSMg4BkAHxnK4ZrSLQAQolOa8iARioMDQWMR1BOPAkPUdK2Y&sig=Cg0ArKJSzNJiocd5ZALTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0E01646514FF876D62C779225633C79A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: A5F792CE3B3FD7C9C792E93DD528D272
Requests: 16 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Frame ID: CFB7B41D6624E35C524EDF1A32AA788A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 60FF73E9F2347D3F03308FFB1F7C972D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=bola.tempo.co&us_privacy=1---&gpp=&gpp_sid=-1
Frame ID: 59408A744BABE25A3635262E99489FBA
Requests: 2 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 8ACD5254793E1E2FFACA738CE48B0BF7
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 0328309DD941B96A99953D6F355A7457
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 17C4D368487504A1D2D75FC3D79AA69E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C2F377F6FFB10CB3C91BA498FD4C071B
Requests: 3 HTTP requests in this frame

Frame: https://rtbdemand-d.openx.net/w/1.0/pd
Frame ID: 710086AFEBF4C4C4B1C10471C631CF8D
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D380D173A73FF20A50DCB1E2A97BD58D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1702776926875
Frame ID: EB188444D8A443E4FED287085124A382
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4978796979
Frame ID: 692A9728D4C4DF8302CDBF9721779078
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Frame ID: 24FBAD1AB33EABE4A5EDC8C040FEC8BE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Di Balik Eksodus Pemain Chelsea yang Buat Todd Boehly Merugi - Bola Tempo.co

Page URL History Show full URLs

  1. https://bola.tempo.co/read/1740228/di HTTP 302
    https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

746
Requests

95 %
HTTPS

41 %
IPv6

87
Domains

163
Subdomains

139
IPs

14
Countries

11488 kB
Transfer

29785 kB
Size

75
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bola.tempo.co/read/1740228/di HTTP 302
    https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5258532&time=1702776922830&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5258532&time=1702776922830&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5258532%26time%3D1702776922830%26url%3Dhttps%253A%252F%252Fbola.tempo.co%252Fread%252F1740228%252Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5258532&time=1702776922830&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5258532&time=1702776922830&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLph-mhqrLJPwAAAYx1aeUt-_Dah-8pSQA9k-7CUgsaLtA-Dd0U-Do8eyE00OeyCohxCiXDbWlLKA
Request Chain 124
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rid=esp&cc=1
Request Chain 301
  • https://pixel.adsafeprotected.com/rfw/st/1278201/71854812/skeleton.gif?gdpr=1& HTTP 302
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=1
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Request Chain 305
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX5QXN9nhWViryBAQysDCQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMutR-TM5481hrIXxglKomk&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMutR-TM5481hrIXxglKomk%26google_cver%3D1
Request Chain 307
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Request Chain 309
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX5QXBMRhEaqlW-EA88eHAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMutR-TM5481hrIXxglKomk&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMutR-TM5481hrIXxglKomk%26google_cver%3D1
Request Chain 311
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
Request Chain 312
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Request Chain 313
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX5QXN9nhWViryBAQysDCQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMutR-TM5481hrIXxglKomk&google_cver=1
Request Chain 315
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
Request Chain 370
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=tempo.co&sn=ChromeSyncframe&so=0&topUrl=bola.tempo.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=svtXlXxCK3Y0V1JtV0kvWlNaWHl6LzIxYUlEVHJodGE2NDQ3Uy9jTWJuNzFPOSszRFE5Q3VTWlJNekZxNGtBNEM0akRFbkJ5aE9pOFlVWHd3R2lwTlJDUXhPTkliMmw1QkQ0WEUyV2JlZU0ydVovcm1FbDhnTjZESjhVSW44c3JlL3hxQjZBdFB4M1J5UmRwemVMNlNLeDZVbUVEcGQ2L1gyb3ArclNKRysyeE5NZzZhV09FUTVPNlYwVlRERTVrNVdBL1FaSkNMY0NKaXg2bnA4Nm5KL2ZwaWZvYi9EcDVTTk9sRFNHbXIyMUkwQ2d2bEtLZUkwOFRCWTRTQ1BkVjhsdjJXcjNCL093cGhya3JPb3NTTkF1Z1J4QT09fA&cppv=2
Request Chain 376
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CCtvOWlB-Zf-yOo3ugQfjjqvoBtvNp-F0__jXjeESlbTpz8gCEAEg5ceJHmCV2oiCmAegAe2s9skDyAEJqQLVLG2M5al5PuACAKgDAcgDywSqBOwCT9BmAp2k7Jj1SR_YxmHPAgHoz_spJxxpLUZi1Vd3-Fc64v4XZpAc-lwWnbM6wQ3JEOJRCf1G0ZyukLR50n18t_WNrALj2tLXFi5NTEW0hqKJjOVUcI0mgN5XPiyk0OGaLKsmno0sE2cnNkmXGeKMJbA-dhUvEnRb9DZgN4lHE49vbRgLgqmdVztrjqGfbVOJX0xNwwPhQUobdcX1qYH0mO5CMjcGt8LRb4RzfmEZ1BFpwSeT73vxmh1Ryht6vUczMBqRhFZFAmjmqXc04QFozNXHjxbkV9V4j791Insc9rfT5sXl9-BRgHkdOr5-omGn0SdotiIvkv4j47QOWx8Gi-iKjq2nNg_1ELGUBNatsbKKt4K9X7cPW9rwx9gVvY5meBoL0M9aPl9PFltcflgmbWGpnUKdHeTOZZXISUrkHP7EEuNHKT3Pvd1usFjSqEJTo6-CJ6S6bTwTkHbE4rA8OAcpqLbO6QH5UrI3uMAEg_Xn2NwE4AQBiAXflqTYTZIFBAgEGAGSBQQIBRgEoAYugAf75vQlqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ044F0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljpzPysqpWDA5oJF2h0dHBzOi8vd3d3Lm5vcnJvbmEuY29tgAoDyAsBmAyIrbnb0ASiDBQqEgoQ5LSxAu61sQK1uLECrLqxAuINEwiotv2sqpWDAxUNd-AKHWPHCm24E4ME2BMO0BUBgBcBshceChwIABIUcHViLTYyNjA4NzgyNjM1NDQ2NjEY_akS&sigh=hvR8-whGBt0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227875491001789533930%22,%22debug_reporting%22:true,%22destination%22:%22https://norrona.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22960337517%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223591453589141948289%22}&andc=true
Request Chain 435
  • https://hal900027.redintelligence.net/request.php?zone=zu8zmf86i47n&nw=20&renderingType=javascript&namespace=2b463ecb6d&subid=&uid=929981af7e74409c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuKNXWlB-ZfmyOo3ugQfjjqvoBqblvaBpzZacp8kP8C4QASDlx4keYJXaiIKYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgSNAk_QkXk0cZl5TDP2oYtzwNvoN6826t3KaxsY9zXkej8A_4wCAgkJqV3DqBY625xZKHA0Qrkq39-jzwHKNbBKtXz0hi04y-JHcXYBlpQCe3E11MGmcrwAjHfLk1QGFG8-gLjU2m72MRLJShzvuScEW9tgIYf1sgEXpYRIDGvcBBL_t4zAKZjd7zNYh_ZeDcPs1kcFwafePVqzCtwcW0C2HBvKoPlVm5yPF8HPocBC5FeeooLUEhG425gWORgXB4caFsfR4H977xBf_PQ2g5Ms4eFR8x2cUydE1eFqzde25RLER5vcQ9NQw7IBimTzvqCu2gTxk6q-7V7OsU76SXJtAWgkvu1ReORKZLbXzwewwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOnM_KyqlYMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiitv2sqpWDAxUNd-AKHWPHCm2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ%26sig%3DAOD64_1PHXSDm1sRK5iy-p-4IxTiPmUcAQ%26client%3Dca-pub-2578301546053897%26dbm_c%3DAKAmf-AODGNKxXDJGVxRcKq9-TBYli2TwqQ52B-R5lb3Ez-H07nVFUzlWIZ4FhD0sYWLgFVY808_rtTUOnySij6pmO_8Hu7xCw9jxXcOPV1q6jFcxFESMWbsxZVmaUVRIujbjm82UvMwIAXn8zwLQ6WiYsUjjHk0L4utF3iMNDGQS6Cegn0Zob8%26cry%3D1%26dbm_d%3DAKAmf-DaANenpRBSFU8YXEuBopYuGXxw2YbTxDng4NCmvMHzbcBaw6uD4D628eEputw6jXv_X1HBEj_DDOyVzTpM8FfUWmySyEi35m502zsxeQVPY-K_FVUW86wLT_RJhWTy0ddGCt8H640UT3UubqyEjVGaO0K3Wa82R5W8ayOvXVLCWecknO7ET8k2jAoKWWlhvokSqrUYiJUTPK3xAGkayG0cUp6JSCF6t62QOfA3JVIgUo_sAiFVNFpbgJZIxWxul7wips4-FMRwiozojFsh4FTx1LcTFMJmHFthf7mJbHWISmGTpRI9DYa9YQLHi_xH1YZ4Dn91LxcDK8vmCPVpyPJ53pd7QlKKu-UVHjDRLFNw46s2LY5eWUEDzJyXgaYGtHqZSgts_GE36y3hnDSjG0NixZEmMPBVmhPj_qWFn9LVQjHsxZoHtUSl5Rx-PFBijd1qIBgEUN8rTyA0BdYgx92zfUD2Lzq6odVS_Vcbh4er7QVb4uvfXuzLvixZ-ri1LRw_rBxHfU-kh-As1SB8sGZwFE8Wf8cIh0m9w23Sj85pHyJ0tKK05sCj82F7JV1_4JhkiQzGOUVQwkZ5nQk5P_YOQ7f6Y6_45RhITbeSdf3SiuWjuXeIQA4R1ECCnJS77MzIwNPjTGcNARRWroyIrswVzxVSGg%26adurl%3D&documentReferer=https%3A%2F%2Fbola.tempo.co%2F&ancestorOrigins=https%3A%2F%2Fbola.tempo.co&random=710047798638&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900027.redintelligence.net/request.php?zone=zu8zmf86i47n&nw=20&renderingType=javascript&namespace=2b463ecb6d&subid=&uid=929981af7e74409c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuKNXWlB-ZfmyOo3ugQfjjqvoBqblvaBpzZacp8kP8C4QASDlx4keYJXaiIKYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgSNAk_QkXk0cZl5TDP2oYtzwNvoN6826t3KaxsY9zXkej8A_4wCAgkJqV3DqBY625xZKHA0Qrkq39-jzwHKNbBKtXz0hi04y-JHcXYBlpQCe3E11MGmcrwAjHfLk1QGFG8-gLjU2m72MRLJShzvuScEW9tgIYf1sgEXpYRIDGvcBBL_t4zAKZjd7zNYh_ZeDcPs1kcFwafePVqzCtwcW0C2HBvKoPlVm5yPF8HPocBC5FeeooLUEhG425gWORgXB4caFsfR4H977xBf_PQ2g5Ms4eFR8x2cUydE1eFqzde25RLER5vcQ9NQw7IBimTzvqCu2gTxk6q-7V7OsU76SXJtAWgkvu1ReORKZLbXzwewwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOnM_KyqlYMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiitv2sqpWDAxUNd-AKHWPHCm2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ%26sig%3DAOD64_1PHXSDm1sRK5iy-p-4IxTiPmUcAQ%26client%3Dca-pub-2578301546053897%26dbm_c%3DAKAmf-AODGNKxXDJGVxRcKq9-TBYli2TwqQ52B-R5lb3Ez-H07nVFUzlWIZ4FhD0sYWLgFVY808_rtTUOnySij6pmO_8Hu7xCw9jxXcOPV1q6jFcxFESMWbsxZVmaUVRIujbjm82UvMwIAXn8zwLQ6WiYsUjjHk0L4utF3iMNDGQS6Cegn0Zob8%26cry%3D1%26dbm_d%3DAKAmf-DaANenpRBSFU8YXEuBopYuGXxw2YbTxDng4NCmvMHzbcBaw6uD4D628eEputw6jXv_X1HBEj_DDOyVzTpM8FfUWmySyEi35m502zsxeQVPY-K_FVUW86wLT_RJhWTy0ddGCt8H640UT3UubqyEjVGaO0K3Wa82R5W8ayOvXVLCWecknO7ET8k2jAoKWWlhvokSqrUYiJUTPK3xAGkayG0cUp6JSCF6t62QOfA3JVIgUo_sAiFVNFpbgJZIxWxul7wips4-FMRwiozojFsh4FTx1LcTFMJmHFthf7mJbHWISmGTpRI9DYa9YQLHi_xH1YZ4Dn91LxcDK8vmCPVpyPJ53pd7QlKKu-UVHjDRLFNw46s2LY5eWUEDzJyXgaYGtHqZSgts_GE36y3hnDSjG0NixZEmMPBVmhPj_qWFn9LVQjHsxZoHtUSl5Rx-PFBijd1qIBgEUN8rTyA0BdYgx92zfUD2Lzq6odVS_Vcbh4er7QVb4uvfXuzLvixZ-ri1LRw_rBxHfU-kh-As1SB8sGZwFE8Wf8cIh0m9w23Sj85pHyJ0tKK05sCj82F7JV1_4JhkiQzGOUVQwkZ5nQk5P_YOQ7f6Y6_45RhITbeSdf3SiuWjuXeIQA4R1ECCnJS77MzIwNPjTGcNARRWroyIrswVzxVSGg%26adurl%3D&documentReferer=https%3A%2F%2Fbola.tempo.co%2F&ancestorOrigins=https%3A%2F%2Fbola.tempo.co&random=710047798638&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 464
  • https://fw.adsafeprotected.com/rfw/st/1700995/76574792/4.js?adContainerId=brand_safety_XFB-ZYCeH5rVjuwPnsSl-Ao&cbFunctionName=goog_wrapCb_XFB-ZYCeH5rVjuwPnsSl-Ao&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbola.tempo.co&adsafe_type=g&adsafe_url=https%3A%2F%2Fads.eu.criteo.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fad.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN778265.154378CRITEO2%2FB31067358.381188489%3Bdc_ver%3D99.292%3Bsz%3D970x250%3Bu_sd%3D1%3Bgdpr%3D1%3Bdc_adk%3D2517281648%3Bord%3Dn91v5z%3Bclick2%3Dhttps%253A%252F%252Fcat.nl3.eu.criteo.com%252Fdelivery%252Fck.php%253Fcppv%253D3%2526cpp%253DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%2526maxdest%253D%3Buach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%3Bdc_rfl%3D2%2Chttps%253A%252F%252Fbola.tempo.co%242%2Chttps%253A%252F%252F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%252F%240%3Bxdt%3D1%3Bcrlt%3Du3YVkq)mj*%3Bgcsr%3Dm%3Bstc%3D1%3Bchaa%3D1%3Bsttr%3D180%3Bprcl%3Ds&adsafe_type=d&adsafe_jsinfo=,id:1043f0b7-f735-7579-d383-c4d07b4827b4,c:x195fM,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-j8m56,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:tYEKrIq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l11*.1700995-76574792%7C1l111%7C1l112%7C1m1%7C1m21%7C1n%7C1o%7C1p11%7C1q11%7C1r1%7C1s1%7C1s21%7C1t1%7C1t2%7C1u11%7C1v%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1y11%7C1z%7C110%7C111,idMap:1l11*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:16,oid:8cd2d8a7-9c7c-11ee-ae81-6e5d41535cc9,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_XFB-ZYCeH5rVjuwPnsSl-Ao&cbFunctionName=goog_wrapCb_XFB-ZYCeH5rVjuwPnsSl-Ao&true_pb=
Request Chain 468
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPirgK6qlYMDFdgJogMd5WkIGw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009
Request Chain 470
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=10586500007403004444998012541027&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=10586500007403004444998012541027&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 607
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMpoM7DWMyv3ycgsCUTvjkQ&google_cver=1&google_push=AXcoOmTJLV2cCVON2MJYY7a8JBtUr6qrTGIRiFY-VTU5nnnErEdwV1MGEcPqTlulxVuxO1MC38k2RzDTbymfdCqR1SdrFVOFiadgzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTJLV2cCVON2MJYY7a8JBtUr6qrTGIRiFY-VTU5nnnErEdwV1MGEcPqTlulxVuxO1MC38k2RzDTbymfdCqR1SdrFVOFiadgzw&google_hm=eS1kdmpwRzdGRTJwRUM1cUV6Yl9Bc2p6SmozemZHVm56MH5B
Request Chain 608
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQx1AY7cJF0kfznGggIKGJ6XteGfbgd-E8dP-O85w-x6i4FbwNyODLtQI9sk8E8zYt04lXXxj9trAgq1kH27H_V-yxYAwuvzQ&google_gid=CAESENsO0bW9JA3xZgLWUM-jt48&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-39cMI1tF_x3q3JDHPRoHhqDcCeFhrC3-cbvPwQ&google_push=AXcoOmQx1AY7cJF0kfznGggIKGJ6XteGfbgd-E8dP-O85w-x6i4FbwNyODLtQI9sk8E8zYt04lXXxj9trAgq1kH27H_V-yxYAwuvzQ
Request Chain 609
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDVZ_t-Kz86Z0kXUFJPZMEQ&google_cver=1&google_push=AXcoOmSkO5v-qzZVGGuzLojiK5Wsjbw7jb14gxSPpQ2HVpaT3CTiJDERSxihYuvfByAT5-mu6Et2NT_DBt5LhOLvWQLC-T0-e-v-mw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDVZ_t-Kz86Z0kXUFJPZMEQ&google_cver=1&google_push=AXcoOmSkO5v-qzZVGGuzLojiK5Wsjbw7jb14gxSPpQ2HVpaT3CTiJDERSxihYuvfByAT5-mu6Et2NT_DBt5LhOLvWQLC-T0-e-v-mw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcwMzk5Mjg3MjQ3MDc0NzU5MA&google_push=AXcoOmSkO5v-qzZVGGuzLojiK5Wsjbw7jb14gxSPpQ2HVpaT3CTiJDERSxihYuvfByAT5-mu6Et2NT_DBt5LhOLvWQLC-T0-e-v-mw
Request Chain 611
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEGWWLYQj8bIrleM9uCLHVos&google_cver=1&google_push=AXcoOmTnCVojs-yXVpLqca8aLKv-rkg1Ref6yoQCp6n1DmIQP0s5_vl99cH3BgyOBCETlTnexFBSRnzZ0kxYjZDn_N4zEJWtVN6UiQ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTnCVojs-yXVpLqca8aLKv-rkg1Ref6yoQCp6n1DmIQP0s5_vl99cH3BgyOBCETlTnexFBSRnzZ0kxYjZDn_N4zEJWtVN6UiQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1702776926062 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a2b73a26-d189-409c-82eb-06f171304430-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTnCVojs-yXVpLqca8aLKv-rkg1Ref6yoQCp6n1DmIQP0s5_vl99cH3BgyOBCETlTnexFBSRnzZ0kxYjZDn_N4zEJWtVN6UiQ%26google_hm%3DA6K3OibRiUCcgusG8XEwRDA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTnCVojs-yXVpLqca8aLKv-rkg1Ref6yoQCp6n1DmIQP0s5_vl99cH3BgyOBCETlTnexFBSRnzZ0kxYjZDn_N4zEJWtVN6UiQ&google_hm=A6K3OibRiUCcgusG8XEwRDA
Request Chain 623
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Chn7IXVB-ZZriItzB1PIPkLmXqATs46zDdJWv4YzrEdrZHhABIJm1iUNgldqIgpgHoAGtqJ-tKcgBCakCDqjL0mBHsj7gAgCoAwHIA0iqBIoDT9ABaxz7X8VFaZWGCka0RkNBHSRPLgh3ForRmT4Icnd91QjXCsyEcOo0q5DAZKlS_s3GnsaZD20dTExkAbpqdwIHOBjcc9vuGq_28jABzGy5d9wR8kAvcWmcJLUzgbbfliEatLrhzxaBHCemFTr6ODlg9FKSGBioIJkbh9XVAd1JxuExRBJaO2HH5_eeXnEfUzuggBbB7mfDBGmQecj9xO_0Nb0r0Z64kpkvwvMMVbmdRlRGvZ1k7xMqpxrJ7CSaeCSSt-nnUJt9iHnIXQjjFg0MVgz_3-AD41tlZQiG2ICmwh1AJ1MtEB7Png4pzkuGoqAEO70S3pzkLTqnh-h_heFxD0pxhu_1pN9pca53g--g8vTL9Bby3GAu20ewNmQzb7Y64O7YdUL0X58U_aaKyxfGMrTGsTPElerZtXsopK4cRyQLy5cZkDZ8BozOzrpDKdygyPSfYjMORZyCjdHHEk_nZzYXOHgVrJMKOAY-czdR_QjQluKS8CzUB-1F2JOOG74JvWwFvqTtusAEh4rgu8sE4AQBiAXCycOFTZIFBAgEGAGSBQQIBRgEoAYugAet4O-MBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELj_B9IIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYnuudrqqVgwOaCfcBaHR0cHM6Ly93d3cubnVza2luLmNvbS9jb250ZW50L251c2tpbi9kZV9ERS9wcm9kdWN0cy9udXNraW4vc2hvcF9hbGxfcHJvZHVjdHMvYWdlbG9jLXdlbGxzcGEtaW8uaHRtbD91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1faWQ9YjAyYzAwMWEwMDE1NyZ1dG1fY29udGVudD1iYW5uZXJzJnV0bV9jYW1wYWlnbj1kZS1kZS1wcm9kdWN0cy1iYW5uZXJzLXdlbGxzcGEtaW8tYjJjLWFnZS1hbGwtSFRNTDUtYmFubmVyc4AKA8gLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC4g0TCPiVnq6qlYMDFdwgVQgdkNwFRdgTDdAVAYAXAbIXHgocCAASFHB1Yi02NTE0MTQ1ODkxMzk3MjE4GNHUIg&sigh=cOGwwcH3joM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_qCR70WtcVYFmMz_V0_cHnaaX6mZX3eYqg3bgx8O_Rmf6YaSvB6vvmkDuOrA56qeUNthpvwbLYBgB&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225887712007508112870%22,%22debug_reporting%22:true,%22destination%22:%22https://nuskin.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211100738605%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214623530138218526993%22}&andc=true
Request Chain 722
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc HTTP 301
  • https://tpc.googlesyndication.com/simgad/3995853839924061625
Request Chain 724
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CUqCSXlB-ZerONo2unsEP8pOi0Abugp_rdN-z48OBEuHSg8-BChABIOaX1iVglYKAgJQHoAGhwJjxKMgBCagDAcgDywSqBMABT9Dnmh5hfr-v-2XuHzdU_jDCkzncvwkJVGVj1uvAp-lmrkbD30UWmSg8DjP7w-zXxZw55uYTIZhP2gQxJKzFJrr_rH-AvkdzRS4Onmm1AGJGgE8A5AJvPKNLR_xA1U0gtHG7JUmNoabCJpZ97Ap2_eD4yPWMCIBj6AKPuELiq1-d4eDR9E5KHkFlkp_IkNShgFgTBqZd1sI7yviLp1aM2IYnmFegzT0gEaCYhFTOVY-cMwyuilmpSfEj9_PinOGGwATusOCqwQSIBdaDysxNkgUECAQYAZIFBAgFGASgBi6AB538pKMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA0ggfCIDhgBAQARgAMgKqAjoCgEBIvf3BOljJ-cuvqpWDA_IIDmJpZGRlci02NDM1NjIymgmBAmh0dHBzOi8vd3d3LnRlbXUuY29tL2RlL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9NzZ-ZGV-RVVSJmdvb2RzX2lkPTYwMTA5OTUxMjMwNjg1MCZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QxNzgzMzI5LTEmdG9waWNfY2xhc3NpZnk9MTI0gAoEyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLYEwvQFQGAFwGyFwgKBggAEgAYAA&sigh=z7FcqWGzHfo&uach_m=%5BUACH%5D&ase=2&nis=4&pr=10:0.288696&cid=CAQSKQAvHhf_pnvSuhlRuHkAPUQDabYnFMwwhxIobmFd9ahd4TF7J_jNlxXeGAE&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229866786893461902253%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215684186470133609345%22}&andc=true
Request Chain 738
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=tempo.co&sn=ChromeSyncframe&so=3&topUrl=bola.tempo.co&bundle=568N5V9nT0V6UkxubHBGVDZxS0dXUEJCQ2pNdUUzUXU2UmElMkJUTDl4ZGxZRXklMkJ4cVV4NSUyQkozJTJCZ3VwaloyQzB1UkIwY0NvQTRpaDJHNnh5VHRhT1JzWHNTUkZGeSUyRkNWdHdCalV2bERJZ0U0bVVmZjdTNVdzeHpVbEdCbTljajFhekR5WVIzang3NjB3M0czZnE0bWhwQ2JXOVp3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Xttu33xFWWVvUUhFZG1nSHNIKzIwenNQcWt4RFdVMmg4UDcrZ0w4Yks3akIzKzBVdlVLdG1QVHBxeU1oc0gwS1Nqa1RCMGw1UEE1bllXTjc0YmgyaC9GSWIvQXpwbnVvS2VPNzRyZ1NoSVUxTmxPejJhbWl1WTF0bThpa0svVjFTWVJGWUMySElwTC8ydTdlbnl0V0pjWWlVdk9uRDdiYTdKWVFiQ2hmdU9PYVVUdTZ6WUNBZTNIOFdzeW53V3V4WXJsZHhlaFo1UnJ1OFdpL3ZMWWYyNmRRLzhlektscUdLU3lkcXZURG0ySm1xOHZtRkdVdDRlVzd2Vk9ueEZQV3dobFAzaldMeERaOGFCWXRsMThFVW85dHN6UHRrNThiTlBZKzZWMXQ2T2gvVWlpZz18&cppv=2

746 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
bola.tempo.co/read/1740228/
Redirect Chain
  • https://bola.tempo.co/read/1740228/di
  • https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
121 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
f873d2bf0ce5272bae13f93b0e5c193d03f8b3b46fb0d7114cbfe4b9bee1a8ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 01:35:21 GMT
refresh
350; URL=https://bola.tempo.co/read/1810286/rekap-hasil-liga-inggris-pekan-ke-17-manchester-city-seri-chelsea-dan-newcastle-menang?tracking_page_direct
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-id
khdKc8UZFTeLXIK9jr1_Qq6yJGwU-lL9lZpNP3Z9zPwMRWTNppn6eQ==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 01:35:20 GMT
location
https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-id
DgjYCDeEPY9sdUg0PklHq-uGFK3HbFEU8wSPsc7J9gcuVUjzbmaMDw==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 01:35:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Dec 2023 01:08:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 01:35:21 GMT
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@500&display=swap
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7b2384f0711ce8a87cd7d8452a10c4b6e64ab1f4d326135d9f9c33f8a6d1a8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 01:35:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 23:38:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 01:35:21 GMT
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4524b123c36e2220bbd8062b1a33f111235ff03dec0bdab0d46f8f6ebc531cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 01:35:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 23:35:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 01:35:21 GMT
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
24beb835505cc293b2e592cf705f2c4455798643dbbec9f7dec667f2d2d817b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 01:35:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 23:54:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 01:35:21 GMT
css2
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@800&display=swap
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
babad227d4befc005db917f76547905d259662c630535b99b089457460d9147d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 01:35:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 17 Dec 2023 01:24:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 01:35:21 GMT
base.css
www.tempo.co/desktop/css/ 		84 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/css/base.css
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
814c7235a0166d46981ff053ab51e284d1dd78abd81bcfa52ff35c9669436ecf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 13 Dec 2023 04:58:39 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"657939ff-15156"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
PMoHkiGvRFFqITPPyRq37FFXoL0XF-CvGq18J5l2mFalNJX0OYo-Yw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.css
www.tempo.co/desktop/css/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/css/font-awesome.css
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
da2c208d0ee49eee1e3d4767afdcce47e0abcf38118831e449b29896ac0137b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"628672ea-8dd4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
Gx0NonxA-nkCNMod6XfjEefK5xj1ttpdbEQ9nYu_Lr7HDO-D3Xne7g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
slider.css
www.tempo.co/desktop/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/css/slider.css
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
641d1230f5557859984cdb8251c36144b81d44ea2d2abda56fdb5fb99ba9357f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"628672ea-1459"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
Do420r5Oxv5mH5faEwf2huc6-nOqQ7DmHVIGUm4aLlolFIUlleFwDA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
popup.css
www.tempo.co/desktop/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/css/popup.css
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
a657a42d3b974d65d2f57bb039b8a18c302b623cef36006a6fd59ccad1c1024b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"628672ea-2484"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
g3YzNfk7ThF3z7rQzze4vzsLF5nqQpqQm4l7I7Si-KJTlnWAJdo9TQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
mobile.css
www.tempo.co/desktop/css/ 		490 B
630 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/css/mobile.css
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
0691a294bcd3c27b3303b4d2582631da45860159ea3beeb927e165031d216dec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"628672ea-1ea"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
JgTH5LtEQ2Dx1dEGGk6885KAP4pBQpZobdL6kaDgvdJy2N0yeBUwNQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
plus.css
www.tempo.co/desktop/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/css/plus.css
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
826967cd2543a24ea167ebd3b7bcb09f8c90fc78fa5977b4866db453fdcdd492
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 16 Jan 2023 03:12:01 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"63c4c081-18b1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
FwxwUBMyYhpajKVxrePscY3kn8lq4L5ZiNeTFAZBuVtJx2hEZfe9ig==
expires
Thu, 31 Dec 2037 23:55:55 GMT
base.css
www.tempo.co/desktop/css/ 		84 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/css/base.css?tlplkpr6klkyltllmr
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
814c7235a0166d46981ff053ab51e284d1dd78abd81bcfa52ff35c9669436ecf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 13 Dec 2023 04:58:39 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"657939ff-15156"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
eBpRIkmR8QTatWv_BXLvGhnfX3g6oDkfjwHJk26ZhO0QKKdpC0LBJw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
119c0b07119f9e4b8991f91c53cb2648262e7746760d2249135051d08edc59f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 17 Dec 2023 01:35:22 GMT
sweetalert2.all.min.js
www.tempo.co/desktop/js/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/js/sweetalert2.all.min.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
43bd361447317b7c915bafef98f4ea7de91cc83774f4b78cb011fbbd8a0ca293
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Mon, 20 Feb 2023 03:29:09 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"63f2e905-fb5b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
HxV-Vxfza-1MJiWwgSE2NdPYqMpscv1w9g_lUGGZ_lqmQ7lpvw38-w==
chartbeat_mab.js
static.chartbeat.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
73c48a750a107c5809e5b332e74b0f1b32ddd1c24b98f1d9e8febf73322fbb84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 19:53:51 GMT
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 01:53:37 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
20491
etag
W/"657a6021-5f55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
U_K7nTpFhX7WH4V3soisebx6raTJWRGlCUkYRybA7PN4Qo159GnZEA==
expires
Sun, 17 Dec 2023 19:53:51 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
102ee957cf0c0d568f95bc86ba63719e752b942f97f1f07b486f1e981277ba2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29864
x-xss-protection
0
server
cafe
etag
772 / 19708 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:22 GMT
64745806f8afa0d3728d5e249f787c3103e86367.js
cdn.izooto.com/scripts/ 		1 KB
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/64745806f8afa0d3728d5e249f787c3103e86367.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
921c1cf200e9b84acceddf7d1829fbf9a43383b8f221a596abafc40db465d503
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Sat, 30 Sep 2023 05:04:59 GMT
server
cloudflare
age
394587
etag
W/"6517ac7b-507"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
836b6dd4aa16371b-FRA
x-xss-protection
1; mode=block
expires
Mon, 18 Dec 2023 01:35:22 GMT
jx-Te33267EnmTw.min.js
scripts.jixie.media/onescript/Te267Ckc0n/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/onescript/Te267Ckc0n/jx-Te33267EnmTw.min.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.119.20.21 , Hong Kong, ASN58453 (CMI-INT-HK Level 30, Tower 1, HK),
Reverse DNS
Software
openresty /
Resource Hash
852f404e0e185cfa6f04fb6561c3fc9d570a7a2e3cba57b96196c9b26d937ddd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

nginx-hit
1
date
Sun, 17 Dec 2023 01:35:27 GMT
x-amz-version-id
oke5KO.YsqOYyiwOTzS1mnJiv6BqvMHj
via
EA-SGP-EDGE1-CACHE1[2],EA-SGP-EDGE1-CACHE4[0,TCP_HIT,2],EA-SGP-GLOBAL1-CACHE4[3],EA-SGP-GLOBAL1-CACHE7[0,TCP_HIT,2]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
YV3CSA6WXNK59933
age
8195535
x-amz-server-side-encryption
AES256
x-amz-id-2
TuHcbzdYGcAYdbJZ0Y1acgPY6Dyti37CVOLowwL2EOLK4NN6N26uwNWE5ZNYfM4ahjjnAQqMH8s=
last-modified
Wed, 13 Sep 2023 05:03:06 GMT
server
openresty
etag
W/"e4f5cec7c1add0318e0d1f3b84bbb567"
x-amz-meta-x-amz-meta-updatedat
2023-09-13T05:03:05Z
x-amz-meta-x-amz-meta-createdat
2022-12-01T09:14:27Z
access-control-max-age
86400
content-type
text/plain
access-control-allow-origin
*
x-ccdn-expires
2172466
x-hcs-proxy-type
1
cosmose-pixel.js
pixel.cosmose.co/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.cosmose.co/cosmose-pixel.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-100.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
939b0035ecb124377ea1fca65c703ca0a166ce80b95a9bca41ed8a2a61788251

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:38:01 GMT
content-encoding
gzip
via
1.1 3544838dca6112dd616da017a568e76a.cloudfront.net (CloudFront)
last-modified
Wed, 13 Dec 2023 15:58:13 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
3442
x-amz-server-side-encryption
AES256
etag
W/"ea442968bfc111056afc7141263e4317"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
mqhRHLO0z8Tzf4qlSjngnzvzMDI5qvS8M0wNuBgcCe9lEEQ0XxH0MQ==
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CG017OJC77U71I9LDI9G&lib=ttq
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.122.48 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-122-48.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
37af6403d9a17ea856744f99074b4c7c8b2c35df9c06bf4632112eeaf9434d9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id
2824f967.15662f5f
date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-23121701352234B21A5B2047F6B3623D-651FAB37997BDA06-00
x-cache
TCP_MISS from a2-19-123-176.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
87,2.19.123.176
server-timing
cdn-cache; desc=MISS, edge; dur=82, origin; dur=5, inner; dur=2
content-length
2065
pragma
no-cache
server
nginx
x-tt-logid
2023121701352234B21A5B2047F6B3623D
x-cache-remote
TCP_MISS from a23-220-105-87.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.220.105.87
x-tt-trace-host
0165e47387a63d2aa752b09d3ce4dcb185852cd2fa9b2ebab1c10f501b21c253d7d9d797848c4497c173fc2de7db2b82d9407bc88ab11e13058d29ce43c8124b4927ea269f9e7bf7b18dbab15b68181174a3f6a7fa8912b0f88c1ff0b97a81805b739893360ff3f4284c1c5820de4c4b7e
expires
Sun, 17 Dec 2023 01:35:22 GMT
logo-tempo-id.png
www.tempo.co/desktop/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/logo-tempo-id.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
9923f8e699a30ebd2212a198e6654b0b5481993bcf5b269ba14be62b74bfcacd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Fri, 10 Feb 2023 02:35:30 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"63e5ad72-9aff"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
39679
x-amz-cf-id
mjtV4dtJAdIVvjapbjWPbDnKRlZh-IkA8sdAJZs91aJsQOnDdvJ_Yw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-google.png
www.tempo.co/desktop/images/ 		782 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/icon-google.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
3643df25dbdb18f7d8b496114075d3fc2f05ddd3287ed96783b4a60ed2acff8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"628672ea-30e"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
782
x-amz-cf-id
kYzVnOKTz3bcJBvUj-Me_MFKAnKDFHe0KjbKce033jKFuXKhciusKQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1096588_720.jpg
statik.tempo.co/data/2022/03/20/id_1096588/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2022/03/20/id_1096588/1096588_720.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f5b8cd3769f1ab6a0c54634b026bc0226b5328c9fc75d4f7066464605e892daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Thu, 16 Jun 2022 12:33:34 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"62ab231e-8a61"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
35425
x-amz-cf-id
4QCouOBq1xsDTXB80dZg6Lt5ALSxkLUb7rfpFMBSfVHoatpEU4rf6A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
click.advertnative.com/loading/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click.advertnative.com/loading/?handle=16436
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.126.163 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
tinong247.vn
Software
nginx/1.18.0 / PHP/7.2.24
Resource Hash
28a69aa7de4958abd6007a56cc367e9b166d1c7dd88a51c0e806899a45dddf0c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=15768000, max-age=15768000
server
nginx/1.18.0
x-powered-by
PHP/7.2.24
content-type
application/javascript; charset=utf-8
dm-ce.min.js
statics.dmcdn.net/c/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics.dmcdn.net/c/dm-ce.min.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
/
Resource Hash
2814503a85e4285b01eb861a657fecaf90df0f256adcce141d84d2ab2d30f557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2023 05:20:33 GMT
age
72754
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12943
x-llid
b61ab19ff197dcfd070398e679ee479b
expires
Mon, 15 Jan 2024 05:22:48 GMT
jquery-3.1.1.min.js
www.tempo.co/desktop/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/js/jquery-3.1.1.min.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"628672ea-152b9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
F4jIYKP4Ugkk3QhdJ6ejXlhJnXgRonz2mlXmzrpo1WPNe7uwIdbCxA==
slider.js
www.tempo.co/desktop/js/ 		90 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/js/slider.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
276eb2c36bf38b6f30867b8f8d0c107fbfa1b85a8cd6d14188f7e9cdb9e5d733
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"628672ea-1672a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
6Kxe1SnEdMIndT0N8qVr8gx_cHZDOH6O2Clh7gINFhYzjsNo3TBpdw==
jquery.magnific-popup.min.js
www.tempo.co/desktop/js/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/js/jquery.magnific-popup.min.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
f4b9f54fbd130146b91e6f5514def1789e36dd608550a3469d7790b145b057df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"628672ea-aa45"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
DHQQx70xMRZ581mcIqEJlqWYfRxPE5wgU2231dXLr9BEPjmB5S6gjw==
fix.js
www.tempo.co/desktop/js/ 		1 KB
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/js/fix.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
676bbd47c55112eb35926a090d340984946f1eda3a389aaf7af9f56c30d1cb1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"628672ea-5d6"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
SMh-uESvv58dw-E8nmbpFEkkH0UBQNUc10igBOo7bbp1RcoICYJv8A==
fixmain.js
www.tempo.co/desktop/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/js/fixmain.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
9bacc96ca3d001af3f36b0a953ba4a03890b82431e645c278d399085374d1456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"628672ea-2296"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
T3ZLOOoBoykqMTw19dTuRAeuh7nT4elgp_KX9jPSFIpULp2MefoLaA==
jquery.multi-select.js
www.tempo.co/desktop/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/js/jquery.multi-select.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
1a94f7d0ea46c644a1064b4c1fd2bf8acd1e366ef5e21c5ee5c3b2ae2d6a7cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"628672ea-333d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
f-IXefl1dbVkMCU6ntJhZTwQ2-X0mRMeB3pRp6DEGOygX1Ir7fHmbQ==
base.js
www.tempo.co/desktop/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/js/base.js?klhkltyoptklgklfjdk
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
1161debb479dfd0b3d63a4515bd922830e877c8ab17a22a5db14ae495283e2b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 03:22:18 GMT
server
nginx
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
etag
W/"6567ffea-22a7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
JGn9T1_k-HJYPrv9snXlY6TUO0wm33_XqYTk8lCsL9HM4vERLAfGwg==
gtm.js
www.googletagmanager.com/ 		334 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KNSBXFS
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68822610d911b6240b2e1d5e9f18d01205d8e165089e671b31b398d972b2839d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94241
x-xss-protection
0
last-modified
Sun, 17 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 17 Dec 2023 01:35:22 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 17 Dec 2023 01:35:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
fvY2HZ2CQLUjLsUuJq6gUr/9pknM/Ba8j4NrxY3OUsryRSagzzjuyRiFI/EOP4L6ao8tVaGijmOzPppmADH9YQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
88004917adbd7b6b060b06f46d6b7cffb33406df9e017f5d52a506de5dc7ab1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:56:00 GMT
content-encoding
gzip
via
1.1 76f18545659f3cecc2213d8e93d15fb2.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 01:15:42 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
27562
etag
W/"657a573e-9672"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
f8kqiw7j-_hBHwgEqrrJvVDQ0YzJ9EQNLedW-jHHx4B4RfjH2XCKTg==
expires
Sun, 17 Dec 2023 17:56:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157077/910/ 		464 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157077/910/pwt.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ae583e72a811856f0b1e1ca97d84bb10400b8e3f2c9466533b9c53872e25aee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
last-modified
Fri, 01 Dec 2023 16:02:50 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=18479
accept-ranges
bytes
content-length
150441
expires
Sun, 17 Dec 2023 06:43:21 GMT
hotjar-3206663.js
static.hotjar.com/c/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3206663.js?sv=6
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-37.fra56.r.cloudfront.net
Software
/
Resource Hash
ecf8baffa0d5e17b1547391eb563d7a5e653d1914425051e57db126c4fd6ac2f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sun, 17 Dec 2023 01:35:22 GMT
via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
28
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/2dbac137a95bdd8544cf76d1d74bcaba
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
snpxASbvqRYn_QLBKOIk-Qt4NCaWrntwzdxDxjlLrUFoQGndJTbLBg==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bola.tempo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 06:10:26 GMT
x-content-type-options
nosniff
age
242696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 06:10:26 GMT
bgg.png
www.tempo.co/desktop/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/bgg.png
Requested by
Host: www.tempo.co
URL: https://www.tempo.co/desktop/css/base.css?tlplkpr6klkyltllmr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
fc673379edc0efeacadf14415576ec54dea2e4236a993d255cce6ff238521db5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.tempo.co/desktop/css/base.css?tlplkpr6klkyltllmr
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Wed, 12 Jul 2023 09:44:10 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"64ae75ea-22d3"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8915
x-amz-cf-id
Tn4j0pspHFcfwFdnG9u8pPaAnCeaV5a3AFwO24-AAb0lfrPJgKLR7Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontawesome-webfont.woff2
www.tempo.co/desktop/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.tempo.co/desktop/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: www.tempo.co
URL: https://www.tempo.co/desktop/css/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-38.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer
https://www.tempo.co/desktop/css/font-awesome.css
Origin
https://bola.tempo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"628672ea-10440"
x-cache
Miss from cloudfront
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
66624
x-amz-cf-id
eF-lBqToRfmwpvZ6l_9LNKkVaoRVCO_WypcT0KAGKaii08b-hbnNqg==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bola.tempo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 06:42:39 GMT
x-content-type-options
nosniff
age
240763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18596
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 06:42:39 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
114f872abf6cae70383b09ca2168821991fde718702d79cdc457a49b03560cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bola.tempo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 06:54:50 GMT
x-content-type-options
nosniff
age
240032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18260
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 01:59:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Dec 2024 06:54:50 GMT
main.js
go.rcvlink.com/static/ Frame 7620 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/main.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
3610ab58586e4ac937af60fe2e086cd4d6385568d85a4c94bdbe086df6a261fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
last-modified
Tue, 05 Sep 2023 09:51:05 GMT
server
nginx
etag
W/"64f6fa09-1926"
content-type
application/javascript
cache-control
max-age=86400
expires
Mon, 18 Dec 2023 01:35:22 GMT
id.png
www.tempo.co/desktop/images/ 		936 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/id.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
b4bf33148b300484bf21f154d0507d8e82b60906523fb0f0b636d28aa8deb2cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"628672ea-3a8"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
936
x-amz-cf-id
Vz8V9iKpLwCSdk6ULFpfQYacqV_z4-gAIw1O8d5S2pygeZYxGDrAfQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
uk.png
www.tempo.co/desktop/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/uk.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
3670bb76971d4b17679ebd321b72b3edcb0c53e36966d957a0d322eb47788a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Thu, 19 May 2022 16:40:10 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"628672ea-3d62"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
15714
x-amz-cf-id
OrA-hS7ezVrCh7JJctn1Ox9Zez-sDFlsGPmslj806Dz0SaFeXcglIw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
gnews-3.png
www.tempo.co/desktop/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/gnews-3.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
b9d104c0f7e0f0e958e1027e31ca53638eab96a0c3199d54f0af956051f9a784
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jun 2023 04:59:04 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"647ebd18-6740"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
26432
x-amz-cf-id
EOcylch7Z09kJ-MWtbctKMuOJjtl1RKEsNcY2V9FsECzhv_ue8YLEg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
f-whatsapp.png
www.tempo.co/desktop/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/f-whatsapp.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
8cbd3790c1f0cd699fe319ffef8827e322d4d36e0e3e6c8d852a9a8011b5ebe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jun 2023 04:59:03 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"647ebd17-921"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2337
x-amz-cf-id
P7wl-Twynn4ey3NQucpv0n7Z98wUuxxEsS0fITrPzzV33Mj5tvPMdA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
f-facebook.png
www.tempo.co/desktop/images/ 		966 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/f-facebook.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
95b212a9a68def2134eca4002fd9f3fdc1c2d19154929bfed758bd9018f1d6b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jun 2023 04:59:02 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"647ebd16-3c6"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
966
x-amz-cf-id
Enai-7h2iDtd9QxoCWl3R9myvQvLg19LuO4URVrI9gR9o5spxGoC1Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
f-twitter.png
www.tempo.co/desktop/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/f-twitter.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
360f3bddff85b96344885fae3e6bde3fc33d7fff0fa2eb718da558d643ceb6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jun 2023 04:59:03 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"647ebd17-76e"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1902
x-amz-cf-id
Uo3tYag_7HLhx5qzmkNYR7GyrlKsS_9ywPVWnA9E2JtEeXBOKcs6SA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
f-telegram.png
www.tempo.co/desktop/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/f-telegram.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
34d1169609e6cacfaa2ae25548e5ba810396cd63fd8b527308be126040a92ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Tue, 06 Jun 2023 04:59:03 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"647ebd17-2068"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
8296
x-amz-cf-id
IiW1ezAvZ3UOaRv7J1CMlS2mXm4nR9oNVOksBJot-alcCYwpAyyiXg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1198170_720.jpg
statik.tempo.co/data/2023/04/19/id_1198170/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/04/19/id_1198170/1198170_720.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2008c0dd9a2c75bf47b19520b14edb568ec1c9cb0cb2b591415f2f992cd76a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 23:40:40 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"643f2a78-b3d2"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
46034
x-amz-cf-id
jwBQbPh7ZsTBPHwITwL-wfsRpVVuHdv9FoU4ru1UVXwBL712-Qfycw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1259618_150.jpg
statik.tempo.co/data/2023/12/02/id_1259618/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/12/02/id_1259618/1259618_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
85f6a70cd115a11bdbd52bc7691a568fcb2251db4d4a4c78c1aed52e8931f3b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Fri, 01 Dec 2023 22:18:24 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"656a5bb0-146b"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5227
x-amz-cf-id
RbimPlGMHbyguiNT2QPflSBPEiCSQhZnDc3ofI4GsjxocBBd9Tv_xQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1253978_150.jpg
statik.tempo.co/data/2023/11/13/id_1253978/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/11/13/id_1253978/1253978_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e8487ee44a3dea8e8c2d32bd7ceededa2da8831e5e6d3602aee635c990890b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 03:17:07 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"65519533-12e1"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4833
x-amz-cf-id
EmAvjsIu7IkSUfchjrovwmMpEiFUILsTisSLeeYF5eqwD3bN7UbcEQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1257578_150.jpg
statik.tempo.co/data/2023/11/24/id_1257578/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/11/24/id_1257578/1257578_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b2bacd6249a8dacb352a69cd6fd65939f0eb3bea9aafb2fbef0b7039ccf173cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Fri, 24 Nov 2023 14:57:03 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"6560b9bf-fef"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4079
x-amz-cf-id
o-1fcwrtmQRhxl5NFV8yXDFR9y29163PURO4v29p2x9jvtDnfsP3iA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
978331_150.jpg
statik.tempo.co/data/2020/11/04/id_978331/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2020/11/04/id_978331/978331_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
df1f1074341c857373f70ba7053b8f4728256d5a57fd246daad04ccaa2d8cd0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Wed, 15 Jun 2022 13:42:00 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"62a9e1a8-124f"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4687
x-amz-cf-id
XMwqUTbVb5nM7VAcZQWVFYjxMigHcvhb2AOQGD5jMaZoXJ_3jflDLA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1235817_150.jpg
statik.tempo.co/data/2023/09/10/id_1235817/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/09/10/id_1235817/1235817_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
99d6b9fedb43ef9e8d9aaedf555f1e2e34f61eb602c00394f5ca490ea9b19adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Sun, 10 Sep 2023 12:28:42 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"64fdb67a-f4b"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3915
x-amz-cf-id
eNZLWvD2znDacQMNYOOgtqDXTnBwf6JUgc957TIagIwbakm3rNvJTQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1262183_150.jpg
statik.tempo.co/data/2023/12/11/id_1262183/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/12/11/id_1262183/1262183_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
df08c6aabddf64f4e2bbd30c5628af0883842d74e4d30121cada5b086acbf3e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Mon, 11 Dec 2023 05:48:00 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"6576a290-e97"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3735
x-amz-cf-id
UZVYU9S3ckFKNdX_URAG3jsleHpgI8SiK2wm03Uv0BgQmE4OBatatg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1217542_150.jpg
statik.tempo.co/data/2023/07/06/id_1217542/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/07/06/id_1217542/1217542_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dd1b2af4052b5d98a0d9ffd597d9e974fad7b4e8023f7634a32e06bc0bf30322
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jul 2023 13:26:32 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"64a6c108-dda"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3546
x-amz-cf-id
aAZrOJEntfNFqoCzw5MHGNQBLBTBxBVthq8ZFJB6CHCKLOxUuJ7r7g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1253468_150.jpg
statik.tempo.co/data/2023/11/11/id_1253468/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/11/11/id_1253468/1253468_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6a072fbaa532ad687c9a8bc5c4031c7a5e013044e78754e18435499df53dd8bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Sat, 11 Nov 2023 02:24:00 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"654ee5c0-b0f"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2831
x-amz-cf-id
y5QOupoaY8fByrtwy991Mb8sq_z1AY41v12Vae--R5NKfCeKSjj2oQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1258659_150.jpg
statik.tempo.co/data/2023/11/29/id_1258659/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/11/29/id_1258659/1258659_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
75f29e0007825f2e358f0664b7c7d985d8cc665e8edce4b3d5ee8394f7641c7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Wed, 29 Nov 2023 01:30:24 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"65669430-daf"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3503
x-amz-cf-id
BPi5V4B5qvfap_itPRd3O30UCw5BLz3kC4ZEapviQNdWzGidWmvhcQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1216574_150.jpg
statik.tempo.co/data/2023/07/03/id_1216574/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/07/03/id_1216574/1216574_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
02c7b000978c1d9c0a56b7984b112ac90699cea9015e67edc0ab288d841440de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 03:04:04 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"64a23aa4-e16"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3606
x-amz-cf-id
6cR0wH7vIJraHut3UfCyyUA1WunlMvhs9-80cANUDTL9pLBXmQUCvQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1262688_150.jpg
statik.tempo.co/data/2023/12/12/id_1262688/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/12/12/id_1262688/1262688_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d101011093afbc522b37727297c7aa26138d5e6609e0317242977b4d4351436f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 14:07:30 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"65786922-f27"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3879
x-amz-cf-id
igFv0FBCTgy-4mhOW_PyyxDhvTrZDyz0xbq_vqqnw6wfL4rK31JTLg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1258732_150.jpg
statik.tempo.co/data/2023/11/29/id_1258732/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/11/29/id_1258732/1258732_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ca3cef4c87055aab569108bbbc9d1cb2f9eaff0726e4850b52a3f508466a9302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Wed, 29 Nov 2023 05:00:37 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"6566c575-1177"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4471
x-amz-cf-id
7_PKeE0EVnvFbOytZhg4dS2frwLMM0sHU1nW-vOjnGrDmuF2UkifWQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1143982_150.jpg
statik.tempo.co/data/2022/09/26/id_1143982/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2022/09/26/id_1143982/1143982_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5254156f55d4c30b386fd444cab5028a464a711fff86b9c206e1b941439ff5e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Mon, 26 Sep 2022 06:46:22 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"63314abe-f13"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
3859
x-amz-cf-id
b6ym8PA9FGQRishxGASqR5VYHRxesMTpSA8CgSBzgWD6xCfma2N6Qg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1180459_150.jpg
statik.tempo.co/data/2023/02/12/id_1180459/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/02/12/id_1180459/1180459_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9e6f4d4e8369d766e3d9936f1f7b5695a19e251c7250e3f04f6ed9058a81cadd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Sun, 12 Feb 2023 13:49:16 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"63e8ee5c-fa9"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
4009
x-amz-cf-id
M1Q19CuGcttJDJ8uhHixN1ut1XHXHECLyT5yylrTasloamCFwZAiFw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1263872_150.jpg
statik.tempo.co/data/2023/12/16/id_1263872/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statik.tempo.co/data/2023/12/16/id_1263872/1263872_150.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:2c00:1:3676:a640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0d357169d710af38512ceef8154ab5ab7dba70bf9df61b329800074c8cc233a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
last-modified
Sat, 16 Dec 2023 15:21:16 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"657dc06c-15bf"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5567
x-amz-cf-id
mxuTxSELpYUYILd6q4EojHN25L2geP8C2_0wkKrXf9mdOCsJJzqLWA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-tempo-white.png
www.tempo.co/desktop/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tempo.co/desktop/images/logo-tempo-white.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-84.prg50.r.cloudfront.net
Software
nginx /
Resource Hash
dbb9a3e6234a056a1ccc1dc213d65ff68f4584ae40922b510195ab6b84e2e96a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jul 2023 03:11:33 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
etag
"64ab76e5-1712"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
5906
x-amz-cf-id
jjILuRlDzI6X5ES0ufFGdedvO7XLJnPrznQBbZPfCpLY2OxAz7svzg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
cover_10_Desember_2023_-_Debat-debatan_Calon_Presiden.jpg
images-tm.tempo.co/mbm/cover/2682/ 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-tm.tempo.co/mbm/cover/2682/cover_10_Desember_2023_-_Debat-debatan_Calon_Presiden.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:bc00:8:50ba:2500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
590c61257f84208acd5a0092ac8c965aad9837588bf758b42affd90e5af7ed59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
last-modified
Sat, 09 Dec 2023 15:41:20 GMT
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
etag
"65748aa0-36c77"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
224375
x-amz-cf-id
mbekf-ddk0PZCGudEeZ6K09XLuck8CEhUTXhnj39LnMRGGwSiKJgpg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
izooto.js
cdn.izooto.com/scripts/sdk/ 		318 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/64745806f8afa0d3728d5e249f787c3103e86367.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
259076184aac5805ce3fe09914e62d8a1368a7d23c289af5c17a11cc1e7a2cc3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 13 Dec 2023 14:36:37 GMT
server
cloudflare
age
298702
etag
W/"6579c175-4f619"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1382400
cf-ray
836b6dd4ca20371b-FRA
x-xss-protection
1; mode=block
expires
Tue, 02 Jan 2024 01:35:22 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		227 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=tempo.co&domain=bola.tempo.co&path=%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a3367c54b10a6081c6b372186cff8a622b50c94c3d28aea915fb73afeedd344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
178
x-served-by
cache-fra-etou8220028-FRA
x-timer
S1702776922.411574,VS0,VE106
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 15 Dec 2023 01:35:22 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Origin
https://bola.tempo.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 08:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 08:01:10 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 64E7 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
1534208
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
836b6dd51a4c371b-FRA
content-encoding
br
content-type
text/html
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Wed, 17 Jan 2024 01:35:22 GMT
last-modified
Tue, 07 Feb 2023 10:27:13 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
pixel-events
kaikai-now.sg.cosmose.co/kaikai-now-oem-api/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kaikai-now.sg.cosmose.co/kaikai-now-oem-api/pixel-events
Requested by
Host: pixel.cosmose.co
URL: https://pixel.cosmose.co/cosmose-pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.220.193.46 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-193-46.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
228103231438ddeb998fb47c021cc9d117a7ca0ee343bde2d80e14ba6009fa33
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
Api-Key
a1174e7f-9e14-455f-ae21-39516c225c1f
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
x-frame-options
DENY
access-control-allow-methods
OPTIONS, HEAD, GET, PUT, POST, DELETE, PATCH
content-type
application/json
access-control-allow-origin
https://bola.tempo.co
access-control-expose-headers
Content-Disposition
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
vary
Access-Control-Request-Headers,Origin,Authorization
access-control-allow-headers
Authorization, Content-Type, Accept, Installation-ID, Api-Key
x-xss-protection
1; mode=block
expires
0
pixel-events
kaikai-now.sg.cosmose.co/kaikai-now-oem-api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kaikai-now.sg.cosmose.co/kaikai-now-oem-api/pixel-events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.220.193.46 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-193-46.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
api-key,content-type
Access-Control-Request-Method
POST
Origin
https://bola.tempo.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type, Accept, Installation-ID, Api-Key
access-control-allow-methods
OPTIONS, HEAD, GET, PUT, POST, DELETE, PATCH
access-control-allow-origin
https://bola.tempo.co
access-control-expose-headers
Content-Disposition
access-control-max-age
3600
content-length
0
content-type
text/plain
strict-transport-security
max-age=15768000
vary
Origin,Authorization
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
41342
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 15 Dec 2024 14:06:20 GMT
main.MTdjYzNiZDU2MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		417 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CG017OJC77U71I9LDI9G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.122.48 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-122-48.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id
15662f97
date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023110907313662070F406E6258032254
vary
Accept-Encoding
x-cache
TCP_HIT from a2-19-123-176.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01f50ae8104a76f1f82d9d7d7d4f306f046d4e1b3d1a86d95757be72dd3c117b6868f9fba9f4c272728b492b22dcf896abf612e26fff77c344b97c8c3a3cb70826c2bde9dd0df64451f3c07ddd30791829b6529e5a60fc50c3f4b5fb4ae7e516f8
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
110443
1216222032391240
connect.facebook.net/signals/config/ 		135 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1216222032391240?v=2.9.138&r=stable&domain=bola.tempo.co
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5bf63d561a37b665d42b820df38e11f97aa80b59af0ebba05ccfc118d4ac94f1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 17 Dec 2023 01:35:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
d1CevqwXHTpM8LQC5cUw+ZuQeciy/wwWIzO04rtcb9dMKP0qPXTl8hdwWKwtGjnQuebVmx3LWo5wkYGfxYR1Bg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
xbqdn.js
geo.dailymotion.com/libs/player/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.dailymotion.com/libs/player/xbqdn.js
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
ad81969756b8c732d4719d2e1cf608265400652a6f58b3d290171b8290a140e0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Referrer-Policy
strict-origin-when-cross-origin
Date
Sun, 17 Dec 2023 01:35:22 GMT
Server
DMS/1.0.42
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary
X-DM-SSL, Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Server-Timing
total;dur=20, dc;desc="dc3"
Timing-Allow-Origin
*
Link
<https://www.dailymotion.com>; rel="preconnect"; crossorigin="use-credentials", <https://static1.dmcdn.net>; rel="preconnect"; crossorigin="anonymous"
Content-Length
13403
videos
api.dailymotion.com/ 		74 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time&limit=1&search=transfer%20Chelsea%20Inggris%20Havertz%20Kovacic%20Chelsea%20Boehly%20Romelu%20Lukaku%20Ziyech%20Berita%20Bursa%20Hakim%20Kante%20Mateo&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=tempovideochannel&sort=relevance
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e4447bdacc4737f4d6e541428b9565ba7e290ebba261dba6def30bd1498a4980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:22 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=87, dc;desc="dc3"
Content-Length
80
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 17 Dec 2023 01:35:22 GMT
Server
DMS/1.0.42
Etag
W/"Vz6sGNN3kBS1LpiYhlqwBQ-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
identify_bb163.js
analytics.tiktok.com/i18n/pixel/static/ 		135 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.122.48 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-122-48.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-akamai-request-id
15662fb8
date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023110907313162070F406E62580321E5
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-19-123-176.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
015f2371f20755e568fe18b39f23c2c2f1c039a9ff6a0916ab1763fa5258cc9b9b3a1537fe543509c811f49c63a1e4073d13b9fd0b1edb8d60e1d264a3db6fa9ec7c13c2f1e60664fa92b34286ebc2629182c4c06af133617a62ef6f8bfce85773
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length
36048
pixel
analytics.tiktok.com/api/v2/ 		0
843 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.122.48 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-122-48.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
84d028c5.15662fc4
date
Sun, 17 Dec 2023 01:35:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-231217013522537CEB01908482C73033-006DD0ECD3690467-00
x-cache
TCP_MISS from a2-19-123-176.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
264,2.19.123.176
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=182, inner; dur=180
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231217013522537CEB01908482C73033
x-cache-remote
TCP_MISS from a23-220-105-89.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
182,23.220.105.89
x-tt-trace-host
0165e47387a63d2aa752b09d3ce4dcb185852cd2fa9b2ebab1c10f501b21c253d737d4880c3e339cf9c99a87cb78dac0f2384e4b59e01fdd6934e9448b5effc78816968558bce64aadcf76cedc872e4d6a961945f3fa8f0ba496e594eef7cab4d637cbd0b1c2ebd60bdb93b1e286413e46
access-control-allow-headers
Authorization,*
expires
Sun, 17 Dec 2023 01:35:22 GMT
21928950349
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/21928950349?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da6d24883397ebc7c5f74110e0b8473a68110e2a54deede635cc5214598a706e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aqSpDteolA-bfF26BWDKqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-aqSpDteolA-bfF26BWDKqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.f8398e1fcf749800c3fc.js
script.hotjar.com/ 		220 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.f8398e1fcf749800c3fc.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3206663.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-19.fra56.r.cloudfront.net
Software
/
Resource Hash
fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 12:03:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
221536
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55732
last-modified
Thu, 14 Dec 2023 12:02:27 GMT
etag
"ce5f5f2327c7562166cfcaad455b7a17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
L9cjdYwHECKw3ogSBsD1Oe_mNdQj5x5z6U9sk_iS-RnCfl5kC8w-mw==
1
go.rcvlink.com/cs/1/ Frame 7620 		31 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
4f7ae41cd76cb58766edbd9689dd84915dceb6296fd824ed92cb2de976531f1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:22 GMT
cache-control
private, max-age=63115200
content-encoding
gzip
content-type
text/javascript;charset=utf-8
server
nginx
expires
Tue, 16 Dec 2025 15:35:22 +0200
js
www.googletagmanager.com/gtag/ 		295 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TBVMQFZY8Y&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSBXFS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
88e60a962f7bf14532ad0db3e8ed5bff348f984360ce48371d11c3e6b1639b9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96937
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 17 Dec 2023 01:35:22 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSBXFS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 17 Dec 2023 01:22:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
777
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 17 Dec 2023 03:22:25 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSBXFS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Dec 2023 13:09:33 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=15831
accept-ranges
bytes
content-length
15541
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSBXFS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220062-FRA
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNSBXFS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-119.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 06:08:33 GMT
Content-Encoding
gzip
Via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Nov 2023 03:37:28 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
Age
70025
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
sVaGoalh0nldKuG_10WHcwK222hf4TrrtS4QZnBkoh9CDKkORDPElw==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1216222032391240&ev=PageView&dl=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rl=&if=false&ts=1702776922677&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702776922677.842602357&ler=empty&it=1702776922570&coo=false&rqm=GET
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 17 Dec 2023 01:35:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
geo
ut.pubmatic.com/ 		12 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=157077
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157077/910/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:22 GMT
cache-control
max-age=172800
content-length
12
content-type
application/json
iframe.htm
go.rcvlink.com/static/ Frame 5006 		19 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/iframe.htm
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
d80935360fca46968bdc6d751c7178e8f224eb12537892e0c9b0a7bd16eef73c

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 17 Dec 2023 01:35:22 GMT
etag
W/"65417aa6-4ca8"
expires
Mon, 18 Dec 2023 01:35:22 GMT
last-modified
Tue, 31 Oct 2023 22:07:34 GMT
server
nginx
/
pebed.dm-event.net/ 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xbqdn.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed1.dm.gg
Software
edward-ed/2.2.2 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Sun, 17 Dec 2023 01:35:22 GMT
Server
edward-ed/2.2.2
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
go.rcvlink.com/bdto/1vRO32J6hR/ Frame 5006 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/1vRO32J6hR/?cache=t5rY6dbduWj4&ver=231101-0007&w=736&h=0&vw=1600&ms=408.1&pb=1&me=0&ref=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
6ad7e4da4be1099fdb20371b3ef7654f4b5e977d03d17beb5e0339eb96c17a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
last-modified
Sun, 17 Dec 2023 01:35:22 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
content-type
application/json
hn
b29
cache-control
no-cache, no-store, no-transform, must-revalidate
access-control-allow-origin
*
expires
Sun, 17 Dec 2023 03:35:22 +0200
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TBVMQFZY8Y&gtm=45je3bt0v9106695579z877757617&_p=1702776922315&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=469069242.1702776923&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702776922&sct=1&seg=0&dl=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&dt=Di%20Balik%20Eksodus%20Pemain%20Chelsea%20yang%20Buat%20Todd%20Boehly%20Merugi%20-%20Bola%20Tempo.co&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3115
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TBVMQFZY8Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TBVMQFZY8Y&cid=469069242.1702776923&gtm=45je3bt0v9106695579z877757617&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TBVMQFZY8Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TBVMQFZY8Y&cid=469069242.1702776923&gtm=45je3bt0v9106695579z877757617&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=804783461
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4d22fade714ca14db91cf193bdb9897d
st11.rcvlink.com/2/304/ Frame 5006 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/4d22fade714ca14db91cf193bdb9897d
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
82399d3e48f94a997bed9ed46c41561b5fa756db256b86cfbeb2879a0d43c6b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
last-modified
Wed, 23 Dec 2020 13:59:22 GMT
server
nginx
etag
"5fe34d3a-160c4"
content-type
image/webp
access-control-allow-origin
*, *
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*, *
content-length
23118
expires
Sat, 16 Mar 2024 01:35:22 GMT
dbdaf427aa1cb036e2cbafec9fe42df4
st11.rcvlink.com/2/304/ Frame 5006 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/dbdaf427aa1cb036e2cbafec9fe42df4
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
4515500856d80d9c0b3f0aea484f05d9c57babf619882c8341e03ed3b461f6bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
last-modified
Fri, 20 Dec 2019 12:48:53 GMT
server
nginx
etag
"5dfcc335-4d066"
content-type
image/webp
access-control-allow-origin
*, *
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*, *
content-length
12898
expires
Sat, 16 Mar 2024 01:35:22 GMT
f72d98c227c65ed8978eac86c1f6843a
st11.rcvlink.com/2/304/ Frame 5006 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/f72d98c227c65ed8978eac86c1f6843a
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
9a384c6753357adc4b3a47cd0c1eaaa718839a35eb89543f65b850f59f1d2407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
last-modified
Thu, 26 Sep 2019 10:00:32 GMT
server
nginx
etag
"5d8c8c40-39592"
content-type
image/webp
access-control-allow-origin
*, *
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13564
expires
Sat, 16 Mar 2024 01:35:22 GMT
092365448516fe9ec468712ed36f1a62
st11.rcvlink.com/2/304/ Frame 5006 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/092365448516fe9ec468712ed36f1a62
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
fc8bb0f3fa3fdcefa4d882cacf3ed5d37983197d17b8badf931f859d3050c6f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
last-modified
Thu, 26 Sep 2019 11:49:19 GMT
server
nginx
etag
"5d8ca5bf-4b22c"
content-type
image/webp
access-control-allow-origin
*, *
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*, *
content-length
9446
expires
Sat, 16 Mar 2024 01:35:22 GMT
588b3b67e16a03bac9ae69614b62d443
st11.rcvlink.com/2/304/ Frame 5006 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/588b3b67e16a03bac9ae69614b62d443
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
9d869186247098da9bcf0f4f468895d21ad37a3055078bf3be5ab7650c4deba0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
last-modified
Thu, 30 Nov 2023 17:19:36 GMT
server
nginx
etag
"6568c428-13259"
content-type
image/webp
access-control-allow-origin
*, *
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*, *
content-length
8542
expires
Sat, 16 Mar 2024 01:35:22 GMT
53961854a9f811a497a88107c3039de5
st11.rcvlink.com/2/304/ Frame 5006 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/53961854a9f811a497a88107c3039de5
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
15d925d7e1c40fe9d138444034310fbdd5fa0778a9a15f1fd155ecea18b2a9af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
last-modified
Thu, 30 Nov 2023 16:24:57 GMT
server
nginx
etag
"6568b759-12527"
content-type
image/webp
access-control-allow-origin
*, *
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7392
expires
Sat, 16 Mar 2024 01:35:22 GMT
logo160.png
go.rcvlink.com/img/ Frame 5006 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/img/logo160.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.75 Mehlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.75.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
last-modified
Mon, 21 Jan 2019 15:07:51 GMT
server
nginx
etag
"5c45e047-1869"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6249
expires
Sun, 24 Dec 2023 01:35:22 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
841 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.122.48 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-122-48.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
79c3b09e.15663029
date
Sun, 17 Dec 2023 01:35:22 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-23121701352215B2823AF19528C5F8DD-2846D7ADCBF322E9-00
x-cache
TCP_MISS from a2-19-123-176.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
x-parent-response-time
147,2.19.123.176
server-timing
cdn-cache; desc=MISS, edge; dur=92, origin; dur=65, inner; dur=62
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023121701352215B2823AF19528C5F8DD
x-cache-remote
TCP_MISS from a23-48-200-209.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52660090) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
65,23.48.200.209
x-tt-trace-host
0165e47387a63d2aa752b09d3ce4dcb185852cd2fa9b2ebab1c10f501b21c253d7c061cea08d047499a9c0785682a12e2fc3da9ad97fd8fa06adfbced7cb2d3a8ff90adb046832116c0a69d4a99b3b1338fbd6bad6d449e098f57dcc19ebf164ea843dbf139e29c6b8591d6dc3d74ea701
access-control-allow-headers
Authorization,*
expires
Sun, 17 Dec 2023 01:35:22 GMT
/
px.ads.linkedin.com/wa/ 		0
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 0B09755E13154B3FBE07952CC0198482 Ref B: FRAEDGE1412 Ref C: 2023-12-17T01:35:22Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
access-control-allow-origin
https://bola.tempo.co
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYMqqWff4p1TLLx/+LlnA==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5258532&time=1702776922830&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tm=gtmv2
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5258532&time=1702776922830&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tm=gtmv...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5258532%26time%3D1702776922830%26url%3Dhttps%253A%252F%252Fbola.tempo.co%252Fread...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5258532&time=1702776922830&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tm=gtmv...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5258532&time=1702776922830&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tm=gtm...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5258532&time=1702776922830&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLph-mhqrLJPwAAAYx1aeUt-_Dah-8pSQA9k-7CUgsaLtA-Dd0U-Do8eyE00OeyCohxCiXDbWlLKA
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7D692547FA28427DB438FAC041FAD865 Ref B: BRU30EDGE0806 Ref C: 2023-12-17T01:35:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMqqWqw0UzTPOETn2JZw==

Redirect headers

date
Sun, 17 Dec 2023 01:35:22 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9503552BF39449EFBD8269B3F22DC812 Ref B: FRAEDGE1412 Ref C: 2023-12-17T01:35:23Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5258532&time=1702776922830&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLph-mhqrLJPwAAAYx1aeUt-_Dah-8pSQA9k-7CUgsaLtA-Dd0U-Do8eyE00OeyCohxCiXDbWlLKA
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMqqWnILVJAtpA4Um/7g==
videos
api.dailymotion.com/ 		74 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time&limit=1&search=transfer%20Chelsea%20Inggris%20Havertz%20Kovacic%20Chelsea%20Boehly%20Romelu%20Lukaku%20Ziyech%20Berita%20Bursa%20Hakim%20Kante&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=tempovideochannel&sort=relevance
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e4447bdacc4737f4d6e541428b9565ba7e290ebba261dba6def30bd1498a4980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:22 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=91, dc;desc="dc3"
Content-Length
80
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 17 Dec 2023 01:35:22 GMT
Server
DMS/1.0.42
Etag
W/"Lh5BD1qWo-A4P6G5bNjCRw-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
collect
www.google-analytics.com/j/ 		3 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=976349232&t=pageview&_s=1&dl=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&ul=en-us&de=UTF-8&dt=Di%20Balik%20Eksodus%20Pemain%20Chelsea%20yang%20Buat%20Todd%20Boehly%20Merugi%20-%20Bola%20Tempo.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAEK~&jid=573664214&gjid=980377642&cid=469069242.1702776923&tid=UA-23817453-1&_gid=1254602567.1702776923&_slc=1&gtm=45He3bt0n81KNSBXFSv77757617&cd1=No%20Reporter&cd2=chelsea%2C%20bursa%20transfer%2C%20todd%20boehly%2C%20liga%20inggris%2C%20kai%20havertz%2C%20romelu%20lukaku%2C%20hakim%20ziyech%2C%20n%27golo%20kante%2C%20mateo%20kovacic%2C%20berita%20chelsea&cd4=Arkhelaus%20Wisnu%20Triyogo&cd5=null&cd8=0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd3=469069242.1702776923&z=502825587
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-23817453-1&cid=469069242.1702776923&jid=573664214&gjid=980377642&_gid=1254602567.1702776923&_u=YCDAgEABAAAAAGAEK~&z=1884019663
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 17 Dec 2023 01:35:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxW33a7GTKGUcXKrrNG1FxG1p69EjuzOLgC4CA5ax8gmL-Os6EwcX8_qUqmXJmbhhl7hLdH7ly18MHvVsTG7H5cOZPU5p_VcOUvxIn0g_xdA4ihhEpZvTUq83-OyKsYaocqfp2afJA==
fundingchoicesmessages.google.com/f/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW33a7GTKGUcXKrrNG1FxG1p69EjuzOLgC4CA5ax8gmL-Os6EwcX8_qUqmXJmbhhl7hLdH7ly18MHvVsTG7H5cOZPU5p_VcOUvxIn0g_xdA4ihhEpZvTUq83-OyKsYaocqfp2afJA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNzc2OTIyLDg2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ib2xhLnRlbXBvLmNvL3JlYWQvMTc0MDIyOC9kaS1iYWxpay1la3NvZHVzLXBlbWFpbi1jaGVsc2VhLXlhbmctYnVhdC10b2RkLWJvZWhseS1tZXJ1Z2kiLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5255a056a139d8a7fd775688d53106792e2932b1d768d95ed726785529e2048
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DSgTan0kc90wh3Uc6XJVbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-DSgTan0kc90wh3Uc6XJVbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 21:25:25 GMT
content-encoding
gzip
age
101397
x-guploader-uploadid
ABPtcPorK7SdOx9D0-XbxZI-ucFoefeNDDoBI41rnJAKBKLzpPyd_Ilsabixqvym6_79HuCGK2OQIo2s49jtCyg8m0eHLqvG-9Ou
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 14 Dec 2024 21:25:25 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 01:35:22 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
SB3XV3WX7D3TRQY4
age
2711
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
836b6dd84e393651-FRA
x-amz-id-2
XK/uEyn2Io5UalpG02MciRCI2T5BGC42ZH9PVGUjT++wf10oqSqzOVRQs4UsI2d0cvzgX31ynXk=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Sat, 16 Dec 2023 06:19:35 GMT
Via
1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
69348
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
wTbAKiBAx6SvuUPmaX-KSksSYgCiiwXoY0Kq4Bwh5-xtvEagLYwGVw==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36748
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230132-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIoNQFoJ5ebGRC0XcWd6GEelLd2T%2F8lfET0rg6m7CjJc3uX7bT8dqyK9%2BqEtJvCfwQCt%2FAc3x4UIYNGsc9MpUkizCX3f0jrtpuR3WhaRreCnEwKXDkWr6mvkTcFFzkfE8CuoDY4Zky3IrBEIjpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
836b6dd87bd89bef-FRA
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-6.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 04:16:07 GMT
content-encoding
gzip
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
76758
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
gT23Z4N6Gj70YAsUUGtMC8ETJbKwtBK722PUZdNCQOEhKEaI93qNTQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
3f56713ddd4d1839a8a368a767ac29e6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		1 MB
236 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1636798576634750&correlator=773759719752875&eid=31079956%2C31079239&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=14056285%2CTempo_Desktop_Bola%2CLeaderboard1%2CBillboard%2CNative1%2CNative2%2CMR1%2CMR2%2CMR3%2CMR4%2CSticky%2CSkinLeft%2CSkinRight%2CSkinAds%2COOP%2COutstream%2CPartner%2CParallax%2CInterstitial&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11%2C%2F0%2F1%2F12%2C%2F0%2F1%2F13%2C%2F0%2F1%2F14%2C%2F0%2F1%2F15%2C%2F0%2F1%2F16%2C%2F0%2F1%2F17%2C%2F0%2F1%2F18&prev_iu_szs=728x90%2C970x250%7C970x90%2C300x100%2C300x100%2C300x600%7C300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C728x90%7C1x1%2C120x600%2C120x600%2C120x600%2C1x1%2C1x1%2C1x1%2C300x600%2C1x1&ifi=1&didk=2715812436~1865957904~885525604~885525605~1901569848~1901569855~1901569854~1901569853~128166335~1732296709~1665015913~3314252860~1901343372~1659702481~1775384153~4092787398~2801877530&sfv=1-0-40&ists=17&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&sc=1&cookie_enabled=1&abxe=1&dt=1702776922874&lmt=1702776922&adxs=269%2C315%2C1026%2C-9%2C1026%2C1026%2C1026%2C1026%2C315%2C197%2C1419%2C877%2C0%2C0%2C0%2C411%2C-9&adys=1236%2C339%2C1423%2C-9%2C651%2C808%2C3476%2C4015%2C1106%2C222%2C222%2C1304%2C13492%2C13492%2C13492%2C150%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C-1%7C0%7C0%7C3%7C4%7C0%7C0%7C0%7C5%7C6%7C7%7C8%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&vis=1&psz=728x0%7C1070x250%7C318x1158%7C0x-1%7C300x250%7C318x16%7C326x12366%7C318x770%7C1600x-1%7C1366x13029%7C1366x13029%7C128x12%7C1600x13492%7C1600x13492%7C1600x13492%7C470x-1%7C0x-1&msz=728x0%7C970x0%7C318x0%7C0x-1%7C300x0%7C300x0%7C318x0%7C318x250%7C970x-1%7C136x616%7C136x616%7C120x0%7C1600x0%7C1600x0%7C1600x0%7C470x-1%7C0x-1&fws=4%2C4%2C4%2C2%2C4%2C4%2C4%2C516%2C516%2C516%2C516%2C516%2C4%2C4%2C4%2C516%2C2&ohw=1600%2C1600%2C318%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C136%2C136%2C1600%2C1600%2C1600%2C1600%2C1600%2C0&ga_vid=469069242.1702776923&ga_sid=1702776923&ga_hid=976349232&ga_fc=true&dlt=1702776921334&idt=1293&cust_params=topic%3DChelsea%252C%2520Bursa%2520transfer%252C%2520Todd%2520Boehly%252C%2520Liga%2520Inggris%252C%2520Kai%2520Havertz%252C%2520Romelu%2520Lukaku%252C%2520Hakim%2520Ziyech%252C%2520N%27Golo%2520Kante%252C%2520Mateo%2520Kovacic%252C%2520Berita%2520Chelsea%26pagetype%3Dinarticle_page&adks=3796489192%2C1063741250%2C892156969%2C365541704%2C3021926577%2C2315019309%2C1327523195%2C3925176951%2C2982763702%2C3655511942%2C1739778181%2C496400665%2C34746500%2C282985471%2C4219639192%2C3671322978%2C4172036706&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bf4cdd47a3940bb8f152e1e6ff5f8cc358fc41a95a296c2a557f476cf15dac3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241856
x-xss-protection
0
google-lineitem-id
6234454239,-1,-1,5363143180,-1,-1,-1,-1,-1,-1,-1,-1,5492634650,-2,5651903901,6263733491,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437359596,-1,-1,138311068885,-1,-1,-1,-1,-1,-1,-1,-1,138396382747,-2,138344234118,138437368581,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bola.tempo.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1D44 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 16 Dec 2024 01:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
41342
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13835
x-xss-protection
0
server
cafe
etag
9174524701941205614
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 15 Dec 2024 14:06:20 GMT
ga-audiences
www.google.com/ads/ 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23817453-1&cid=469069242.1702776923&jid=573664214&_u=YCDAgEABAAAAAGAEK~&z=1474722107
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-23817453-1&cid=469069242.1702776923&jid=573664214&_u=YCDAgEABAAAAAGAEK~&z=1474722107
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxU27sPVgVyYRG2HtcAE4zmkm4Zb0PB2-RDtdVANNZsdKwygSb0NXbxHehHHXGuk70vzChoEZ4fLeA7XpFgjom-y0tl3A8mqy1XqLUDXLUJOe_Kk7erhyoOuZUn5NToNycGnkobXIg==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU27sPVgVyYRG2HtcAE4zmkm4Zb0PB2-RDtdVANNZsdKwygSb0NXbxHehHHXGuk70vzChoEZ4fLeA7XpFgjom-y0tl3A8mqy1XqLUDXLUJOe_Kk7erhyoOuZUn5NToNycGnkobXIg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNzc2OTIyLDkxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9ib2xhLnRlbXBvLmNvL3JlYWQvMTc0MDIyOC9kaS1iYWxpay1la3NvZHVzLXBlbWFpbi1jaGVsc2VhLXlhbmctYnVhdC10b2RkLWJvZWhseS1tZXJ1Z2kiLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d318952cbcab65ad0c8cec65a85989db5499acf46372de02cf434fd7c0b4750c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IO9eqos7TNV59vXdGNJ0rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IO9eqos7TNV59vXdGNJ0rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rid=esp&cc=1
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
67eb7d7c944fc29587f7ccf530166d95a51ee3b667db6816c902ecadab9f0bb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-4hOOSK5axyyUZkkKpqqKgdVnIjU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sun, 17 Dec 2023 01:35:23 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://bola.tempo.co
location
/esp?url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
increment
id5-sync.com/api/esp/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://bola.tempo.co
date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
videos
api.dailymotion.com/ 		74 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time&limit=1&search=transfer%20Chelsea%20Inggris%20Havertz%20Kovacic%20Chelsea%20Boehly%20Romelu%20Lukaku%20Ziyech%20Berita%20Bursa%20Hakim&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=tempovideochannel&sort=relevance
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e4447bdacc4737f4d6e541428b9565ba7e290ebba261dba6def30bd1498a4980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:22 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=69, dc;desc="dc3"
Content-Length
80
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 17 Dec 2023 01:35:22 GMT
Server
DMS/1.0.42
Etag
W/"0VtKujkNpPH7zS5LXnN7uQ-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
all_an_white_4.png
advertnative.com/storage/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://advertnative.com/storage/logo/all_an_white_4.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.126.164 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip164.ip-139-99-126.net
Software
nginx/1.19.5 /
Resource Hash
23a7a772f258be3aec21ea1617a951c1f8a8867c69f446740826d0f6709b2129
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=15768000
last-modified
Thu, 23 Jan 2020 15:16:52 GMT
server
nginx/1.19.5
etag
"5e29b8e4-a78"
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2680
expires
Thu, 31 Dec 2037 23:55:55 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.142.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-142-223.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ab9bfb58bbdd2119e7e0dcc23321653d73fc432dc5cb2a37b44f887000731feb

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache
x-server
10.45.11.69
access-control-allow-credentials
true
content-length
60
expires
0
videos
api.dailymotion.com/ 		74 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time&limit=1&search=transfer%20Chelsea%20Inggris%20Havertz%20Kovacic%20Chelsea%20Boehly%20Romelu%20Lukaku%20Ziyech%20Berita%20Bursa&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=tempovideochannel&sort=relevance
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e4447bdacc4737f4d6e541428b9565ba7e290ebba261dba6def30bd1498a4980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:23 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=77, dc;desc="dc3"
Content-Length
80
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 17 Dec 2023 01:35:23 GMT
Server
DMS/1.0.42
Etag
W/"4RXN8htETGEqBgSveZxA3w-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
adsct
t.co/1/i/ 		43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c15f069b-3787-46b4-9508-2973bc180800&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=14fac89f-1910-48e0-83dd-332f888e879b&tw_document_href=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tw_iframe_status=0&txn_id=nzmrz&type=javascript&version=2.3.29
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
189
date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
6561796b5c38a395
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
cf62a013a1bb9a88a25fdd219024e07ecdb574da01c71cfd5f67a16d4c0f34bd
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c15f069b-3787-46b4-9508-2973bc180800&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=14fac89f-1910-48e0-83dd-332f888e879b&tw_document_href=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tw_iframe_status=0&txn_id=nzmrz&type=javascript&version=2.3.29
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time
168
date
Sun, 17 Dec 2023 01:35:22 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
96bf612423eec814
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
b2054fe83edf62e3593600877c8f45155660fd82ba60be8419980ece3093301e
content-length
43
videos
api.dailymotion.com/ 		74 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time&limit=1&search=transfer%20Chelsea%20Inggris%20Havertz%20Kovacic%20Chelsea%20Boehly%20Romelu%20Lukaku%20Ziyech%20Berita&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=tempovideochannel&sort=relevance
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e4447bdacc4737f4d6e541428b9565ba7e290ebba261dba6def30bd1498a4980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:23 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=77, dc;desc="dc3"
Content-Length
80
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 17 Dec 2023 01:35:23 GMT
Server
DMS/1.0.42
Etag
W/"5610Q1g7h-ERzPmcWDXg0Q-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
pd
google-bidout-d.openx.net/w/1.0/ Frame 70E7 		0
167 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 17 Dec 2023 01:35:23 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
videos
api.dailymotion.com/ 		74 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time&limit=1&search=transfer%20Chelsea%20Inggris%20Havertz%20Kovacic%20Chelsea%20Boehly%20Romelu%20Lukaku%20Ziyech&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=tempovideochannel&sort=relevance
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e4447bdacc4737f4d6e541428b9565ba7e290ebba261dba6def30bd1498a4980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:23 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=87, dc;desc="dc3"
Content-Length
80
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 17 Dec 2023 01:35:23 GMT
Server
DMS/1.0.42
Etag
W/"g5e1YF0-JgVgiuMvEEme1A-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
anchor
www.google.com/recaptcha/api2/ Frame 5901 		43 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=bsd4pqm3mgr2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7ac935e49b3fdd4c54a5af78ebeec59daa0111fcce5c4868f76e67fe06a2a24c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0k7cMv4xdMxt45gnHGGB_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0k7cMv4xdMxt45gnHGGB_g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 6511 		42 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jdj2bchr0vnu
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7d767d65fb31085a29beb3d81f92b4fe04651fbade7bc8fedf537f48736999ac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JIdlPYMWSkTWtn0j4tnskA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-JIdlPYMWSkTWtn0j4tnskA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=tempo.co&p=%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&u=B6a8ZBKM7DiBwzFmE&d=bola.tempo.co&g=30463&g0=bola&g1=Arkhelaus%20Wisnu%20Triyogo&n=1&f=00001&c=0&x=0&m=0&y=13492&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&b=3621&t=CNue7ZfFIMLkK6ESB5b3KOCZuBxQ&V=142&i=Di%20Balik%20Eksodus%20Pemain%20Chelsea%20yang%20Buat%20Todd%20Boehly%20Merugi%20-%20Bola%20Tempo.co&tz=-60&_acct=anon&sn=1&sv=BXZdSWCi7dOcrMqAACEuSHK467v-&sr=external&sd=1&im=061b0fff&_
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.59.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-59-187.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=976349232&t=event&ni=0&_s=1&dl=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&ul=en-us&de=UTF-8&dt=Di%20Balik%20Eksodus%20Pemain%20Chelsea%20yang%20Buat%20Todd%20Boehly%20Merugi%20-%20Bola%20Tempo.co&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20-%20Tempo.co&ea=Scroll%20-%20bola.tempo.co&el=desktop%20-%205%25&_u=aCDAgEABAAAAAGAEK~&jid=&gjid=&cid=469069242.1702776923&tid=UA-23817453-1&_gid=1254602567.1702776923&gtm=45He3bt0n81KNSBXFSv77757617&cd2=chelsea%2C%20bursa%20transfer%2C%20todd%20boehly%2C%20liga%20inggris%2C%20kai%20havertz%2C%20romelu%20lukaku%2C%20hakim%20ziyech%2C%20n%27golo%20kante%2C%20mateo%20kovacic%2C%20berita%20chelsea&cd4=Arkhelaus%20Wisnu%20Triyogo&cd8=0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd3=469069242.1702776923&z=488389686
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 08:56:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59911
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 6511 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jdj2bchr0vnu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 13:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 13:50:22 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 6511 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jdj2bchr0vnu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 08:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 08:01:10 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 5901 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=bsd4pqm3mgr2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 13:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 13:50:22 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 5901 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=bsd4pqm3mgr2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 08:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 08:01:10 GMT
videos
api.dailymotion.com/ 		74 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time&limit=1&search=transfer%20Chelsea%20Inggris%20Havertz%20Kovacic%20Chelsea%20Boehly%20Romelu%20Lukaku&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=tempovideochannel&sort=relevance
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e4447bdacc4737f4d6e541428b9565ba7e290ebba261dba6def30bd1498a4980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:23 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=96, dc;desc="dc3"
Content-Length
80
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 17 Dec 2023 01:35:23 GMT
Server
DMS/1.0.42
Etag
W/"_2bJpfMFyZU0QGiHvw1swA-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
www.google.com/js/bg/ Frame 5901 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=bsd4pqm3mgr2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 11:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
397232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6851
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 11:14:51 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 5901 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=bsd4pqm3mgr2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=bsd4pqm3mgr2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 17 Dec 2023 01:35:23 GMT
kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
www.google.com/js/bg/ Frame 6511 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jdj2bchr0vnu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 11:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
397232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6851
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 11:14:51 GMT
videos
api.dailymotion.com/ 		74 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time&limit=1&search=transfer%20Chelsea%20Inggris%20Havertz%20Kovacic%20Chelsea%20Boehly%20Romelu&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=tempovideochannel&sort=relevance
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e4447bdacc4737f4d6e541428b9565ba7e290ebba261dba6def30bd1498a4980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:23 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=70, dc;desc="dc3"
Content-Length
80
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 17 Dec 2023 01:35:23 GMT
Server
DMS/1.0.42
Etag
W/"L2kTAVpVIRUhbKVD-d-y2w-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
webworker.js
www.google.com/recaptcha/api2/ Frame 6511 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jdj2bchr0vnu
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw&co=aHR0cHM6Ly9ib2xhLnRlbXBvLmNvOjQ0Mw..&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&size=normal&cb=jdj2bchr0vnu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sun, 17 Dec 2023 01:35:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2D61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFqd-B3SAVb2J3bK68JEFkICsp9ifU6P8dLA0Xmxcl5aCfDO4rGDbwGvDETkKClaE9L2tXMeCp7mefV06chsSI1Gd_88naaqICb2U3gE1sgFhzBRuLGBDcDORXNXkCph5Jm8xwJRkX7KREHYtwsOiI9LCkn3TNBm4Z6zG1geBThYkREVSsykh7gKqvya24au_kE7roMj0Zf3xunDRcqlXlZCMl6E5r5oWtImvSWB23TtComqzdns0WJGKie3U864cwNDVAo-rT3L-RFoQD6udj7APwyAkSznmpJlyosqr19w887z_11xBbzY28TEWFQq9HNbNn0KlzS5U1w_FUJLvsioRAPt50st1viXFnRaWnJ-0h5nE&sai=AMfl-YQAPo8UyUHLdSXZV8kHKq0PI-eLkMiUXmdDtL45xGxU36yCi23KUmTAOm3ZIsW9oSJLr5Bk4lNLenVpA8S2YQ94hy9xrZZd2rsCsT3eTEh5zEBwimTMVIk0m-RjbKNymaeDW6n5Y8oxjVF-r3931-XQ&sig=Cg0ArKJSzMPWcGM8IcVbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:23 GMT
adopJ.js
compass.adop.cc/assets/js/adop/ Frame 2D61 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-99.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:28:23 GMT
content-encoding
gzip
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
499
x-cache
Hit from cloudfront
content-length
1921
last-modified
Tue, 11 May 2021 09:31:17 GMT
server
nginx
etag
W/"609a4ee5-d6b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-amz-cf-id
4t1Eiec0OFCcvsi3sti951ekKpqqoAChRAZwHxBjmYSoFJOio9yABw==
expires
Sun, 17 Dec 2023 01:37:04 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2D61 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
container.html
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4128 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 16 Dec 2024 01:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 64E3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 16 Dec 2024 01:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 37E0 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 11:48:30 GMT
age
308813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 11:48:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 37E0 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 11:48:30 GMT
age
308813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 11:48:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 37E0 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 11:48:30 GMT
age
308813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 11:48:30 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 37E0 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 03:54:31 GMT
age
337252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16661
x-xss-protection
0
server
sffe
etag
"6d0f8508d14b183a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 03:54:31 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 37E0 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 11:48:31 GMT
age
308812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 11:48:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 37E0 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 11:48:30 GMT
age
308813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 11:48:30 GMT
truncated
/ Frame 37E0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a835bf978eae51de1c210c53368a520812db4ed6bb51268551e2fc6ec9d3a9ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
img1.jpg
tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/ Frame 37E0 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/img1.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6dcd30de84f794e035e8b2a5897f2a1b230a86d652fe29ec28bbb6e96224e88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 00:25:53 GMT
date
Sat, 16 Dec 2023 00:25:53 GMT
x-content-type-options
nosniff
age
90570
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55029
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:52:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
img2.jpg
tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/ Frame 37E0 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/img2.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33ff2ab75b50399cf7512b3c5a1b57d57ddd986f9e4ab6b4c71a53825d248384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:04:38 GMT
x-content-type-options
nosniff
age
405045
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46139
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:52:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:04:38 GMT
txt1.png
tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/ Frame 37E0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/txt1.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
525da9eaf9ea30d5d7c23d92162cc9a042c9888206fe180e8a1bd174fe95d81d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 14 Dec 2024 19:11:51 GMT
date
Fri, 15 Dec 2023 19:11:51 GMT
x-content-type-options
nosniff
age
109412
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1858
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:52:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
txt2.png
tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/ Frame 37E0 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/txt2.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e517c9063aa53dd23a8d7b0b3c592886e8e55610b5c93068d778d7d5c9cc5077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:06:38 GMT
x-content-type-options
nosniff
age
480525
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5619
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:52:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 12:06:38 GMT
txt3.png
tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/ Frame 37E0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/txt3.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13654660816755ed701cb64b789457e591d7358229dbc2596f9169be6d0824e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 15:49:49 GMT
x-content-type-options
nosniff
age
467134
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8079
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:52:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 15:49:49 GMT
claim.png
tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/ Frame 37E0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/claim.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b986d700646d7482d4d2d507c49ac8cbceb1850cd0a7e2c6d06decfde74b927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:15:33 GMT
x-content-type-options
nosniff
age
461990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2735
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:52:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 17:15:33 GMT
logo.png
tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/ Frame 37E0 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/logo.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feae59cf001ba4020a52a3d90cdc62d2112a7a8147f54e4a533e14a7a52eec3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:11:00 GMT
x-content-type-options
nosniff
age
429863
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5628
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:52:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 02:11:00 GMT
cta.png
tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/ Frame 37E0 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/4056692051927138047/Vaillant-DE-B2B-BesserImTeam-App-300x600-DCM/img/cta.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb19c27f8bd0902abd6606440d4de8f4d8bd54700e6a04112401f155e2947acc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:11:00 GMT
x-content-type-options
nosniff
age
429863
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1265
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:52:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 02:11:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 1AC2 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 11:48:30 GMT
age
308813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 11:48:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1AC2 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 11:48:30 GMT
age
308813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 11:48:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1AC2 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 11:48:30 GMT
age
308813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 11:48:30 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1AC2 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 03:54:31 GMT
age
337252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16661
x-xss-protection
0
server
sffe
etag
"6d0f8508d14b183a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 03:54:31 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1AC2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 11:48:31 GMT
age
308812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 11:48:31 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1AC2 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Dec 2023 11:48:30 GMT
age
308813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 12 Dec 2024 11:48:30 GMT
truncated
/ Frame 1AC2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1444e461c740a9fc86a0801c70510c0a120d33bd76459921a4889500f330a842

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
img1.jpg
tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/ Frame 1AC2 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/img1.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da1665b9495b4fe21d8850e4269ebb94b45f01f6272098af30d9a8c383b37e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 06:05:47 GMT
date
Sat, 16 Dec 2023 06:05:47 GMT
x-content-type-options
nosniff
age
70176
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88152
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:20:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
img2.jpg
tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/ Frame 1AC2 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/img2.jpg
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bf6238ed413258a480a2a4550255220a959f007e3a08550934c2cd7ca425fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:50:03 GMT
x-content-type-options
nosniff
age
405920
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28517
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:20:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 08:50:03 GMT
logo.png
tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/ Frame 1AC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/logo.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4452bc4d16309455982365fbe44c9294333c29dc89a7d69d6e7ac9ea92ffafb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 14:31:01 GMT
x-content-type-options
nosniff
age
212662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2215
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:20:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Dec 2024 14:31:01 GMT
txt1.png
tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/ Frame 1AC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/txt1.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02662fae26a7590b79e3cb843a3fa32230e3993f657aafcb6deb32c72f840f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 06:56:45 GMT
date
Sat, 16 Dec 2023 06:56:45 GMT
x-content-type-options
nosniff
age
67118
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1612
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:20:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
txt2.png
tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/ Frame 1AC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/txt2.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02ae634650bd6f5d159bd3dc1106a964b1533c484e2bf5fe226d1dd422cd2837
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:38:28 GMT
x-content-type-options
nosniff
age
424615
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2198
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:20:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 03:38:28 GMT
txt3.png
tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/ Frame 1AC2 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/txt3.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06a92ad9413d4d22e50bb98e71dd503948311b789088d931366cb5bdc5f5f7ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 12:10:35 GMT
x-content-type-options
nosniff
age
480288
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7024
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:20:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 12:10:35 GMT
abspann.png
tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/ Frame 1AC2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/abspann.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1db2a90e6e3782834b6f20c298acd4ea7bac24eafe07b457c0f58e2130f442ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:14:54 GMT
x-content-type-options
nosniff
age
404429
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5305
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:20:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:14:54 GMT
cta.png
tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/ Frame 1AC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/cta.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6c673fc8a68cccb3da624320185b0534bce08bede2bb716f2a73d814714df06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:51:36 GMT
x-content-type-options
nosniff
age
405827
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1937
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:20:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 08:51:36 GMT
claim.png
tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/ Frame 1AC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/1128018211208698013/Vaillant-DE-B2B-BesserImTeam-300x250-DCM/img/claim.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2b99e0ac804013dc7370410a8653c4f42082e990c1000809eb9a9aea52d2c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:13:30 GMT
x-content-type-options
nosniff
age
404513
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1718
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 15:20:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:13:30 GMT
container.html
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B243 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 16 Dec 2024 01:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B69 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 16 Dec 2024 01:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 37E0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 20:39:47 GMT
x-content-type-options
nosniff
server
cafe
age
17736
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Sun, 17 Dec 2023 20:39:47 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 37E0 		344 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 21:48:36 GMT
x-content-type-options
nosniff
server
cafe
age
13607
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 17 Dec 2023 21:48:36 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1AC2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 20:39:47 GMT
x-content-type-options
nosniff
server
cafe
age
17736
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Sun, 17 Dec 2023 20:39:47 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1AC2 		344 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 21:48:36 GMT
x-content-type-options
nosniff
server
cafe
age
13607
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 17 Dec 2023 21:48:36 GMT
container.html
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 16 Dec 2024 01:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A461 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 16 Dec 2024 01:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 14D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 16 Dec 2024 01:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FE77 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 16 Dec 2024 01:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ptag.js
tag.adbro.me/tags/ Frame 625D 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba59bdfa5df7ac0f5efd3d15e24f89455c8f30e3b8260586c0429b2219c2887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 21 Nov 2023 17:35:08 GMT
content-md5
Kre+pSjv/5704F++6Kckdw==
age
2260
server
cloudflare
cf-polished
origSize=62811
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
836b6ddd5dad9bf2-FRA
alt-svc
h3=":443"; ma=86400
urvkncax.js
tag.adbro.me/configs/ Frame 625D 		1 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.adbro.me/configs/urvkncax.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5598f272f3841f00397e03c90ddf40d755c3cfe3b2a6b30201afbbd102cb8ee9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 16 Oct 2023 05:45:18 GMT
server
cloudflare
cf-polished
origSize=1763
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
836b6ddd6daf9bf2-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ Frame 625D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41aa81489480a7b032df8f8e5b2054248ce84de0a5c7cbe8587d49481b195062

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C36E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqf47D-wVM7l1opM4JUGaw18nlcWHvEnENmS1oqtVNZcPAw23uAAIOcHqHyV6V1tOUVaDYoWMYBFeCCNCXAIXB2xfv4D4YJrO9kootn7CwQHn0WwKLygCGa9UySvtn6THRExhY-m1DVfRdS5lyecvz1MmRQvUayYIdlBNW-CJuUOUfBlEFT9WMTTowOXctmVRMexOyJZJJ3Mb2eBAMCaLoBPF9wNWaFTWi4NbnMmZKI6f3skT3kf_6R37N9imj1I1WEbby6UtNZhI5oXSVD9x_v31mRivSHjfDUeD5D2tT9tkg2pmX5NwgeN299KdKI9af_vjxex6PPrUB9_jLnXr9ZaxgYRsNc8Z1N0jwWeI&sai=AMfl-YRb8Luptske3b_vzCVtn8VRk47-blczNnlgdJeg0ZhtLoFNDmRHG_zOwIx2v3PoMxIUqZiL-vIbP2eziMa1-P-lFR-fYWfTji1a6ZJzrXNwGkZAhRA57TICS_9-p15u8T-dysfBIGFqE3TZB82YlR2r&sig=Cg0ArKJSzJXHJvMCsOWpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C36E 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89562c2eba6b7da720920bf42e6d586e231d1269fde01f897bd709df00919462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29864
x-xss-protection
0
server
cafe
etag
205 / 19708 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
wrapper.min.js
cpt.geniee.jp/hb/v1/102432/1070/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/102432/1070/wrapper.min.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.51 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p051.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
687933e10052a9da8edc7cdf59c43bd3dec1a43dcadd93966739d20798ce0adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 06:56:44 GMT
server
nginx
etag
W/"657aa72c-279e"
content-type
application/javascript
cache-control
max-age=3600, private
cross-origin-resource-policy
cross-origin
expires
Sun, 17 Dec 2023 02:35:24 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C36E 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1CDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstas4P8mLyPfuGr3okCm-vKfzTsyx1RchU3wuByJcyvpEp-hNtaMnFaPKyo79kBZHbLgJD-jhcOBBvAPClywJQBjyei4HQM3K9XI8GGsVElkIvX0rOPFyqHYstE2pAfz3D6GAJQ8qpsLO9hdHnohhNTxKVH5ZWP7rurh12nC4-JNMkMPFapH2eJg-I2h03dBDHv5BsE7H0vLS9RFAno40vZsjxhb_OQim5SNN94l5HDzgaGwpwyoQuMl5g4JlWlqQsnpPCC2zuhC29wzAcAjXOVkhTP6BRk5u_vXl7DsOnfigMkcepNeVqiErTOc838RWedtQYKa9HfvWxntvqbbno9tl0U0O1YJUEeSvvV84uOqfEJrqNORj_jot9DKA_yXgRy1AnUjOI&sai=AMfl-YT_M0XgB55nIsX7A--mSf4G_iZodIYiejIJzz0bsQjG3g8R21zwWqcC1EDQWIbYWz9IGZL3rCduCXSabZwl7tNpm-vbphaZ0T99qAkTIxCdcrCpwcNKDYCjVfNK1avytp_0ATvDUaMa99UoTetc3Tj4&sig=Cg0ArKJSzNRBCMUT0euaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adopJ.js
compass.adop.cc/assets/js/adop/ Frame 1CDE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/assets/js/adop/adopJ.js?v=14
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-99.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:27:05 GMT
content-encoding
gzip
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
499
x-cache
Hit from cloudfront
content-length
1921
last-modified
Tue, 11 May 2021 09:31:17 GMT
server
nginx
etag
W/"609a4ee5-d6b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-amz-cf-id
rzY6JuhvRziZujimevAh846BJDNoyeeijcORRaaXcNA6JZAofQBb0A==
expires
Sun, 17 Dec 2023 01:37:04 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1CDE 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
container.html
0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CBD5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 16 Dec 2024 01:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TBVMQFZY8Y&gtm=45je3bt0v9106695579z877757617&_p=1702776922315&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=469069242.1702776923&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1702776922&sct=1&seg=0&dl=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&dt=Di%20Balik%20Eksodus%20Pemain%20Chelsea%20yang%20Buat%20Todd%20Boehly%20Merugi%20-%20Bola%20Tempo.co&_s=2&tfd=4050
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TBVMQFZY8Y&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame BB32 		42 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
68d1e86a16816c3a536a7119e0cf95ca4ee9aeb95845fadf514d3f4a12f45f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:23 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=HyhanUWrFZ6tp3IQNDOyCZviab2twBC_j_UwzjJWW1Fay-Dth4OCNya_ZzJTL62ckJdhQIzkZXz-xfJvgs33iUozpu_OyTEyjSE-QnFnOMVGTWFK-ztyWGdznHg-4TcXYhWhVefgJRKlevRZ1askuVgpoDmEsz0zOqScntpguUDrgVF1fVJGMth5dtnqQ6FWj56v8Lv-QjY8pZsJ-uuI26O1P_rTH6IUvZ8dbmHfT-_PaDDRPBXuel6F26Or_zM792LVSA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2488938
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4128 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4128 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4128 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
431934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 01:36:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4128 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3E58 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi7vbvGATAB&v=APEucNV5KspmEG3llheAcj-0tCio9M_y9Ujgqoq2Ocg55ovgGg-K_nVOCCoN1-Q8MDfHVX9sBN-cBy-wPBdRYvzAYZA2USKZ1rwfdAB-Jic2YmAWzBuV467i2_cBqyoD1clKTXtWywJaDDT8z3UJuKUCYuS2ABeXf7e4TqUPwAUCM7flfCTsFOk
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 64E3 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 64E3 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLmS-bmTStZ8Vif1ooB2o0jTqf130U5hoAtHukqDtOeDKfQVRBNPB0OWJjFu2tfAe33CoQhOqMdk7Pz4lDI-r2PISF4w0PesMbyyB_SeZ17RU-Fck
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 64E3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 64E3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 64E3 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame F55E 		39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8ced8ae4949739bd02c40d378e888a13292c8a42a3ead40829981d45b130cce4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Ng49JkWrFZ6tp3IQJOkQchqPXwqiQz54eMqkxy5dMs9ArIMdCfMYJqEwSjyDhmj5LTHrktwVHEbQzd0BaCQO6iiDHqyaCVgRzvgzPdEVgHJv9QAeVvVjmXZ8fx_Mjn9xBYr_GpifLwaSxF8U63r5OVi7HSRrhOTBR3Ht44tL6g8bg586aAv-zAkBlKboIIc_S2Th311sjerNSv_gMKY0OWD8YhfckLpCCj0cZSAsVanVMNQ3qzuhzlY_GdQKWEjiVdhelA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2981529
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B243 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B243 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B243 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
431934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 01:36:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B243 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame CA3D 		42 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
05866c5b04aecd7a2a18557020ef31b2c15b5a1ff157688ebe828c50117a42a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:23 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=agB4xkWrFZ6tp3IQw4ytbzw7taEBjJzbwtRrlBZIgdNd-Eif4is6F41sIqcalrlZj2hWwdRRfK8-OWczY0p5FctKLsrg2su7ABOQtHeO1EwuhXvDCGEnuAl2BwZG5ZrXQ6W3Fz4_jA6YvI06adkQmc70HElzg1zuUFXwjHKFZpP0vHyJJjVH3r07fEHHUO4GANhdHsbhYD-17LkA4KQQVd9SzBhhhCyWhefK6KCA22CEocFfZIvA1gRnwHsI_nQfsMXN0A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3366275
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8B69 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8B69 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8B69 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
431934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 01:36:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8B69 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
css
fonts.googleapis.com/ Frame 4FED 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 23:45:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 01:35:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4FED 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 4FED 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
9306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4FED 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4FED 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 4FED 		225 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 04:32:33 GMT
x-content-type-options
nosniff
server
cafe
age
75770
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Sun, 17 Dec 2023 04:32:33 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4FED 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 4FED 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7173 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNWbMzhMBkC2Tgkiqs7WSzFzsGLsU9iuRFvljJKGyw9TfQzc9zacfUXMnIbGUwj1tUG9kG04hew9PvMTSnFODwb2vHzhrjKsMq2D6ERiLqpeLucz08J2N67bsK22qwvf0zV1shzj24busj7zqL5eQLMchpbAlhby24P8trPJMMDXTfdEl3w
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame A461 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
3111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 00:43:32 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame A461 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 08:59:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
59732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 08:59:51 GMT
view
ad.doubleclick.net/pcs/ Frame A461 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu4FUh5r169e2zMrIFOJQN54valXI-f7MD4qZzRKW8_POSOUYRNSWmx71qmZhNajS8IxwINJdHL-ffTWFbyXnUcX1Qq5GdVyqf1uFGgff_fF5hy1w5m-61L6CQ5Z8VyBweojv-z9LJcjeB_Gbve0Txc_uunmLJKFN9fMAskc5-k_reT53Cp3mGunufRkplngMaCmGEL2KPUAhmRKvuoA5AFieTSSkIGu3I9c-MbhQjYsv-t92L924Pv3QKbnDxWGnwBO9_3V3GP68a_NqbSGKmRrV3gMpJIetPBCkPt8v03fkZf9vOPgvuwr1OnfBfJV8yoFpqokv5Hx_XnYOWH2PiL8JkbtqNBiLjX3zHPTZVKXNp_MyJrGlSWWdmFZbF0TD1PtKMFV7nXNOcnSckipF3FDiMSXWUjQauKHidrBfk3eg7J1p1qUnhbLOwDxrcTrwawV9rHsuBxeO4Maa9Len3YEeODgkFaxpaokmGCbnKJ-0sGf7Q0YJquu8TPuG6dd2RPOdrWi69oU-SzhD03Mfq83_pjq_4V_QpaZaSP96J3WqKIXARIZwG9REcNzX_Uruo_uHbuK8dyCPNun6kckas_SoPnl5lf19crT8JzzbCNzQyaMbJ1k8RnIFTvyApcRF8fApHqLkxqtgRK3dGxC_YxytCaj44T7hQ_7riwIKLM5w7jFMcKYChe-Aot-M3NzJvsZ-TeRE2L4-qNm4eN-0d714KiIXaD3jFjYu9W_Kz8DnuNCNSZ1FCeIKDf5PUMV4d9bhzXHe0EVwxEZMjpZldTs7vXpqCPi-ptpJ7XXKZhsPg78idrl3wb_JlzSK0v4rjHIkF3EicFX2xKbFagMpibxef3MlfWmNkWpiETWoMELS0gX1TPVGO1HajjwzZG77W61A7m6u2VNYDuEHDjmDGH2KrSjsuuyv0wCX7_mGu-olzuIKf4idgcmA3VbZu0F2CjJbYqULCZGU37B_wHvdDrciJsF3OkpefFdJUHev57tE8h7ObLZLydwNCo9j2C3_RfeIS9p3OJIJ-RLyDBBV3iNLYEQlh1M-gg-49CHwMXhiAqZtRgDvwpHzEJCEiQzeYc1Gec1w3eu5sb7DQbnCEEOiKwxjJUZu_r-2S_tzxoyCnO7hqZIilEvYvAhIv-WUvatUPHm5VrhVwUzAR9MeTnRaMF4DEPz4pBokuKXfFo45-ipW2znq17DB370aoF7a3iZ6cKWP51WAEDEDc9jLbKfHhFdnamuaMrtxGuOlrQnSoOZ4bRsq-oRUMGcyGe2wLjw97H0z0zCiscbnNJI6DxdoAW3Z0M3ACMIjHnTMyL9RU98u8NnrYl4HQJWVhdN3HuKIuikpC2wqxGW9uijV5P7yasPrV_8AHkK8h8OTJInlLC9TKwxiVshrUrTjhNlWZ4Vauqia6rNBq-yG2Bx5cAGXsRXcemEjLJi2TM9-nuYZAwF9qu3Ro38IK8Bs7zTOAO41U6&sai=AMfl-YRPwzJlq4Fl4Z0hZDPkjYD6Uw4Wy26O81LiKnfgcy9UDVETJlqt0WPIOD6q_jE2Y71Pv7rNJSazJXwYFwt6W5Ikq2kU7xXhXosqC9uKrNln4Yh3-Qn2-E2tpdFfrWaVH-yuot2m-DJJ35p-pEYnSR9nfkdLIX5okJBONxWm9H7NP8W2QpcNVVcO8MDx5PSuB3kb_VXNGzmLqO7Gqc8ZK3_nakrITFfiyJHU745_XWYShZSc7812lCt-0Zlm2Hze7x_n6yTAxwtx50yynu1fMx3JOzBbcGUZPH12Jcukc9eKMotXnxnE79B0OJtvbarR0C5ZSY2Or1aYMtY5uxHzK6Y8xXNGx1H1AoUWa4mVeaK8R85Kg8ztwCGjwTbLakMZEgeYF94LAQax4II7vDJzbUqLPsmMA-x3IO26g24NJflHBWizEbnzNa4U6Ti-xsTb8OlkYAhABoztpvKYyleUXTIJSrfuHBf7NdqW6XEWxxEbrNvkb37THCGejA3CwIu1JWKbOGEtMwEHZQ&sig=Cg0ArKJSzBWu2zmYf6tgEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yZWdudW1ob3RlbHMuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.59213&arae=0&ftch=1&adurl=
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 01:35:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A461 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
113415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A461 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A461 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A461 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6nH9Ov_eVM7w99Q6eGABfsV3zJsF7ExGRciTuAQdp2RGOOzSWox17KtGifqPjKgw-1RXmDhq6WxzSPQycMTSwWGX88AfjCixgz6XuPkIWbtmF580
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A461 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
7243646742988109102
s0.2mdn.net/simgad/ Frame A461 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7243646742988109102
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e42c44039f32056f1688d26ce8c2ebac6ab1c2eb9f647acd709038b14413f87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:57 GMT
x-content-type-options
nosniff
age
404966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124872
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 13:42:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 09:05:57 GMT
12764506924456472853
tpc.googlesyndication.com/simgad/ Frame 4FED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12764506924456472853?w=100&h=100&tw=1&q=75
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fd7670f875a893003e1b31ea9d17216b7ee322f17cd45d496fdf7b4e30cfe0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:02:19 GMT
x-content-type-options
nosniff
age
405184
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1876
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 10:09:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:02:19 GMT
truncated
/ Frame 4FED 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4FED 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
pixel
googleads.g.doubleclick.net/xbbe/ Frame 21CF 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNUclMV00DJVLo421Ze8OmkeocDdIy8F9FGYyp8vw0HIqyK46uPPHnR2VcO-Ol0QkCxHGNfFmrlq20URAveTmEl0zsDFQbXvEB34clGcIQoJEJ-L6qPyy9HK9ciZYMyFpFqUxyOKoolHwPr7DhSif9nroC7lmueFHAX-a5At6Bwl4bGTs9M
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
7243646742988109102
s0.2mdn.net/simgad/ Frame 14D0 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7243646742988109102
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e42c44039f32056f1688d26ce8c2ebac6ab1c2eb9f647acd709038b14413f87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:57 GMT
x-content-type-options
nosniff
age
404966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124872
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 13:42:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 09:05:57 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 14D0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
3111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 00:43:32 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 14D0 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 08:59:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
59732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 08:59:51 GMT
view
ad.doubleclick.net/pcs/ Frame 14D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsub8wHK_1eZ5byHm83s8TUGeKV3SBxZNd-J7WZEKa0KUIBF8igadX39fHRM5ND3rAvmLdZ_OB5aipAswcMeTPExKM1u1cHlEeF6L3Tbdm6Zf3QSW461O7GpUv8tuP-ftYBkbkxh7BAMh-B5lpnoIJISHoOb54Mh0gwoqCXzGVGa-vXAqSNpjlJbNqOBnfoVFEiBBoWrDPMHRdfU_iwzaUcpo_ET5GzRXRdvlW7lQsGloTY3OfxR_UFdwV2VOFzNaO9MFybATdxKPEVwivIs0hX5kjQQNWdEFuUJF2m6vR-2vTQgKNgJPd1b1REFSkiCPf4N9MT9vyKb7ejzGDPih333n7FpGZ_JfHy-Lt7KcDy0MTc6vkmuu0N5x3wBu325Ws4IJ8bCOwr1Bw4P35aUXlmtTh6NBE145ptbp2UtUZceRZtwcmiaS2PHU409lb4IvtdG2zRWdl6ritSwXSdvsuyJ64ZkQU7zD-pwNSEycQELc-AS1xJH5mHCX_bYjsY6DH9dQPHHkEHpOJuk-jAzjRV5rNmZW9DZYHuOLIyWSwJ08yIIn1eM2V6nkukgQIF59easDBSdkw4HPBYwF5EtanUXiX15hFKWyqWX_yT2ic-WXmIATXRyFX9cwBSdPwh9Abv7J8hGsBQOTxus4WkLZVTizhSl9UA3JpU-yQs4iAT6g7smB-IJzXxkA39CGpzP2FXG29-ndNEgMzh1nQKrl2NL6G5LMw2h1pgiMjThtW3sJ5zTcciKQsNQtsNLJdtq3tOe1IeI-QRstFClDDj92Uo4uOY0awT1aTvC64VfSuztQcCI9ETCpeafDOqXAHX1LNU6qpr0uIJvYExCPt4kTsoG3Pk90Sq_EA57W5Rj3Fr5YX2qo-Lba5J6OPPa73K4-zHV7HU3Z7X4SdrS4r7BVCMskVs-GAujCOBoR_-mmmSc_pEpVBWZ9UMjhFbYLbbvv9WwL6_0JDfLIrWNf87bZ7O7AnYqrWhw9KxbqpNh3Z472OHwPw4qVrZ7hGIotUDB38lfzQD2GTSXu6fiROsiZwbwvW2qnr6dcdm6n-FCAfhlLu_Rru_x3Rpc5A6wZPiUcVtv0HU4pLX1pSA6TbcK8t7IasktwntmCXUmJEvec2qeYrhrJ4IbfPhcG4gjQiV6yk6RWKXJZZO7x79AXWoGjSfO2vuQdcy_Sorg4gd6MV5fmXIBvg-nLyPxIfRYOFrMrGHFHOHTTR7MKx3ujArrmmkM3eZ5NppN-BOi5BODpKpG7LlR5R9DFD4ts_aDzgVeaR8DZBah7YhOKRjWKtwDnrpG1YwJx-C_sHWDSsr7g0br4Bxtkuiev2_iyKtidLK237hhzw9JjkPkCFdIPw5hmWKeVHw1aeiST2FRyAqy0WujFiJVdsfTHauJfGLgSTpyasqu6BS_qkruY8OOHqMy92YZTy4TmeISEKiY-os1DG7EOOd6SrK_UTJyWTCinnon_SZQPey0&sai=AMfl-YSxjtmDKLAmU1WynHu_xh77NYEImJAJDIgguRjeB-zsR9Em-AXi3gcEbTWshMB6uWwnXY8mkkgvtl56jty9G2OBH7i92Ky1iW3pxQK74ttfWoGTLO9lhUvieOltT23L6NIEMeyadXJH0zYBGPUI_rrV-f7rx0kfxCCE9-jnrn1f-0IPkEx8ONI58DZMudTFUkjFzzITIbgQUNaoZ4hp0DoWctRzojVoCLrjl3iVm9tZCxdUSDeC7Cqa3vu844ogKzIWO8zslDII-TDV6Ij5cFh9LVdeRQ2otpMQh6F10COADX_yDr-jd18-kvZhR4opNIYU4r48spF6tzxFy1u9B-Ky-_o6F2rvGJVyu_NvRn34TSg5aBtAhqfWizQeBM9sQ0bxAKebOpAKofcMAl7--wh23_nqzioMDgghmw9D8O9tt1P1fl9JlxyTBGfuTWiMMFQY4xDPcvCNgkdeJqMh_eIjoeDaNxGD-VBbv7BwdR3mV_SOdI_pLa8U5L8Q23aTkHaUIKpQa4mEgg&sig=Cg0ArKJSzDRkuN44DuBcEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yZWdudW1ob3RlbHMuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20231207.83137&arae=0&ftch=1&adurl=
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 01:35:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 14D0 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
113415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 14D0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 14D0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 14D0 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DwY5aYLK3ClLMcr5bJtSs8hn99vIZ7EH3QqgEUoKho9dliHvArmcF31ZDYLbJNWAbCt8IysPOz7Y8F-VGmG4f1afWu11QYCFe26ZGGX5zaIZqW-_w
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 14D0 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8E79 		43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
820f38e57524c4710d09238d042924b03a656393d1790c6151aba39ac9fa2b9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:23 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TgWDfkWrFZ6tp3IQ7O5-F4AMH64g1Fl-N79FcX-N-tg14IukxZfg3g2z0cqdi68JIy_qwOUxgcX5AAJarsnXe6b_5u27J2MQnPkqNcmY5GqPqhoCF5lGz8DzPBKga-JZmViHi8fnUTV4TVr4WGqQa21amOwO11l0YY_ypzT5HGrf_t-8jfoq1LtEindS02WZo_2qYaWQRsbLrRmKDLMC1s9UjcW5MAlxMKKLNobQfraYDf67IU8hl3mXAhNhn6UcqGgKlQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3516391
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FE77 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FE77 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FE77 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
431934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 01:36:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FE77 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
css2
fonts.googleapis.com/ Frame CBD5 		4 KB
671 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 23:50:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 01:35:23 GMT
css
fonts.googleapis.com/ Frame 1BCD 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 23:43:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 01:35:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1BCD 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1BCD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
9306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1BCD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40662
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1BCD 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1BCD 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:23 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 1BCD 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame CBD5 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 02:16:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
83908
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 02:16:55 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CBD5 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:46 GMT
x-content-type-options
nosniff
age
405637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 08:54:46 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CBD5 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:54:34 GMT
x-content-type-options
nosniff
age
427249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 11 Dec 2024 02:54:34 GMT
videos
api.dailymotion.com/ 		74 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time&limit=1&search=transfer%20Chelsea%20Inggris%20Havertz%20Kovacic%20Chelsea%20Boehly&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=tempovideochannel&sort=relevance
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e4447bdacc4737f4d6e541428b9565ba7e290ebba261dba6def30bd1498a4980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:23 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=69, dc;desc="dc3"
Content-Length
80
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 17 Dec 2023 01:35:23 GMT
Server
DMS/1.0.42
Etag
W/"ADOmbCQa_d_I9bBOdCtO5Q-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
truncated
/ Frame C36E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b08d33cd7873ffaea37f335bf073075677e23ee4d6abc2208f7d84e0d07d7490

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame BB32 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame BB32 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BB32 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 11 Dec 2024 01:35:24 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame BB32 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 11 Dec 2024 01:35:24 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BB32 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=vPAYDz6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIHFKCg0TtyjR3WLBVf_ggtiW_D0JWajmLXhQTnDyqEAJIMXCKOPtqHe24UCoEwy4HgD0PhtHIF711arlY6ZWKNRJ2vSAKY4PM6Z6BRgxYao7Nx7GSJStD6qIQCHI5C9nhlmNiMOn0HSM71hSKj9mhNEXvUXjsKe5yqfxFpb3qBTQ5D2_2c2veFd5ipbEM26kcPgDcqQu_nFgdEdHvMmw8p4wwK65t_9hHvm_7sta-wmV1IHk9ldhvvVqNWck7RkL3HjYK5DwQmNhmCOvpHmOKkxzbQnrM0eEKZJLbDVSg61Ig
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2124311
expires
Mon, 26 Jul 1997 05:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame BB32 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:00:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 17 Dec 2023 02:00:42 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame C36E 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
41344
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 15 Dec 2024 14:06:20 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame F55E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame F55E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame F55E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 11 Dec 2024 01:35:24 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame F55E 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 11 Dec 2024 01:35:24 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame F55E 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QqUvuyQ0FkOQdhOoCGBoAy4_9R6p6CqGf5aVSr5j5rNhItgoji1QyI1u7RcsXjjkyWS-jf5TXpsu1HL1mUPyCILUHaxJkkeK2K9ZcTn59NZaz3T21ZctSgw9Zq5t8pRu0lI6SuM2nEabjL8n4SnZy1Ta86c4tJRR9cgmDKclYMG12xSRYrhpAftxD0z8kfgqT5qguMYzgZaS0pRGqW0Cyz3BswDuAQg2FQ16FfHEL_GuVE_mlnexfRJlC4btvkqDcBT6F_jnVpGMEHWGuyZssWZfo97gZ6XasKux8fKItD_DErCZrgTsjNWcDPfR6W7SUADVRuLktOAsB4XDB5HjqhpvVg-d3uphQmVHR77V7NDbICUXeVGSbCSTqwV2rUeCkkxH1cu9NvsmFvoujLD2U4FgQ_1rS4wqCOkDl_I8Qo5up_4YG9Gq29MK2-JZlufjucvzQg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1760741
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
servedby.flashtalking.com/imp/2/199096;7989741;201;pixel;CriteoDE;PBCriteoCCRONCHDISPLAYFMMediumRectangleMultiscreenSZ1x1VLRTCPCMOCulturalExplorerTSE18ReiseinteresseADSS1X1PDDezember/ Frame F55E 		42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/imp/2/199096;7989741;201;pixel;CriteoDE;PBCriteoCCRONCHDISPLAYFMMediumRectangleMultiscreenSZ1x1VLRTCPCMOCulturalExplorerTSE18ReiseinteresseADSS1X1PDDezember/?gdpr=1&&&cachebuster=1702776923
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.128.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-128-137.deploy.static.akamaitechnologies.com
Software
prod-xre-app7.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Dec 2023 01:35:24 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app7.frk11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Sun, 17 Dec 2023 01:35:24 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame CA3D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame CA3D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CA3D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 11 Dec 2024 01:35:24 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame CA3D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 11 Dec 2024 01:35:24 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame CA3D 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Cc4lBiQ0FkOQdhOoCGBoAy4_9R5d48ZDNaDZRfweIGuDM_yFZLB0tgWz-hAy3v4VjHl2MkPXFRLsIbeiXSYz8-BjCeeqwX3hHVZcv7zYYbPPkSYiVA1BbYknLtup1Tz_sZ6_VO6MyLlFDK-VkjZdHGtF7v0-tG-VAO5mDfutCq1IB7ep81-PQlPOxErzJVpYix1dyQtFFpmpVo9uRNsB1ZwwTXq8B0VHkDI7Yx8la7-MMy1xH922eoSiGTw0N24IxAH_T9otzRwMznZCVhKw5RrdtrUJNHqKqyWGJJ5lYFQ9J2Uw6Wu2LhhP2ydGwXjp5TAUfZuA9HuSBMRYzocb3tvJSZN-c-4mITyY8xvD_hNZTi2d2LL3kb16-6EuHtH6jc958iDZn4z4BRHYx5m7JiBz4Q8EaBaXuV5syml02H2CZLqLJDctX9bajn7biuazuzqsGQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1934057
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
servedby.flashtalking.com/imp/2/199096;7989741;201;pixel;CriteoDE;PBCriteoCCRONCHDISPLAYFMMediumRectangleMultiscreenSZ1x1VLRTCPCMOCulturalExplorerTSE18ReiseinteresseADSS1X1PDDezember/ Frame CA3D 		42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/imp/2/199096;7989741;201;pixel;CriteoDE;PBCriteoCCRONCHDISPLAYFMMediumRectangleMultiscreenSZ1x1VLRTCPCMOCulturalExplorerTSE18ReiseinteresseADSS1X1PDDezember/?gdpr=1&&&cachebuster=1702776923
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.128.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-128-137.deploy.static.akamaitechnologies.com
Software
prod-xre-app15.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Dec 2023 01:35:24 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app15.frk11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Sun, 17 Dec 2023 01:35:24 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8E79 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8E79 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8E79 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 11 Dec 2024 01:35:24 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8E79 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 11 Dec 2024 01:35:24 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 8E79 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=LQqi8nbZ5xbSNj-dN4TkOx09FproFg8MWPlTfX5Pgx9unjOOa93dL_csw8T5qHRBfsXSPxYglAxRiJV81KQQADhh2eZIXDulTDtXQ4_klHx2j9ZY_1ZSGuI-5BceXIiBBrS74QjIUp-AshwO6RGUOUtcevPtv-6ANuKP0vwTY6MAL7lNtJduBYWoXlYrPjKVvWTDEjH7WEwte8wuNckzGnO2cDAHF7prYR6ytC1tnJZf9zaOzG7RJTIYk3ZEe6uyW-APiJVDKB0dn9-Av-XP0IvHFJdW6ftbLPzrWE0IpTRni41rkGZTsNnIpulZN1755-P0cpiVj_HeaGnIGelDFgywonp7M5ILBpZol4wCWOG16AiQEC1zYIxkqu1lm5OTDlaPDrc5yuSO9D91lGy_607KCSyw33uKKuLv29ERvkLdg4wFvT4TIxAWNFB1RPp92B4C8Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2255811
expires
Mon, 26 Jul 1997 05:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ Frame 8E79
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1278201/71854812/skeleton.gif?gdpr=1&
  • https://static.adsafeprotected.com/skeleton.gif?gdpr=1
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?gdpr=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Server
2600:9000:223f:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
461141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
qc_gZTNojywhuUhjLCsopEjkHa0g8XKZpQt4kKGg0Jm5pZJJ8fIW1A==

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
nginx
x-server-name
app46.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.gif?gdpr=1
cache-control
no-cache
content-length
0
/
servedby.flashtalking.com/imp/2/199096;7448142;201;pixel;CriteoDE;PBCriteoCCRONCHDISPLAYFMSkyscraperISZ1x1VLRTCPCMOBVFamilyTSE18ReiseinteresseADSS1X1PDSkycraperJuni/ Frame 8E79 		42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/imp/2/199096;7448142;201;pixel;CriteoDE;PBCriteoCCRONCHDISPLAYFMSkyscraperISZ1x1VLRTCPCMOBVFamilyTSE18ReiseinteresseADSS1X1PDSkycraperJuni/?gdpr=1&&cachebuster=657e505b47ad06fd02705c095cf2d2db
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.128.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-128-137.deploy.static.akamaitechnologies.com
Software
prod-xre-app12.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Dec 2023 01:35:24 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app12.frk11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Sun, 17 Dec 2023 01:35:24 GMT
syncframe
gum.criteo.com/ Frame DAD3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=bola.tempo.co&us_privacy=1---&gpp=&gpp_sid=-1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:23 GMT
server
Kestrel
server-processing-duration-in-ticks
336672
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
rum
dsum-sec.casalemedia.com/ Frame 3E58
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
43 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi7vbvGATAB&v=APEucNV5KspmEG3llheAcj-0tCio9M_y9Ujgqoq2Ocg55ovgGg-K_nVOCCoN1-Q8MDfHVX9sBN-cBy-wPBdRYvzAYZA2USKZ1rwfdAB-Jic2YmAWzBuV467i2_cBqyoD1clKTXtWywJaDDT8z3UJuKUCYuS2ABeXf7e4TqUPwAUCM7flfCTsFOk
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98AJYF6OmtMpf30k4elM1G3g%2FVUwNulk2FBEyEA2L8l2Xau7GYnsdcLNAeGRyPJQ%2BtlbpNj%2FtULKomMshvx%2B%2BjEeT7VMznb7tGZXKcbMknkbKpmRI%2BHATSyqUP7pFRy5FUfbBagjJJOugQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
836b6ddfca485d94-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3E58
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX5QXN9nhWViryBAQysDCQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi7vbvGATAB&v=APEucNV5KspmEG3llheAcj-0tCio9M_y9Ujgqoq2Ocg55ovgGg-K_nVOCCoN1-Q8MDfHVX9sBN-cBy-wPBdRYvzAYZA2USKZ1rwfdAB-Jic2YmAWzBuV467i2_cBqyoD1clKTXtWywJaDDT8z3UJuKUCYuS2ABeXf7e4TqUPwAUCM7flfCTsFOk
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIeYeNy478sWBfVQ2k5HIuN%2FYL6DM%2FhikadJpdd8lM1oBbqzOUd%2FSxLy2ix%2FvAJaHpi%2BindjBj%2BsMiXtyodgZxNAB9O0Bs0z9jIfh9Hq%2F%2FzvV2nM2Jc9EBbzwma6ddOZdF3QRuYP1r2l%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
836b6ddffa595d94-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 3E58
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMutR-TM5481hrIXxglKomk&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMutR-TM5481hrIXxglKomk%26google_cver%3D1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMutR-TM5481hrIXxglKomk%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi7vbvGATAB&v=APEucNV5KspmEG3llheAcj-0tCio9M_y9Ujgqoq2Ocg55ovgGg-K_nVOCCoN1-Q8MDfHVX9sBN-cBy-wPBdRYvzAYZA2USKZ1rwfdAB-Jic2YmAWzBuV467i2_cBqyoD1clKTXtWywJaDDT8z3UJuKUCYuS2ABeXf7e4TqUPwAUCM7flfCTsFOk
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
an-x-request-uuid
f793cc99-bb71-4ff9-bc62-fc16422a7ef9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
an-x-request-uuid
95293398-986f-4fe0-a101-19721a7552f1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMutR-TM5481hrIXxglKomk%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3E58
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxi7vbvGATAB&v=APEucNV5KspmEG3llheAcj-0tCio9M_y9Ujgqoq2Ocg55ovgGg-K_nVOCCoN1-Q8MDfHVX9sBN-cBy-wPBdRYvzAYZA2USKZ1rwfdAB-Jic2YmAWzBuV467i2_cBqyoD1clKTXtWywJaDDT8z3UJuKUCYuS2ABeXf7e4TqUPwAUCM7flfCTsFOk
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
an-x-request-uuid
3c8b4d14-e088-4501-a61f-9307036f8356
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 21CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNUclMV00DJVLo421Ze8OmkeocDdIy8F9FGYyp8vw0HIqyK46uPPHnR2VcO-Ol0QkCxHGNfFmrlq20URAveTmEl0zsDFQbXvEB34clGcIQoJEJ-L6qPyy9HK9ciZYMyFpFqUxyOKoolHwPr7DhSif9nroC7lmueFHAX-a5At6Bwl4bGTs9M
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcEW1FMzWCOdRJKkEcQ5XBXeFTu%2B%2BKsk1obtCZMb0Wpdrw0fWGon2d6zU5SyTRmzuoDtnPvr7dmPquQCqsubIRBJA1peX%2BpTsZMU0wPc9VO2bNykqNclVlidAHHyC82xnsW1IILoUxYHaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
836b6ddfca465d94-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 21CF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX5QXBMRhEaqlW-EA88eHAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNUclMV00DJVLo421Ze8OmkeocDdIy8F9FGYyp8vw0HIqyK46uPPHnR2VcO-Ol0QkCxHGNfFmrlq20URAveTmEl0zsDFQbXvEB34clGcIQoJEJ-L6qPyy9HK9ciZYMyFpFqUxyOKoolHwPr7DhSif9nroC7lmueFHAX-a5At6Bwl4bGTs9M
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58%2FycYPIamexMR4agM1k58J4y4ba%2BqwIhbpBc50CpNza%2FFJRLnmtIh0qSoHY5H%2FSgFBP6zOXqc9hb2PbeECuKeFh31e2QuFOjwRrRIMBY5l268Uy%2BpUvbCjo9vWTjB4%2BIMn55JUA%2BtkaSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
836b6ddffa5a5d94-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 21CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMutR-TM5481hrIXxglKomk&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMutR-TM5481hrIXxglKomk%26google_cver%3D1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMutR-TM5481hrIXxglKomk%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNUclMV00DJVLo421Ze8OmkeocDdIy8F9FGYyp8vw0HIqyK46uPPHnR2VcO-Ol0QkCxHGNfFmrlq20URAveTmEl0zsDFQbXvEB34clGcIQoJEJ-L6qPyy9HK9ciZYMyFpFqUxyOKoolHwPr7DhSif9nroC7lmueFHAX-a5At6Bwl4bGTs9M
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
an-x-request-uuid
880a8e1b-d803-40f8-80fc-019111da849a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
an-x-request-uuid
0a83ba75-3f85-4054-b99e-e6c15a5b803d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMutR-TM5481hrIXxglKomk%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 21CF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNUclMV00DJVLo421Ze8OmkeocDdIy8F9FGYyp8vw0HIqyK46uPPHnR2VcO-Ol0QkCxHGNfFmrlq20URAveTmEl0zsDFQbXvEB34clGcIQoJEJ-L6qPyy9HK9ciZYMyFpFqUxyOKoolHwPr7DhSif9nroC7lmueFHAX-a5At6Bwl4bGTs9M
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
an-x-request-uuid
19251d18-dd35-4522-83d5-cd74e34fb0ec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7173
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNWbMzhMBkC2Tgkiqs7WSzFzsGLsU9iuRFvljJKGyw9TfQzc9zacfUXMnIbGUwj1tUG9kG04hew9PvMTSnFODwb2vHzhrjKsMq2D6ERiLqpeLucz08J2N67bsK22qwvf0zV1shzj24busj7zqL5eQLMchpbAlhby24P8trPJMMDXTfdEl3w
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vx2MrUV9FQZnajzN%2FoQZiWV6fenQuxuQET9tVNkA%2FZEcfufCxlEMbVUHTBMe9GXvqK0R6p7hbNEIM49bLRzkrJs6z9jhMy%2FWwvRbY%2FlxlulYhF8Qt6xjk4Y2yWuiOHb8LEe7gOHwVTIslg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
836b6ddfca475d94-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7173
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZX5QXN9nhWViryBAQysDCQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNWbMzhMBkC2Tgkiqs7WSzFzsGLsU9iuRFvljJKGyw9TfQzc9zacfUXMnIbGUwj1tUG9kG04hew9PvMTSnFODwb2vHzhrjKsMq2D6ERiLqpeLucz08J2N67bsK22qwvf0zV1shzj24busj7zqL5eQLMchpbAlhby24P8trPJMMDXTfdEl3w
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oypfQ4ZqPT4Xqm0l8mGooLDaISRdY%2F8P%2BBmMR8fbsHcOVpz57lPx2JjZM11RkkQL69HtFxzGinPDgm7YAQjUhyYBs7ftRPH7kzO0mQiGJmkJL%2BK41wJWUP4Uhz%2FHn2ZYHd11%2Bg9LnYh5A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
836b6de02a695d94-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKCukT6jQICsN68B_QWCvWg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7173
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMutR-TM5481hrIXxglKomk&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMutR-TM5481hrIXxglKomk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNWbMzhMBkC2Tgkiqs7WSzFzsGLsU9iuRFvljJKGyw9TfQzc9zacfUXMnIbGUwj1tUG9kG04hew9PvMTSnFODwb2vHzhrjKsMq2D6ERiLqpeLucz08J2N67bsK22qwvf0zV1shzj24busj7zqL5eQLMchpbAlhby24P8trPJMMDXTfdEl3w
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
an-x-request-uuid
c00c6e70-b8a4-4d01-9e63-aae405365235
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMutR-TM5481hrIXxglKomk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7173
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMe68vACEMyGzM8DGJKbhfMBMAE&v=APEucNWbMzhMBkC2Tgkiqs7WSzFzsGLsU9iuRFvljJKGyw9TfQzc9zacfUXMnIbGUwj1tUG9kG04hew9PvMTSnFODwb2vHzhrjKsMq2D6ERiLqpeLucz08J2N67bsK22qwvf0zV1shzj24busj7zqL5eQLMchpbAlhby24P8trPJMMDXTfdEl3w
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
an-x-request-uuid
b6137010-aa91-42d7-9549-4ac8b0ad45e8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI1NzAyNTc3NjUyOTI5MDgwMw%3D%3D
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1AC2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 20:39:47 GMT
x-content-type-options
nosniff
server
cafe
age
17737
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Sun, 17 Dec 2023 20:39:47 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1AC2 		344 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 21:48:36 GMT
x-content-type-options
nosniff
server
cafe
age
13608
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 17 Dec 2023 21:48:36 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=8.522482518061539
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3Dh90-cYxLpD4Znc1822BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-3Dh90-cYxLpD4Znc1822BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.286172163272305
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qNts--hjig5Azsl1l-Loxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-qNts--hjig5Azsl1l-Loxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame A461 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu4FUh5r169e2zMrIFOJQN54valXI-f7MD4qZzRKW8_POSOUYRNSWmx71qmZhNajS8IxwINJdHL-ffTWFbyXnUcX1Qq5GdVyqf1uFGgff_fF5hy1w5m-61L6CQ5Z8VyBweojv-z9LJcjeB_Gbve0Txc_uunmLJKFN9fMAskc5-k_reT53Cp3mGunufRkplngMaCmGEL2KPUAhmRKvuoA5AFieTSSkIGu3I9c-MbhQjYsv-t92L924Pv3QKbnDxWGnwBO9_3V3GP68a_NqbSGKmRrV3gMpJIetPBCkPt8v03fkZf9vOPgvuwr1OnfBfJV8yoFpqokv5Hx_XnYOWH2PiL8JkbtqNBiLjX3zHPTZVKXNp_MyJrGlSWWdmFZbF0TD1PtKMFV7nXNOcnSckipF3FDiMSXWUjQauKHidrBfk3eg7J1p1qUnhbLOwDxrcTrwawV9rHsuBxeO4Maa9Len3YEeODgkFaxpaokmGCbnKJ-0sGf7Q0YJquu8TPuG6dd2RPOdrWi69oU-SzhD03Mfq83_pjq_4V_QpaZaSP96J3WqKIXARIZwG9REcNzX_Uruo_uHbuK8dyCPNun6kckas_SoPnl5lf19crT8JzzbCNzQyaMbJ1k8RnIFTvyApcRF8fApHqLkxqtgRK3dGxC_YxytCaj44T7hQ_7riwIKLM5w7jFMcKYChe-Aot-M3NzJvsZ-TeRE2L4-qNm4eN-0d714KiIXaD3jFjYu9W_Kz8DnuNCNSZ1FCeIKDf5PUMV4d9bhzXHe0EVwxEZMjpZldTs7vXpqCPi-ptpJ7XXKZhsPg78idrl3wb_JlzSK0v4rjHIkF3EicFX2xKbFagMpibxef3MlfWmNkWpiETWoMELS0gX1TPVGO1HajjwzZG77W61A7m6u2VNYDuEHDjmDGH2KrSjsuuyv0wCX7_mGu-olzuIKf4idgcmA3VbZu0F2CjJbYqULCZGU37B_wHvdDrciJsF3OkpefFdJUHev57tE8h7ObLZLydwNCo9j2C3_RfeIS9p3OJIJ-RLyDBBV3iNLYEQlh1M-gg-49CHwMXhiAqZtRgDvwpHzEJCEiQzeYc1Gec1w3eu5sb7DQbnCEEOiKwxjJUZu_r-2S_tzxoyCnO7hqZIilEvYvAhIv-WUvatUPHm5VrhVwUzAR9MeTnRaMF4DEPz4pBokuKXfFo45-ipW2znq17DB370aoF7a3iZ6cKWP51WAEDEDc9jLbKfHhFdnamuaMrtxGuOlrQnSoOZ4bRsq-oRUMGcyGe2wLjw97H0z0zCiscbnNJI6DxdoAW3Z0M3ACMIjHnTMyL9RU98u8NnrYl4HQJWVhdN3HuKIuikpC2wqxGW9uijV5P7yasPrV_8AHkK8h8OTJInlLC9TKwxiVshrUrTjhNlWZ4Vauqia6rNBq-yG2Bx5cAGXsRXcemEjLJi2TM9-nuYZAwF9qu3Ro38IK8Bs7zTOAO41U6&sai=AMfl-YRPwzJlq4Fl4Z0hZDPkjYD6Uw4Wy26O81LiKnfgcy9UDVETJlqt0WPIOD6q_jE2Y71Pv7rNJSazJXwYFwt6W5Ikq2kU7xXhXosqC9uKrNln4Yh3-Qn2-E2tpdFfrWaVH-yuot2m-DJJ35p-pEYnSR9nfkdLIX5okJBONxWm9H7NP8W2QpcNVVcO8MDx5PSuB3kb_VXNGzmLqO7Gqc8ZK3_nakrITFfiyJHU745_XWYShZSc7812lCt-0Zlm2Hze7x_n6yTAxwtx50yynu1fMx3JOzBbcGUZPH12Jcukc9eKMotXnxnE79B0OJtvbarR0C5ZSY2Or1aYMtY5uxHzK6Y8xXNGx1H1AoUWa4mVeaK8R85Kg8ztwCGjwTbLakMZEgeYF94LAQax4II7vDJzbUqLPsmMA-x3IO26g24NJflHBWizEbnzNa4U6Ti-xsTb8OlkYAhABoztpvKYyleUXTIJSrfuHBf7NdqW6XEWxxEbrNvkb37THCGejA3CwIu1JWKbOGEtMwEHZQ&sig=Cg0ArKJSzBWu2zmYf6tgEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yZWdudW1ob3RlbHMuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=195&vt=11&dtpt=194&dett=2&cstd=0&cisv=r20231207.59213&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 14D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsub8wHK_1eZ5byHm83s8TUGeKV3SBxZNd-J7WZEKa0KUIBF8igadX39fHRM5ND3rAvmLdZ_OB5aipAswcMeTPExKM1u1cHlEeF6L3Tbdm6Zf3QSW461O7GpUv8tuP-ftYBkbkxh7BAMh-B5lpnoIJISHoOb54Mh0gwoqCXzGVGa-vXAqSNpjlJbNqOBnfoVFEiBBoWrDPMHRdfU_iwzaUcpo_ET5GzRXRdvlW7lQsGloTY3OfxR_UFdwV2VOFzNaO9MFybATdxKPEVwivIs0hX5kjQQNWdEFuUJF2m6vR-2vTQgKNgJPd1b1REFSkiCPf4N9MT9vyKb7ejzGDPih333n7FpGZ_JfHy-Lt7KcDy0MTc6vkmuu0N5x3wBu325Ws4IJ8bCOwr1Bw4P35aUXlmtTh6NBE145ptbp2UtUZceRZtwcmiaS2PHU409lb4IvtdG2zRWdl6ritSwXSdvsuyJ64ZkQU7zD-pwNSEycQELc-AS1xJH5mHCX_bYjsY6DH9dQPHHkEHpOJuk-jAzjRV5rNmZW9DZYHuOLIyWSwJ08yIIn1eM2V6nkukgQIF59easDBSdkw4HPBYwF5EtanUXiX15hFKWyqWX_yT2ic-WXmIATXRyFX9cwBSdPwh9Abv7J8hGsBQOTxus4WkLZVTizhSl9UA3JpU-yQs4iAT6g7smB-IJzXxkA39CGpzP2FXG29-ndNEgMzh1nQKrl2NL6G5LMw2h1pgiMjThtW3sJ5zTcciKQsNQtsNLJdtq3tOe1IeI-QRstFClDDj92Uo4uOY0awT1aTvC64VfSuztQcCI9ETCpeafDOqXAHX1LNU6qpr0uIJvYExCPt4kTsoG3Pk90Sq_EA57W5Rj3Fr5YX2qo-Lba5J6OPPa73K4-zHV7HU3Z7X4SdrS4r7BVCMskVs-GAujCOBoR_-mmmSc_pEpVBWZ9UMjhFbYLbbvv9WwL6_0JDfLIrWNf87bZ7O7AnYqrWhw9KxbqpNh3Z472OHwPw4qVrZ7hGIotUDB38lfzQD2GTSXu6fiROsiZwbwvW2qnr6dcdm6n-FCAfhlLu_Rru_x3Rpc5A6wZPiUcVtv0HU4pLX1pSA6TbcK8t7IasktwntmCXUmJEvec2qeYrhrJ4IbfPhcG4gjQiV6yk6RWKXJZZO7x79AXWoGjSfO2vuQdcy_Sorg4gd6MV5fmXIBvg-nLyPxIfRYOFrMrGHFHOHTTR7MKx3ujArrmmkM3eZ5NppN-BOi5BODpKpG7LlR5R9DFD4ts_aDzgVeaR8DZBah7YhOKRjWKtwDnrpG1YwJx-C_sHWDSsr7g0br4Bxtkuiev2_iyKtidLK237hhzw9JjkPkCFdIPw5hmWKeVHw1aeiST2FRyAqy0WujFiJVdsfTHauJfGLgSTpyasqu6BS_qkruY8OOHqMy92YZTy4TmeISEKiY-os1DG7EOOd6SrK_UTJyWTCinnon_SZQPey0&sai=AMfl-YSxjtmDKLAmU1WynHu_xh77NYEImJAJDIgguRjeB-zsR9Em-AXi3gcEbTWshMB6uWwnXY8mkkgvtl56jty9G2OBH7i92Ky1iW3pxQK74ttfWoGTLO9lhUvieOltT23L6NIEMeyadXJH0zYBGPUI_rrV-f7rx0kfxCCE9-jnrn1f-0IPkEx8ONI58DZMudTFUkjFzzITIbgQUNaoZ4hp0DoWctRzojVoCLrjl3iVm9tZCxdUSDeC7Cqa3vu844ogKzIWO8zslDII-TDV6Ij5cFh9LVdeRQ2otpMQh6F10COADX_yDr-jd18-kvZhR4opNIYU4r48spF6tzxFy1u9B-Ky-_o6F2rvGJVyu_NvRn34TSg5aBtAhqfWizQeBM9sQ0bxAKebOpAKofcMAl7--wh23_nqzioMDgghmw9D8O9tt1P1fl9JlxyTBGfuTWiMMFQY4xDPcvCNgkdeJqMh_eIjoeDaNxGD-VBbv7BwdR3mV_SOdI_pLa8U5L8Q23aTkHaUIKpQa4mEgg&sig=Cg0ArKJSzDRkuN44DuBcEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yZWdudW1ob3RlbHMuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=196&vt=11&dtpt=196&dett=2&cstd=0&cisv=r20231207.83137&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
main.html
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/ Frame A54B 		11 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9d5fdcf647f9e0947f3650f57ccfa9a6f9e4e6a24c09dd0b9f5502fedcd8c2a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:24 GMT
etag
W/"657194e9-2ab5"
expires
Wed, 11 Dec 2024 01:35:24 GMT
last-modified
Thu, 07 Dec 2023 09:48:25 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
main.html
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/ Frame 10C6 		11 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9d5fdcf647f9e0947f3650f57ccfa9a6f9e4e6a24c09dd0b9f5502fedcd8c2a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:24 GMT
etag
W/"657194e9-2ab5"
expires
Wed, 11 Dec 2024 01:35:24 GMT
last-modified
Thu, 07 Dec 2023 09:48:25 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
main.html
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/ Frame FE2C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/main.html
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3cb14e9c8a2d4d3e521fb97ce0d55514724737937967b9ee8f37ce1d78bcb083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:24 GMT
etag
W/"6544cd8d-1ab9"
expires
Wed, 11 Dec 2024 01:35:24 GMT
last-modified
Fri, 03 Nov 2023 10:38:05 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
gen_204
pagead2.googlesyndication.com/pagead/ Frame 64E3 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2663250324417&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 64E3 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2663250324417&version=m202309260101&ct=77&x=1&cor=6359564635869382000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 64E3 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGmMs09sAkeTxSAx4_yOpNvmPp2O0Nr3cXjWxx7yfXUA5YzgaTJ4o1Tly7x3MMBYqtR7Of_27e_RaqiznubfQ_Enggal_V193StQ4lsfvtWe7ntm0mfSrDa3QvQCKHDwK6kHY_BVvrF_y2kYUKjY0N9qih3Veqy18_fj-GPeVDwisr5mQ&cry=1&dbm_d=AKAmf-A8sQZuMK-deBMuELKbeKGqReiQgWSwmXXgwwGGqC2TiV8O21mBSu0yFNUChiKymAp3QsIqYjPG0zSqVuaw3XwNzd1PIq-A_Hgc3PE2FKa6ahu1L4VMuwBUqxjQ69dPLbnLRdhiOQ0dOF0M4PmXpSbwO4uy7fWLwusYt35Q0l5m8c2LBmbqxK6Ju1W-dkMM-g6MoWqjmUio_RFbxDUt5umY38gg80xqwXhCZydL3zsYob7M5YnY-eJCe9DTEAZThsJWja09Whll9r0Fep89DJxyagDrRUod74MG536aVrRA27zqurcWDvVt89j0JPNgw-orQx0lPQRdmgZD8YvuQSW3dgZFUecVOvJRdwuI3NDwcdMFGwdftOXloM5uQX5-g8c5Epqj8KVYHa3K5N3kQ4s0wPKbL_LQ5claEOkXNxe24rnnyt8Yu_DkmB_x3iw3W3YBSPEO1RVRhpSx3Pc2di0Qnx4aoIfHVE0h258SrKc8TSX2sEIUolmPp_VtYhdvvAH_-s-zHqj34IZA7_0dCPY59Lxf8cIOpxLyi-k5G3I0dGQb47gaNuf_vyrVT6SDl0xJaOw0_--liQC40js3oLPRuI_4RJvCKqjqQY6SQw12gxZ1Xrl9YBqqg6cQ0rNnuyc5MWeZPbrNFZrz5H4auX0c65wBTc0Ibv5qDfiOh474f-Z-hb-GWADh5iAYHwv5Kh0jqkiOrvnZu2eDpElGZSv7px2m3nCAWC9ae9TpPDfHwWkYv0Fu_aQgeaT-kBy6Z50MuqDyolxjHY6hgJkmomdtqWfn0avg4pEJH8WPgcJS5YFOLdkKFkcNlQa3EEU36nsrdbUS91BMsOvgLbxfqzGmYt8ofFLXK3kWxIaCtVzZVT-lCzNz01G4TfREja5butkHHaMssi8crW-dCf7gA6KbuDx_-dtbCdIRgs_g7Q6DTgjT28TJCJmu18pyd19EvUQFfzH7P-zaWTearVUVxvpP69rkC4cuKpRykhgJZHBIoA9HWDwr1GxemmdrVtkcHyEmegOik4eEaVA3eJ9XuXrFtyBGP-1wcasTU4aKwyNeXhaJxS8wy0-BEATXfXR3uaQfjCshkpIF1YW6opDywHMzlZh4-ag3jlEp0M3dTRVstS1MbriPmcT7LS1tn9gEQ0hkps_voL3_DI08u3vWlG0ihl68EZcGJ46MXzsvCIfB3c2Kd-QgpF244uNvvb__xNI1I740dZYJ74IIOZmuIEHmscWzfeg8thSEgYCEFo7Wk7B4tXjASsAPKWCIbUAKiL_5Ez17Awn5wTwLKjC8-9A11ssH939jaUQfPRAe4rEsGFDkqU1TYaxyaR7vGK4sS90t_nAcmdAT_3-Q3j_2wHfMI7Y1HdbpsVI-63J6iaFWTl_Uuw5hnFDtLUKM28SkewfHriCT1CsiDyjjHQCRIxvV0zVWy67ED0TWzROEKc5zkE6IFfiYlDzpbYk0Ib_NjvcWrq0bAn4vS_Mzro9FyodxpmL5On3HS4GZHc5HXVtyB6j46f8AUr4YzS8lk6PYn-YdHx3fg9W4OmtuETzMllXM2idpsgseuD6SIiptTJKPEXKvz-e5qJT0q8k6H8bRjQoJ5uLkxYjs7N9jzwhmR8QZTUgVlz3amWq9mZCC_XoTR9rPl87autdf7gKMM72-O01BcqO3uvi5IGcU3PJPF-ECsWmLa0ReUzCJrDR-nQeiS-aUiuU20J0wfvRgWZyoD1YrUgLjS8f7TMxnUDxF0sLwsLn0LUFiL8XdQ8L-UEXgWFqhvGmP0BwrfKUOF3PEPWWjhU_XHpd4JwFJ6gtvqez0NKRlaRcTsp1pcLIxFQleiS-xrbAkB_NFZDYbA9ldagmn1132IlzGUQTDAkVzf4JJtq43yKBMHJFTEYGjMV-glGVgj-4EHpkUabu76J7YsEjzgqD3-IU2LDWOa4k0nR7Ne-qX2xFHMV9NSE4bMOB4JLY16U0_mLtTatHgSfE9X6H-Cmeuv4mUSVPsJ6XhUWZe-zpGROavGFYOaAimutZXL3lESzHKlugWMeMDK-I_huZzFEdKU_dJ93YlHecZQeU2nBa9K_rd7frkMwPuQjjncEzRQrU1kh-4N_9hNgMGHIkk9qZ89Xj7fFZZJxlA9ebos5UzdfKGV9lNElLAjXJMNMjecCcJDsUaMI_crRrMry5FBNDRAS_No_zhpPpAcEDBnIwhwSBK1uDmcJMvcUz8OqL0ZeRV6wXjUhYgvmWKBCqb3-HGnEiGkjrH9ojLIjBLFGoufIC_enf9P8OFvqjgZTW_Ecb9F0HEDZpA9Z_PvqoQp-KY-XLLVZoOImWCwXjsc6P4gj8tNjHxO7xulxDKFoH1z6Hqh20pgpas59ZIUaScm3uAMUrBArHjiksY8V9F_x4BySXboQEoeflFVWpyftHNxd0hLUKxm8WWlh3HUMkZ5_IIE-Ug1li27NeixGzOxE-4JYBKc9UBDHKwp-GFVltjnTczBbSwvY2wOWAyjAn-EQUX9DMQ5kp2wLKipjL_8N69xl9jxjaoKDBFYy8zbJCx-fHtxMWyQ1xgJmnQv216UGUdyj6YDBo65W-S1XsT2e69HkgqZDGqHX0ktoMFNrg8mmWFcrNjFVqOH5PuQrzbDDB95Ggqxb3I2Si2aFDR2qB-eILcwR6Lbn0DVvqPHVfpb4TRIV0OacH1byqYp71GIItF1hzNymVQSy4vq3H4TEKAiatdH5WPRxin6XvbHI6Bj9A32Z_RLq6oF7B58SzbOWqsIoRIpTVzud9PWF-r7GurWSQOWnoRoqK5_4zQ4tyQVBw4_-dyvHq5yRAmpWGCZkhSMzauiVk-rozYujaz7bJ2mib0SADXiTgrc_PmS389TKlHNzmWw31G0En-PntEffIcaHc8WlmQODI8Qak9MurHxgo4iL21wmofcNM4XAhpADegfXaEo2uvSC5xITJmQNJJSyaO33rT2goJHS4DH54SuMLkjL0fDHWC-xZ8lC5Z3dylb3kJxzbmG23RZf4w4m1Y1rYjDoSnu1PJK6SnTMnN2AkiVm98MqfHO1ErcahvdS5IDHbhWvVVB9gNwhCeG_82FUMcSwrs0k13jOm96S60-QMX_L1EMG1M77Dl9Wv9v0tCNXF6ByiKdiIqoDUKqeLAPoLj2FXb0uwlT3dlg7Iv2wWWr-IQy-Jg3Z-WETKrm0f_0Bxj1yWmNAwk44Wip0cHEnFkFUuJ0lFewX9slsuxKSh7AP1AOQi6OmHGc1jbSNcI4JldzqLTWM9PydBjOHyYCsicyTIca4Oozc-Tb28I-WqSChjKIC3VRNdIyQziiBma4GUiynqFdLoQbgNUVO3JBoKBmUK_IVRUGsdCs4wK0WuKQ75rsSv3EOJKXeb2QgDoUaLQZhVPT4KktNJbA7hLio3R0saB5W9lwWf5YTE6c4-jS0FZS_cMTpHiO9gnRx-nl4k0m4akAz2Q_U5aTi-_yjun4NlScfnTlZeIwN1uXLzmaIQoEFqTpv08EvEpuFR_Bip3IodkEqvsrgfsqGPItYpXd0h4OBBS2MRp7dnfMmyRL8otF0dnoY-0Yp_JAftYK2BihPRBYtDURetElBiFu66w3Tav1EBHnzrIvkl8ekRQUwdJ3poIcnYR1PzVvSiSiksSowB-fmGudYCqJeW2GYR5PG_o2gLZCPJl01NGIxaTw7a0pjlBl8j_UfK87qoMopoL6kJXtj1_t4uXsk0tS1V30XHkF9rVWML2wDzRd6PH6hp7OQNUALyJQ6l8Vmo3psem3V7H9qAHUG0kb3iAmGJDRq-m7e9XvyLAs5OhEkbiCkyA_8oYG8NHkJCVytkTwoQdEG90zU17iluEpxOVWQD8AUKf_64wfKCWh8soRhTuHYubE_ET5x2O5tlm7KBzk4Fssu2vlCNR37VjcvcSjtuG6T-mpkJ0TUezZUEkfdm6sKVXgCs5eB988xwr-MQsh8ck418HYroITlIk4kyZ8fg51b6DAgSi_-SvnFCXfKSzZoyT_iF-XxBhgeG5PHwwlrN1VFBEk9lVFUIV4pVcdw5KAYGEf9h1Oenm-pgdtCpd7bqyyEq385spPZkbNpi-_koLkxQEMk9Fa-7P2lQNjOaqMTvPCLvHsCKEIj2VAg&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbola.tempo.co%2F&ds=l&xdt=1&iif=1&cor=6359564635869382000&adk=4020099330&idt=120&cac=0&dtd=21
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee66edd462c5f20df5b98f22ad04aa863ffa010077279136badb892faf4869ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13808
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 37E0 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/id.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 20:39:47 GMT
x-content-type-options
nosniff
server
cafe
age
17737
etag
12948112503563494795
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
expires
Sun, 17 Dec 2023 20:39:47 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 37E0 		344 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 21:48:36 GMT
x-content-type-options
nosniff
server
cafe
age
13608
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sun, 17 Dec 2023 21:48:36 GMT
truncated
/ Frame 1CDE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
535c948a3fb70f61e32d7ee2bc9a4a56b651d05cdad873cdfc2b34fa1d770243

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1CDE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuDaBBUpxtkiEd7HLCpxx9QaHYrs5-QMpYDzWLmd9yvFV_ZYBjfuSWhNMZ9210Fwn4w4xXoeuE_JLxrRlRC0USozu578ha9z3DhoUyvdMFMbXnwkqYu0wuEw9IHlHqEydXve8nK0hfFeZoM1AuoipKwrs64Prg4Q0GdBuMR3gFQUiod4YfASMfI_d-wKE2GwdoCUcnVh154R_SjHi8qju1dkMGtTeq2btVu_UMD4PlMDSOFFcWMN_NxbwfH0Mb3mRzX2yQejoVzvh8EzvIgx17c5z742FcYSSucbJzC5wi4JLD-HrtcahZbFpQOOD4AwFPVQ7LAaWOE2tXWQdhs4LwoKTi-ebbSrK-X6BOWL0hsPePPXySOKrUQQSsG636gjKh4Lk39L1TEw&sai=AMfl-YTZDqSGhbz2VO8MyxbiTQKiudc8N5P0baxsRWII_eGfXGPp1C7BOC0MjgBVgvdnVZo-I7agiQw4wNe7ETwLhei2o7NihPcsrEBvOgm0PXgAPdMtTvDe-kPf4uKrbGvF-_dmgE6ao5MprmSU0o0ZNn92&sig=Cg0ArKJSzA_RpzPk8ds0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:24 GMT
truncated
/ Frame 2D61 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af3155184c74f0de2f2df274d08cd3ce8052d5d5c9160765d1512d8567381584

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2D61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoZUBw5boRsvDxrPmQw7iT_Tac0iCk2DwYSNY7vO1o2xA11v-9-gQFJR0_qZEFxHZ0humJQoXAvj_E8FEK9imxwzz_Gjw2hHyVffGNJuZ4TvNkMst3UFjSBeGncI_PRtPBPkkHwRW6hMa_xceAms3rMeW2cE0GuKS8rhQW4i75CFPjzJk2xP6_1oFcAKiLABzcwL7qFEW-T1GUepLCyx4tcW-hwauaw3O2zfli5l1u-p1lEAFfcb65bnEZRbaIePQiguWrXmIWNLfVMxJgduQBUXHPR9QfKnoRvtWfdhnAy0-tCdyMsDCMZTB8QebD9Jo6NdxqZsBD5yMq5MaRhyFmN4vCrMeZKPm-6d2MOwT4bNTQrGqfkA&sai=AMfl-YR86XSU1KrdbuFrbiZucx0diqksDBJHTry7GmiF1_sXKAp7ScF6kQcbl-E3qTyh-nKZdDZ8Jlm8KPG4yKM1ailPL7EDAsekdYTWpKDz7MFWCwf7v5lt_mRJyLx_MN21n278Z4kXrkIYkwqsG_VVd8q-&sig=Cg0ArKJSzOrf-ckXmFn5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:24 GMT
bframe
www.google.com/recaptcha/api2/ Frame 06E5 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f23701dbca02ddee63af2038ab151baa72c7936c1473769c2f868221653c3475
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ltc6Qozz4lZG3-PAv_Heug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Ltc6Qozz4lZG3-PAv_Heug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame C376 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eec3c6cd7c24a702b4498c9564dd6749186ba1ee870dd620b8984b7f7264d687
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BDinn_OJQtHBxa6aUaL_yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BDinn_OJQtHBxa6aUaL_yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 4128 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbfe15775f20218076b63172bdaa2972f7c25fd0a375d2b056b36ce0ed5f0b94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B243 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0f1f1e674b15396f20a6abf24c0fc41bbff12f53260be85631609f094f64dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8B69 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
271883b056b2ab839ebfb605d5f2d81e0dc6da1ebc5d8e89b32416124f234983

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A461 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f450bb09a1773cc46b1bea9c46813982f15fae0b876f09fb7d0f0183bc1fc5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
all
csm.eu.criteo.net/ Frame F55E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Ng49JkWrFZ6tp3IQJOkQchqPXwqiQz54eMqkxy5dMs9ArIMdCfMYJqEwSjyDhmj5LTHrktwVHEbQzd0BaCQO6iiDHqyaCVgRzvgzPdEVgHJv9QAeVvVjmXZ8fx_Mjn9xBYr_GpifLwaSxF8U63r5OVi7HSRrhOTBR3Ht44tL6g8bg586aAv-zAkBlKboIIc_S2Th311sjerNSv_gMKY0OWD8YhfckLpCCj0cZSAsVanVMNQ3qzuhzlY_GdQKWEjiVdhelA&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F55E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame F55E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&u=%7ChiHgvtYhI01egZab5lYUYYxV6tlmqFS2RpWjGHfTntI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsUTvu4cn4sPY1OKCSP-8iZYVNjfgqoj2buBipymWXntHqB6zznLr2QLw5E1I2vrBclsCh122hMsSVo1V45Y1pHEwLX-myalPwe5ElayqeQRh6pJZZdmqexDneNsVZA4a04wbcYLvd1R9IdXhat2yk6IaQr7nwl5qeJpGcF4mgcQ9jW4eDxzJyqQszwiM0XnBxlFqDK6m15uDs3cYOvbpzPtU6EqrbSDTAqQvm76J8PNQ5U9CpCu8InllVSS7nVPv32qVgg0_njgXnYSI2Ae7rXSTaly7gHfaxJpXabJGDXIXl3WI99qSpfzXkq3il3vqacEYmpNVD28Hmb85kiXyeDMdjR_ZxEIoQr3TjajtH4lyCormDL0mvo-aonhCrAf7uB6dfyj69qftqWJMgBDzxVk2C-puJfK1AivrTVcc3h9B7-0UYp0CEdRZuNPy6M3TPA6tq6udx1nH1a4Auk1CxEAMLAQzQsvC71b9LQtJSni81UD1U--zkUGKE5OM_Mmy5qDYgn5yV7B8mXBnyxN_qqc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4ZqUWlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_SsqOj35k6B6fYvqQW-V2jW13tRk3c_3hwQZM83humQwVYa5ncxE_RyH8TgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_0sIYBz1luyvcKA-zXriBep5nL-uQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame ED4B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
404517
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:13:27 GMT
expires
Wed, 11 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all
csm.eu.criteo.net/ Frame CA3D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=agB4xkWrFZ6tp3IQw4ytbzw7taEBjJzbwtRrlBZIgdNd-Eif4is6F41sIqcalrlZj2hWwdRRfK8-OWczY0p5FctKLsrg2su7ABOQtHeO1EwuhXvDCGEnuAl2BwZG5ZrXQ6W3Fz4_jA6YvI06adkQmc70HElzg1zuUFXwjHKFZpP0vHyJJjVH3r07fEHHUO4GANhdHsbhYD-17LkA4KQQVd9SzBhhhCyWhefK6KCA22CEocFfZIvA1gRnwHsI_nQfsMXN0A&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CA3D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame CA3D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
all
csm.eu.criteo.net/ Frame 8E79 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=TgWDfkWrFZ6tp3IQ7O5-F4AMH64g1Fl-N79FcX-N-tg14IukxZfg3g2z0cqdi68JIy_qwOUxgcX5AAJarsnXe6b_5u27J2MQnPkqNcmY5GqPqhoCF5lGz8DzPBKga-JZmViHi8fnUTV4TVr4WGqQa21amOwO11l0YY_ypzT5HGrf_t-8jfoq1LtEindS02WZo_2qYaWQRsbLrRmKDLMC1s9UjcW5MAlxMKKLNobQfraYDf67IU8hl3mXAhNhn6UcqGgKlQ&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8E79 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8E79 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
style.css
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/ Frame A54B 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7105374cd16978ae5a63302a709863123e61a5e91ee8dd05873b7c45921edaaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:49:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"65719546-1367"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame A54B 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/gsap.min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1382703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25247
last-modified
Fri, 17 Mar 2023 15:51:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64148c93-629f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1ytXP5LKmtrQ%2B48NKkD%2BoiM1Z8OOiICFXro1pN7olkCLtAqEjalnRY2ShrKuesACCVI0Z2cs3Ttt7JN0z9bVuzyrGf6nIwOzo5dTkSZLMS%2FQWwQEp3Jb6yTKegAXc3%2BXyCODdvaP0LbuX%2FDFXgdiUcu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
836b6de0fed73a79-FRA
expires
Fri, 06 Dec 2024 01:35:24 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame A54B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/EasePack.min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18655862ada4d166c8c267d49bbfa12cd0e2555bb0ac7e8bd4111f7a7406296e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1540731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1193
last-modified
Fri, 17 Mar 2023 15:51:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64148c93-4a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ixdhveh4GrYY%2B0t839R5mUSTDGOOnS3ZfAUHHXWU7ebTlNv65lP8VH2UM4iyqtQA88Sy7S9hfNsXEnAX0SYv%2FSGG6qERv69%2FwglAXI8Bx7NRvAvfAJEQt45I1NSoZ%2F062eGDuWIpNWa1jPSbV4BzcNS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
836b6de10edb3a79-FRA
expires
Fri, 06 Dec 2024 01:35:24 GMT
TextPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame A54B 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/TextPlugin.min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a63f4c0b1c6071120c8fb60c6432bbe8f2602031ff9abb54c8853e9f7bfe9a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1552038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2961
last-modified
Fri, 17 Mar 2023 15:51:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64148c93-b91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHgpDPCSZA%2BQhA%2F3EFT9ffGj3sBF64ERYppMl8eKyJRZ7IhbCUd4Ae6CkrgUYMpK5lNjwHFFBw8DKKtklY%2Fq7bLjX5XGrGWtHntgI7ctGrSJTDW0%2FxGF3xwH0%2FmqBBEdvehV4OdstxXZBJY%2Bfebtf4H8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
836b6de10eda3a79-FRA
expires
Fri, 06 Dec 2024 01:35:24 GMT
impl_v99.js
www.googletagservices.com/dcm/ Frame BB32 		59 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 23:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Dec 2024 23:25:19 GMT
style.css
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/ Frame 10C6 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7105374cd16978ae5a63302a709863123e61a5e91ee8dd05873b7c45921edaaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:49:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"65719546-1367"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame 10C6 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/gsap.min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1382703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25247
last-modified
Fri, 17 Mar 2023 15:51:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64148c93-629f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWuQ9lUxnxg5JN%2BQGtRRw1Hub3amC08%2FMMPatfvYBLVn1kOct8xnLT6AKtYk9YvtNOMf06ZqMu3k2tdkGW0cbRwcfdSEY7TRFQMurf0fMwnt%2FJpQ6OdCQObowvSHz06cE5fb5OxtNRpH%2BcqxDppcwa%2B5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
836b6de10edf3a79-FRA
expires
Fri, 06 Dec 2024 01:35:24 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame 10C6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/EasePack.min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18655862ada4d166c8c267d49bbfa12cd0e2555bb0ac7e8bd4111f7a7406296e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1540731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1193
last-modified
Fri, 17 Mar 2023 15:51:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64148c93-4a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ir7Hh9dHjr07Z0tZWPGfoBBNe3E0PI9zA2W71q6hV%2FrkB%2FlS5SqQVXAXkOIE%2BEc%2FLcBYT151nqFFwcu7RK4jH8SKw5L5ILpe4cbmj7xFcts%2FdCDhGthgwPFBfBtPMuIC%2BEUS%2FnKeWJkpA6YtpbBhhbH9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
836b6de10edd3a79-FRA
expires
Fri, 06 Dec 2024 01:35:24 GMT
TextPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame 10C6 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/TextPlugin.min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a63f4c0b1c6071120c8fb60c6432bbe8f2602031ff9abb54c8853e9f7bfe9a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1552038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2961
last-modified
Fri, 17 Mar 2023 15:51:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64148c93-b91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Fl8ha0F6AijcYDuWxJtbdgo7xueRWf5b3ETWI91LUn5vZR%2ByIa3i0lUuVUS%2BULCusz6OtUhF%2FDvUIUPd%2BM8tTqHxJ3b%2Fe2wqk2%2BwnQ3Q0A2Zkei66PxLdcP17AzEOFQ5lOc6uLt%2FhNU4XtK1Ko1uGSO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
836b6de10ee13a79-FRA
expires
Fri, 06 Dec 2024 01:35:24 GMT
style.css
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/ Frame FE2C 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
18ac79ee051f0d9626c71ee5c05499e0fa57103eba8db1b2fe57de60db6a05df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 03 Nov 2023 10:38:07 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6544cd8f-14ac"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame FE2C 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/gsap.min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1382703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25247
last-modified
Fri, 17 Mar 2023 15:51:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64148c93-629f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBEVYfqZ7CO5tjvLYZSgZTcg07hoTGdiwnZ95x0VvkQo9RqTqCRUO5ADYU50HZFTqXZZStjHIbyrDVWGk5GY%2BaGp4mFx98QV6cV790TOC80WkW%2B1%2BZ1ubFJlw4Ms9MbQZyUluLdxdZ50P3rB6bmugyZC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
836b6de10ee23a79-FRA
expires
Fri, 06 Dec 2024 01:35:24 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame FE2C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/EasePack.min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18655862ada4d166c8c267d49bbfa12cd0e2555bb0ac7e8bd4111f7a7406296e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1540731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1193
last-modified
Fri, 17 Mar 2023 15:51:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64148c93-4a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvmJfB28MHWeDydTgmLe0PsQTqYKb2mSC9OiMzojiEvn7bIYa9mwpkbpoRRqlnuJeDSibVBYAe0jxF%2FtxH3edH1FmqJcM5gjkaU%2Fn1OpYa4upcFnq%2FJFXWo9xte%2FicjCckJqOWypVQfnDReQnJGO2I%2B7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
836b6de10ee33a79-FRA
expires
Fri, 06 Dec 2024 01:35:24 GMT
TextPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ Frame FE2C 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/TextPlugin.min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95a63f4c0b1c6071120c8fb60c6432bbe8f2602031ff9abb54c8853e9f7bfe9a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1552038
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2961
last-modified
Fri, 17 Mar 2023 15:51:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64148c93-b91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7npywA5TuhPhpIPpZjHcGwlOYOpLiuEPDe2QdoRYNIKSs1HhIZxQYs2oLpi9tkbbk5pI7ozLFu7IkeUr27D8UBuFQKq0gkgxqUgGuXco%2B%2B0GieIVia1DuOJ%2BRSs5BFPic8MRsg9eFcxGk9fvxHSYTyla"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
836b6de10ee83a79-FRA
expires
Fri, 06 Dec 2024 01:35:24 GMT
AGSKWxW5b_XtPqS5pYxmqUwH7ttRZpA3p6dbmlp65xTl5fxkvdE39nW1JPfyvuIZ05Gdq5DvG3E6iLZZTfAZ71dcOQg2kxyXoU4KlS20IzVagZpc_xRkAO66wUgcX2kqX5N4vCLUK38Z-A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW5b_XtPqS5pYxmqUwH7ttRZpA3p6dbmlp65xTl5fxkvdE39nW1JPfyvuIZ05Gdq5DvG3E6iLZZTfAZ71dcOQg2kxyXoU4KlS20IzVagZpc_xRkAO66wUgcX2kqX5N4vCLUK38Z-A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2rsaS80QwiC9nKAvU8Xajw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-2rsaS80QwiC9nKAvU8Xajw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
d94268a0-c59d-4278-9196-e578e8f0747f
compass.adop.cc/RE/ Frame 9372 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RE/d94268a0-c59d-4278-9196-e578e8f0747f?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=d94268a0-c59d-4278-9196-e578e8f0747f&type=re&loc=https%253A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rnd=&percentage=false&size_width=300&size_height=600&
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-99.fra56.r.cloudfront.net
Software
nginx / PHP/7.4.15
Resource Hash
12728a18e7204afb22e1a8217e4cec5fc93f1dbe7e6bfd3990ca3cf7cf86f8dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
x-powered-by
PHP/7.4.15
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=UTF-8
cache-control
public, max-age=300
content-length
833
x-amz-cf-id
YLr6bdMBjLhdj0bp3OnPjL_q59Wyt8Sx96HYmlDN-yLnryJzvpWcog==
fa545f0a-3b31-40d2-b6d1-b08b4a418e91
compass.adop.cc/RE/ Frame 5F88 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://compass.adop.cc/RE/fa545f0a-3b31-40d2-b6d1-b08b4a418e91?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=fa545f0a-3b31-40d2-b6d1-b08b4a418e91&type=re&loc=https%253A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rnd=&percentage=false&size_width=728&size_height=90&
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-99.fra56.r.cloudfront.net
Software
nginx / PHP/7.4.15
Resource Hash
a12518c83cabec9c7b990821d4bbfa4eb98781945bde943f9af23ffa70315369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
x-powered-by
PHP/7.4.15
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/html; charset=UTF-8
cache-control
public, max-age=300
content-length
829
x-amz-cf-id
lU5t-XsW9H03SMpWnoHekCMrSY8eRzXgxQurfyiRly4PN46ZRFFJ-w==
truncated
/ Frame 14D0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc2f0364f5ff283bedc9513972c654373f04556786a035f287cbcd79bd21216a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5C44 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
404517
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:13:27 GMT
expires
Wed, 11 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FE77 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff4e0ee9e862b14abf5a9e272145ef0d2796d6c99dd47ba3c0c49ca00aed287e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4FED 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5520e4443eeb79bcf4c7517ba02d872d58d27b8417df42747f6bfd7a33e27750

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame DAD3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=tempo.co&sn=ChromeSyncframe&so=0&topUrl=bola.tempo.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=svtXlXxCK3Y0V1JtV0kvWlNaWHl6LzIxYUlEVHJodGE2NDQ3Uy9jTWJuNzFPOSszRFE5Q3VTWlJNekZxNGtBNEM0akRFbkJ5aE9pOFlVWHd3R2lwTlJDUXhPTkliMmw1QkQ0WEUyV2JlZU0ydVovcm1FbDhnTjZESjhVSW...
438 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=svtXlXxCK3Y0V1JtV0kvWlNaWHl6LzIxYUlEVHJodGE2NDQ3Uy9jTWJuNzFPOSszRFE5Q3VTWlJNekZxNGtBNEM0akRFbkJ5aE9pOFlVWHd3R2lwTlJDUXhPTkliMmw1QkQ0WEUyV2JlZU0ydVovcm1FbDhnTjZESjhVSW44c3JlL3hxQjZBdFB4M1J5UmRwemVMNlNLeDZVbUVEcGQ2L1gyb3ArclNKRysyeE5NZzZhV09FUTVPNlYwVlRERTVrNVdBL1FaSkNMY0NKaXg2bnA4Nm5KL2ZwaWZvYi9EcDVTTk9sRFNHbXIyMUkwQ2d2bEtLZUkwOFRCWTRTQ1BkVjhsdjJXcjNCL093cGhya3JPb3NTTkF1Z1J4QT09fA&cppv=2
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
36463b150d35014b92b223b4b62488c71c369b52f7b0bd1cd19dfb1ef9f2f38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1069849
expires
0

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=svtXlXxCK3Y0V1JtV0kvWlNaWHl6LzIxYUlEVHJodGE2NDQ3Uy9jTWJuNzFPOSszRFE5Q3VTWlJNekZxNGtBNEM0akRFbkJ5aE9pOFlVWHd3R2lwTlJDUXhPTkliMmw1QkQ0WEUyV2JlZU0ydVovcm1FbDhnTjZESjhVSW44c3JlL3hxQjZBdFB4M1J5UmRwemVMNlNLeDZVbUVEcGQ2L1gyb3ArclNKRysyeE5NZzZhV09FUTVPNlYwVlRERTVrNVdBL1FaSkNMY0NKaXg2bnA4Nm5KL2ZwaWZvYi9EcDVTTk9sRFNHbXIyMUkwQ2d2bEtLZUkwOFRCWTRTQ1BkVjhsdjJXcjNCL093cGhya3JPb3NTTkF1Z1J4QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
256869
content-length
0
expires
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 06E5 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 13:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 13:50:22 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 06E5 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 08:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 08:01:10 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame C376 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 13:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42302
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 13:50:22 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame C376 		505 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6LcGRoIkAAAAAO2shGzSFo7NCxe1tj15fLKIiWHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 08:01:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 08:01:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCtvOWlB-Zf-yOo3ugQfjjqvoBtvNp-F0__jXjeESlbTpz8gCEAEg5ceJHmCV2oiCmAegAe2s9skDyAEJqQLVLG2M5al5PuACAKgDAcgDywSqBOwCT9BmAp2k7Jj1SR_YxmHPAgHoz_spJxxpLUZi1Vd3-Fc64v4XZpAc-lwWnbM6wQ3JEOJRCf1G0ZyukLR50n18t_WNrALj2tLXFi5NTEW0hqKJjOVUcI0mgN5XPiyk0OGaLKsmno0sE2cnNkmXGeKMJbA-dhUvEnRb9DZgN4lHE49vbRgLgqmdVztrjqGfbVOJX0xNwwPhQUobdcX1qYH0mO5CMjcGt8LRb4RzfmEZ1BFpwSeT73vxmh1Ryht6vUczMBqRhFZFAmjmqXc04QFozNXHjxbkV9V4j791Insc9rfT5sXl9-BRgHkdOr5-omGn0SdotiIvkv4j47QOWx8Gi-iKjq2nNg_1ELGUBNatsbKKt4K9X7cPW9rwx9gVvY5meBoL0M9aPl9PFltcflgmbWGpnUKdHeTOZZXISUrkHP7EEuNHKT3Pvd1usFjSqEJTo6-CJ6S6bTwTkHbE4rA8OAcpqLbO6QH5UrI3uMAEg_Xn2NwE4AQBiAXflqTYTZIFBAgEGAGSBQQIBRgEoAYugAf75vQlqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ044F0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljpzPysqpWDA5oJF2h0dHBzOi8vd3d3Lm5vcnJvbmEuY29tgAoDyAsBmAyIrbnb0ASiDBQqEgoQ5LSxAu61sQK1uLECrLqxAuINEwiotv2sqpWDAxUNd-AKHWPHCm24E4ME2BMO0BUBgBcBshceChwIABIUcHViLTYyNjA4NzgyNjM1NDQ2NjEY_akS&sigh=hvR8-whGBt0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&template_id=515&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 01:35:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 4FED
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=CCtvOWlB-Zf-yOo3ugQfjjqvoBtvNp-F0__jXjeESlbTpz8gCEAEg5ceJHmCV2oiCmAegAe2s9skDyAEJqQLVLG2M5al5PuACAKgDAcgDywSqBOwCT9BmAp2k7Jj1SR_YxmHPAgHoz_sp...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227875491001789533930%22,%22debug_reporting%22:true,%22destination%22:%22https://norrona.com%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227875491001789533930%22,%22debug_reporting%22:true,%22destination%22:%22https://norrona.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22960337517%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223591453589141948289%22}&andc=true
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"7875491001789533930","debug_reporting":true,"destination":"https://norrona.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["960337517"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"3591453589141948289"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:24 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7875491001789533930","debug_reporting":true,"destination":"https://norrona.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["960337517"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"3591453589141948289"}&andc=true
access-control-allow-origin
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
videos
api.dailymotion.com/ 		304 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/videos?fields=id%2Ctitle%2Cthumbnail_480_url%2Cmode%2Conair%2Cowner.screenname%2Ccreated_time&limit=1&search=transfer%20Chelsea%20Inggris%20Havertz%20Kovacic%20Chelsea&private=0&flags=no_live%2Cexportable&longer_than=0.35&owners=tempovideochannel&sort=relevance
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
212b10417cedbb5fc1a2067dfef9a7f53d04fc354900ac1344a45f6c35bc783c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:24 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=70, dc;desc="dc3"
Content-Length
255
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Sun, 17 Dec 2023 01:35:24 GMT
Server
DMS/1.0.42
Etag
W/"ryxHXece45JEatSkDkZ_ug-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4FED 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 21:01:51 GMT
x-content-type-options
nosniff
age
275613
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 12 Dec 2024 21:01:51 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 64E3 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGmMs09sAkeTxSAx4_yOpNvmPp2O0Nr3cXjWxx7yfXUA5YzgaTJ4o1Tly7x3MMBYqtR7Of_27e_RaqiznubfQ_Enggal_V193StQ4lsfvtWe7ntm0mfSrDa3QvQCKHDwK6kHY_BVvrF_y2kYUKjY0N9qih3Veqy18_fj-GPeVDwisr5mQ&cry=1&dbm_d=AKAmf-A8sQZuMK-deBMuELKbeKGqReiQgWSwmXXgwwGGqC2TiV8O21mBSu0yFNUChiKymAp3QsIqYjPG0zSqVuaw3XwNzd1PIq-A_Hgc3PE2FKa6ahu1L4VMuwBUqxjQ69dPLbnLRdhiOQ0dOF0M4PmXpSbwO4uy7fWLwusYt35Q0l5m8c2LBmbqxK6Ju1W-dkMM-g6MoWqjmUio_RFbxDUt5umY38gg80xqwXhCZydL3zsYob7M5YnY-eJCe9DTEAZThsJWja09Whll9r0Fep89DJxyagDrRUod74MG536aVrRA27zqurcWDvVt89j0JPNgw-orQx0lPQRdmgZD8YvuQSW3dgZFUecVOvJRdwuI3NDwcdMFGwdftOXloM5uQX5-g8c5Epqj8KVYHa3K5N3kQ4s0wPKbL_LQ5claEOkXNxe24rnnyt8Yu_DkmB_x3iw3W3YBSPEO1RVRhpSx3Pc2di0Qnx4aoIfHVE0h258SrKc8TSX2sEIUolmPp_VtYhdvvAH_-s-zHqj34IZA7_0dCPY59Lxf8cIOpxLyi-k5G3I0dGQb47gaNuf_vyrVT6SDl0xJaOw0_--liQC40js3oLPRuI_4RJvCKqjqQY6SQw12gxZ1Xrl9YBqqg6cQ0rNnuyc5MWeZPbrNFZrz5H4auX0c65wBTc0Ibv5qDfiOh474f-Z-hb-GWADh5iAYHwv5Kh0jqkiOrvnZu2eDpElGZSv7px2m3nCAWC9ae9TpPDfHwWkYv0Fu_aQgeaT-kBy6Z50MuqDyolxjHY6hgJkmomdtqWfn0avg4pEJH8WPgcJS5YFOLdkKFkcNlQa3EEU36nsrdbUS91BMsOvgLbxfqzGmYt8ofFLXK3kWxIaCtVzZVT-lCzNz01G4TfREja5butkHHaMssi8crW-dCf7gA6KbuDx_-dtbCdIRgs_g7Q6DTgjT28TJCJmu18pyd19EvUQFfzH7P-zaWTearVUVxvpP69rkC4cuKpRykhgJZHBIoA9HWDwr1GxemmdrVtkcHyEmegOik4eEaVA3eJ9XuXrFtyBGP-1wcasTU4aKwyNeXhaJxS8wy0-BEATXfXR3uaQfjCshkpIF1YW6opDywHMzlZh4-ag3jlEp0M3dTRVstS1MbriPmcT7LS1tn9gEQ0hkps_voL3_DI08u3vWlG0ihl68EZcGJ46MXzsvCIfB3c2Kd-QgpF244uNvvb__xNI1I740dZYJ74IIOZmuIEHmscWzfeg8thSEgYCEFo7Wk7B4tXjASsAPKWCIbUAKiL_5Ez17Awn5wTwLKjC8-9A11ssH939jaUQfPRAe4rEsGFDkqU1TYaxyaR7vGK4sS90t_nAcmdAT_3-Q3j_2wHfMI7Y1HdbpsVI-63J6iaFWTl_Uuw5hnFDtLUKM28SkewfHriCT1CsiDyjjHQCRIxvV0zVWy67ED0TWzROEKc5zkE6IFfiYlDzpbYk0Ib_NjvcWrq0bAn4vS_Mzro9FyodxpmL5On3HS4GZHc5HXVtyB6j46f8AUr4YzS8lk6PYn-YdHx3fg9W4OmtuETzMllXM2idpsgseuD6SIiptTJKPEXKvz-e5qJT0q8k6H8bRjQoJ5uLkxYjs7N9jzwhmR8QZTUgVlz3amWq9mZCC_XoTR9rPl87autdf7gKMM72-O01BcqO3uvi5IGcU3PJPF-ECsWmLa0ReUzCJrDR-nQeiS-aUiuU20J0wfvRgWZyoD1YrUgLjS8f7TMxnUDxF0sLwsLn0LUFiL8XdQ8L-UEXgWFqhvGmP0BwrfKUOF3PEPWWjhU_XHpd4JwFJ6gtvqez0NKRlaRcTsp1pcLIxFQleiS-xrbAkB_NFZDYbA9ldagmn1132IlzGUQTDAkVzf4JJtq43yKBMHJFTEYGjMV-glGVgj-4EHpkUabu76J7YsEjzgqD3-IU2LDWOa4k0nR7Ne-qX2xFHMV9NSE4bMOB4JLY16U0_mLtTatHgSfE9X6H-Cmeuv4mUSVPsJ6XhUWZe-zpGROavGFYOaAimutZXL3lESzHKlugWMeMDK-I_huZzFEdKU_dJ93YlHecZQeU2nBa9K_rd7frkMwPuQjjncEzRQrU1kh-4N_9hNgMGHIkk9qZ89Xj7fFZZJxlA9ebos5UzdfKGV9lNElLAjXJMNMjecCcJDsUaMI_crRrMry5FBNDRAS_No_zhpPpAcEDBnIwhwSBK1uDmcJMvcUz8OqL0ZeRV6wXjUhYgvmWKBCqb3-HGnEiGkjrH9ojLIjBLFGoufIC_enf9P8OFvqjgZTW_Ecb9F0HEDZpA9Z_PvqoQp-KY-XLLVZoOImWCwXjsc6P4gj8tNjHxO7xulxDKFoH1z6Hqh20pgpas59ZIUaScm3uAMUrBArHjiksY8V9F_x4BySXboQEoeflFVWpyftHNxd0hLUKxm8WWlh3HUMkZ5_IIE-Ug1li27NeixGzOxE-4JYBKc9UBDHKwp-GFVltjnTczBbSwvY2wOWAyjAn-EQUX9DMQ5kp2wLKipjL_8N69xl9jxjaoKDBFYy8zbJCx-fHtxMWyQ1xgJmnQv216UGUdyj6YDBo65W-S1XsT2e69HkgqZDGqHX0ktoMFNrg8mmWFcrNjFVqOH5PuQrzbDDB95Ggqxb3I2Si2aFDR2qB-eILcwR6Lbn0DVvqPHVfpb4TRIV0OacH1byqYp71GIItF1hzNymVQSy4vq3H4TEKAiatdH5WPRxin6XvbHI6Bj9A32Z_RLq6oF7B58SzbOWqsIoRIpTVzud9PWF-r7GurWSQOWnoRoqK5_4zQ4tyQVBw4_-dyvHq5yRAmpWGCZkhSMzauiVk-rozYujaz7bJ2mib0SADXiTgrc_PmS389TKlHNzmWw31G0En-PntEffIcaHc8WlmQODI8Qak9MurHxgo4iL21wmofcNM4XAhpADegfXaEo2uvSC5xITJmQNJJSyaO33rT2goJHS4DH54SuMLkjL0fDHWC-xZ8lC5Z3dylb3kJxzbmG23RZf4w4m1Y1rYjDoSnu1PJK6SnTMnN2AkiVm98MqfHO1ErcahvdS5IDHbhWvVVB9gNwhCeG_82FUMcSwrs0k13jOm96S60-QMX_L1EMG1M77Dl9Wv9v0tCNXF6ByiKdiIqoDUKqeLAPoLj2FXb0uwlT3dlg7Iv2wWWr-IQy-Jg3Z-WETKrm0f_0Bxj1yWmNAwk44Wip0cHEnFkFUuJ0lFewX9slsuxKSh7AP1AOQi6OmHGc1jbSNcI4JldzqLTWM9PydBjOHyYCsicyTIca4Oozc-Tb28I-WqSChjKIC3VRNdIyQziiBma4GUiynqFdLoQbgNUVO3JBoKBmUK_IVRUGsdCs4wK0WuKQ75rsSv3EOJKXeb2QgDoUaLQZhVPT4KktNJbA7hLio3R0saB5W9lwWf5YTE6c4-jS0FZS_cMTpHiO9gnRx-nl4k0m4akAz2Q_U5aTi-_yjun4NlScfnTlZeIwN1uXLzmaIQoEFqTpv08EvEpuFR_Bip3IodkEqvsrgfsqGPItYpXd0h4OBBS2MRp7dnfMmyRL8otF0dnoY-0Yp_JAftYK2BihPRBYtDURetElBiFu66w3Tav1EBHnzrIvkl8ekRQUwdJ3poIcnYR1PzVvSiSiksSowB-fmGudYCqJeW2GYR5PG_o2gLZCPJl01NGIxaTw7a0pjlBl8j_UfK87qoMopoL6kJXtj1_t4uXsk0tS1V30XHkF9rVWML2wDzRd6PH6hp7OQNUALyJQ6l8Vmo3psem3V7H9qAHUG0kb3iAmGJDRq-m7e9XvyLAs5OhEkbiCkyA_8oYG8NHkJCVytkTwoQdEG90zU17iluEpxOVWQD8AUKf_64wfKCWh8soRhTuHYubE_ET5x2O5tlm7KBzk4Fssu2vlCNR37VjcvcSjtuG6T-mpkJ0TUezZUEkfdm6sKVXgCs5eB988xwr-MQsh8ck418HYroITlIk4kyZ8fg51b6DAgSi_-SvnFCXfKSzZoyT_iF-XxBhgeG5PHwwlrN1VFBEk9lVFUIV4pVcdw5KAYGEf9h1Oenm-pgdtCpd7bqyyEq385spPZkbNpi-_koLkxQEMk9Fa-7P2lQNjOaqMTvPCLvHsCKEIj2VAg&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fbola.tempo.co%2F&ds=l&xdt=1&iif=1&cor=6359564635869382000&adk=4020099330&idt=120&cac=0&dtd=21
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
113416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjc3NjkyNDE2OTkwMgogIHNlcnZlcl9pcDogMTI2MDY4MzUxCiAgcHJvY2Vzc19pZDogMzcyNDcwMjExMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 64E3 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjc3NjkyNDE2OTkwMgogIHNlcnZlcl9pcDogMTI2MDY4MzUxCiAgcHJvY2Vzc19pZDogMzcyNDcwMjExMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNjQxNjI5MDA1OTE0OTk5MjYxNgpkZWJ1Z19rZXk6IDI3MDc1NTAzNDYwNDk2NDA3MDMKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTE3IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzU0NDYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxMDYxOQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x5691dbf7a6060a860000000000000000","13":"0x571c811dbb4c8e440000000000000000","14":"0x9d2d1dd8a4502f050000000000000000","15":"0xe9587adfdeda14610000000000000000"},"debug_key":"2707550346049640703","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"16416290059149992616"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame D588 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
404997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:05:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C36E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWCcAiMfIVd_7VU8aY2Y872W4tWCHSzKG6ZxpNrrmBNeBbZ0v6IwVgQ3-v7CjDZ02LoUGS62nymRiM_gn8q2YeAYTRUnphRsgWGxFF9IgkZeTc08aHeGzf9O3267xVzRKdjNWnzscgaaIpPJ6C2dcVRqiK3GIZAD2uzxweTvJYeYHE2G7J0DW3ehxwaUIcUypb80wRUIe1WfRBWMUZh6-sK1dahXZn2SMJlMsll53xDE0ldgw1mdZYwpMwMpcprlbBycSuw_fAqu_Ejk728UZEV6SasBJcEdUFzLbCO6Fu7kqdEakOJiFhFVIGc_uNIqG0_msZa0Pr6W3zQWziWMHMK0rOIQ_AFdRBd99YFfhUIg&sai=AMfl-YQs0mYciXCMS1UvBl30jHNIqMabgoSRrfpAB1PbhU5bNIprdqmbe5uD449-lEnlicpYDFz58BYfLIgpO1_rccL1ZsDOCIuKD6FZQeggD2QwZSA_aUFBWjX5AjZToLo6GyUAJ7bk1c5QC3rF3abFXu_2&sig=Cg0ArKJSzI1tPMeZH_GgEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:24 GMT
B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd...
ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/ Frame 761F 		88 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
0789e063fefc043f54c77e7b56cffcbc6473177e7639e77537c03a43ece0919d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
36515
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 37E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeLIUWlB-ZfuyOo3ugQfjjqvoBpi-0OV02Kfuho8SwNrIh6c_EAEg5ceJHmCV2oiCmAegAc7Dsv4DyAEJqQIOqMvSYEeyPuACAKgDAcgDCKoE7AJP0FqBYD941F92lnxArJqwHgxX5cotSBmv0OviGBCKi4Gy6LpXEOEs9o7SZPCnMeVUVWnY8Dpu_31EjAh4MOB7B2bQNI0Av4NrAlT7U-WxWNLhCVtP6pEMapkNF4YZDRKv9Xw4T0-zWC2ZP-MB_oUiNKOIGJoibaEU05MKuL2Q6BYtU6bNKJ06VeicFDLp6R07Iv6YqfPstVOGvEW7nOwVBwiahRruuKcg17o_n2WG9R0xvyyEAGDUwu0F0_IctNQbcezo2xzBHoFKtnchASotmR9OOCl5yvKsD5x35fV9cNTBOEiv-7qFjbE0MutGPuYRuN2sgxN_XgCYlkzC7euTdD9WlA269OsCl4bW-1FFHPRWkNrftE5bqSOq67qIebPGD9ChyK4mBjOU6WegX7BEGx1EWmVmMMJbSUhWL6pAojSGCyiLBKS_WJARdUyWw3Sy4VHd8cT1sdEJegTjBHZBYDXoIuKZblrgvgAZwASV5vSDtwTgBAGIBdn1uqNMoAYugAeavM0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQsdoF0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljpzPysqpWDA5oJP2h0dHA6Ly93d3cudmFpbGxhbnQuZGUvZmFjaHBhcnRuZXJuZXQvdW50ZXJzdHVldHp1bmctbWl0LXRvb2xzL4AKA8gLAaIMFCoSChDktLEC7rWxArW4sQKsurEC4g0TCKS2_ayqlYMDFQ134AodY8cKbdgTA4gUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi02MjYwODc4MjYzNTQ0NjYxGP2pEg&sigh=vzbrmi3uJxg&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&template_id=419&cbvp=2
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1AC2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAl_LWlB-ZfyyOo3ugQfjjqvoBunz1uR0toDBqdgRwNrIh6c_EAEg5ceJHmCV2oiCmAegAc7Dsv4DyAEJqQIOqMvSYEeyPuACAKgDAcgDCKoE7wJP0FmPy9TM5W5PP2e9FPbFIN7DHrQFFNGVxSN9D5nXiaNgLbjXBRbX0MqRBsEYkOOUEJyQw6S-gomtX48rnhNXdqz0k6GH2nYfF8dQLZiQ6Dx5r6cnjkQFSvwsVEgY6PyOayPYShBVZwvYj1qSLF_Xmrj53e8XrJG9lPkrBajvEbVF1rmbEYDTY-X-RmFDwyuILOTghMKjkbAVvo89n1WmEv3TpWe7GoauSnf_De4ZnGiCkr5NGS6xdu8b6xDIRObv4ckCiknEDF0fCrmasjB_l0Pl32gDddpQQLDqUL4orYyfoIGvRrh2PoQ_f3zluHu72m6WdOPM65dQJL_nj_gM4Xi9tzAxBkKD1Nkiqu-lHdRLfhnUUk_uKEMOXom0nT4uxWug0XylNEnrZW5CrlvQXsuNWUgXU161uBeL5FlLoj1ZJot2gcJdUpXMGPEZEu21U_ruEld2LbdZ0u-ESGKX_oZ3IDPwpEU11dkYiQFHwATuxPjUqwTgBAGIBb35w4dMoAYugAeavM0BqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQmcAF0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljpzPysqpWDA5oJNWh0dHBzOi8vd3d3LnZhaWxsYW50LmRlL2ZhY2hwYXJ0bmVybmV0L3ZlcC1hd2FyZW5lc3MvgAoDyAsBogwUKhIKEOS0sQLutbECtbixAqy6sQLiDRMIpbb9rKqVgwMVDXfgCh1jxwpt2BMD0BUBmBYBgBcBshceChwIABIUcHViLTYyNjA4NzgyNjM1NDQ2NjEY_akS&sigh=Ld1g-ShZsNw&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&template_id=419&cbvp=2
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
zu8zmf86i47n
hal9000.redintelligence.net/zone/ Frame 64E3 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/zu8zmf86i47n?subid=&gdpr=&gdpr_consent=&rnd=1702776922956793&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuKNXWlB-ZfmyOo3ugQfjjqvoBqblvaBpzZacp8kP8C4QASDlx4keYJXaiIKYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgSNAk_QkXk0cZl5TDP2oYtzwNvoN6826t3KaxsY9zXkej8A_4wCAgkJqV3DqBY625xZKHA0Qrkq39-jzwHKNbBKtXz0hi04y-JHcXYBlpQCe3E11MGmcrwAjHfLk1QGFG8-gLjU2m72MRLJShzvuScEW9tgIYf1sgEXpYRIDGvcBBL_t4zAKZjd7zNYh_ZeDcPs1kcFwafePVqzCtwcW0C2HBvKoPlVm5yPF8HPocBC5FeeooLUEhG425gWORgXB4caFsfR4H977xBf_PQ2g5Ms4eFR8x2cUydE1eFqzde25RLER5vcQ9NQw7IBimTzvqCu2gTxk6q-7V7OsU76SXJtAWgkvu1ReORKZLbXzwewwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOnM_KyqlYMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiitv2sqpWDAxUNd-AKHWPHCm2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ%26sig%3DAOD64_1PHXSDm1sRK5iy-p-4IxTiPmUcAQ%26client%3Dca-pub-2578301546053897%26dbm_c%3DAKAmf-AODGNKxXDJGVxRcKq9-TBYli2TwqQ52B-R5lb3Ez-H07nVFUzlWIZ4FhD0sYWLgFVY808_rtTUOnySij6pmO_8Hu7xCw9jxXcOPV1q6jFcxFESMWbsxZVmaUVRIujbjm82UvMwIAXn8zwLQ6WiYsUjjHk0L4utF3iMNDGQS6Cegn0Zob8%26cry%3D1%26dbm_d%3DAKAmf-DaANenpRBSFU8YXEuBopYuGXxw2YbTxDng4NCmvMHzbcBaw6uD4D628eEputw6jXv_X1HBEj_DDOyVzTpM8FfUWmySyEi35m502zsxeQVPY-K_FVUW86wLT_RJhWTy0ddGCt8H640UT3UubqyEjVGaO0K3Wa82R5W8ayOvXVLCWecknO7ET8k2jAoKWWlhvokSqrUYiJUTPK3xAGkayG0cUp6JSCF6t62QOfA3JVIgUo_sAiFVNFpbgJZIxWxul7wips4-FMRwiozojFsh4FTx1LcTFMJmHFthf7mJbHWISmGTpRI9DYa9YQLHi_xH1YZ4Dn91LxcDK8vmCPVpyPJ53pd7QlKKu-UVHjDRLFNw46s2LY5eWUEDzJyXgaYGtHqZSgts_GE36y3hnDSjG0NixZEmMPBVmhPj_qWFn9LVQjHsxZoHtUSl5Rx-PFBijd1qIBgEUN8rTyA0BdYgx92zfUD2Lzq6odVS_Vcbh4er7QVb4uvfXuzLvixZ-ri1LRw_rBxHfU-kh-As1SB8sGZwFE8Wf8cIh0m9w23Sj85pHyJ0tKK05sCj82F7JV1_4JhkiQzGOUVQwkZ5nQk5P_YOQ7f6Y6_45RhITbeSdf3SiuWjuXeIQA4R1ECCnJS77MzIwNPjTGcNARRWroyIrswVzxVSGg%26adurl%3D
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a1802c9f83bf793355aa23754a509beff4e7f233be36cc99bfb3668668b14105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 01:35:24 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4330
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
hg1.jpg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame A54B 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/hg1.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ea8c384c37fe468cc90de8e2fe4dbedef455d3553bab14495a72ecd70eeca8bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:02 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6571954a-af21"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
44833
expires
Wed, 11 Dec 2024 01:35:24 GMT
hg2.jpg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame A54B 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/hg2.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cdd8a972033df4f9becca5594932932c61fe3606f96c040fa9d86a66a05f5ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6571954b-b6fd"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
46845
expires
Wed, 11 Dec 2024 01:35:24 GMT
hg3.jpg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame A54B 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/hg3.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2ee84bc512355829570f6c126372e4f4d4c71f2f3b7296fdbdbdd0002b127968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6571954b-b343"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
45891
expires
Wed, 11 Dec 2024 01:35:24 GMT
logo.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame A54B 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/logo.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b60147a8f0031549e3ae8ed51ba9ef88a47820ddb812226ed845d28df4b79005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6571954d-1dc9"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
copyphase1.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame A54B 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/copyphase1.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7de5e3166a6732bf7dc503acc79d4b5ccd467339d287ef7c91a27422350d245d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:49:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"65719546-194e"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
copyphase2.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame A54B 		18 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/copyphase2.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
55fa66b123b660503aea407f27701b22f60a877eec3fb4df71f2d6a3a1b485b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:00 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"65719548-4876"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
cta.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame A54B 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/cta.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17ed6fc59317912e64cf54c8cdab9d07a366a3926956f77830d2b70776d6e500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:01 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"65719549-1473"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
pb.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame A54B 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/pb.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
37d945e5d75ac62f4c585bc8bd044be59837ac5b0c3acf94f7b5eeb7076ae4b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6571954d-e1a"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
tag.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame A54B 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/tag.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
effe23a6aac297dba95a5f87d7bafd4d887d7d2ddd09e333bde8b3e4b43a0cb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:06 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6571954e-40d0"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
hg1.jpg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame 10C6 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/hg1.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ea8c384c37fe468cc90de8e2fe4dbedef455d3553bab14495a72ecd70eeca8bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:02 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6571954a-af21"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
44833
expires
Wed, 11 Dec 2024 01:35:24 GMT
hg2.jpg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame 10C6 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/hg2.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cdd8a972033df4f9becca5594932932c61fe3606f96c040fa9d86a66a05f5ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6571954b-b6fd"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
46845
expires
Wed, 11 Dec 2024 01:35:24 GMT
hg3.jpg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame 10C6 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/hg3.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2ee84bc512355829570f6c126372e4f4d4c71f2f3b7296fdbdbdd0002b127968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6571954b-b343"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
45891
expires
Wed, 11 Dec 2024 01:35:24 GMT
logo.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame 10C6 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/logo.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b60147a8f0031549e3ae8ed51ba9ef88a47820ddb812226ed845d28df4b79005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6571954d-1dc9"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
copyphase1.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame 10C6 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/copyphase1.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7de5e3166a6732bf7dc503acc79d4b5ccd467339d287ef7c91a27422350d245d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:49:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"65719546-194e"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
copyphase2.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame 10C6 		18 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/copyphase2.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
55fa66b123b660503aea407f27701b22f60a877eec3fb4df71f2d6a3a1b485b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:00 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"65719548-4876"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
cta.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame 10C6 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/cta.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
17ed6fc59317912e64cf54c8cdab9d07a366a3926956f77830d2b70776d6e500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:01 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"65719549-1473"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
pb.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame 10C6 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/pb.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
37d945e5d75ac62f4c585bc8bd044be59837ac5b0c3acf94f7b5eeb7076ae4b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6571954d-e1a"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
tag.svg
static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/ Frame 10C6 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/images/tag.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
effe23a6aac297dba95a5f87d7bafd4d887d7d2ddd09e333bde8b3e4b43a0cb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/7dec/cultural_explorer/300x250/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Dec 2023 09:50:06 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6571954e-40d0"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
hg1.jpg
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/ Frame FE2C 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/hg1.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8832e239195d3cfa866c0f9ac241f708ee7e76188b4ce59a39592cd7751dd9b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 03 Nov 2023 10:38:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6544cd96-a9f0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43504
expires
Wed, 11 Dec 2024 01:35:24 GMT
hg2.jpg
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/ Frame FE2C 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/hg2.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cd3445583e2026e415c87b4c14bb98ee5d25a3b9a00702f4de2e9014e01b947c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 03 Nov 2023 10:38:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6544cd98-9c1b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
39963
expires
Wed, 11 Dec 2024 01:35:24 GMT
hg3.jpg
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/ Frame FE2C 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/hg3.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f8303ee1d962318209a80ebf5168af2407ac4c76a9fcd0fe8526d33ab678d4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 03 Nov 2023 10:38:16 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6544cd98-aa2e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43566
expires
Wed, 11 Dec 2024 01:35:24 GMT
logo.svg
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/ Frame FE2C 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/logo.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
01498bf99b51d64677d0db3955212f5adbdb56a1d5156eb4e251907b2f92518a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 03 Nov 2023 10:38:17 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6544cd99-1db1"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
copyphase1.svg
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/ Frame FE2C 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/copyphase1.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
da7972bf2aad9d8532613551bdd32c4254540fa271f348e4143c0fd16652dbc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 03 Nov 2023 10:38:12 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6544cd94-18ee"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
copyphase2.svg
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/ Frame FE2C 		23 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/copyphase2.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
675676869d79d706a9672461e76c91308e81b494aa0fae261f81b0ca01e378e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 03 Nov 2023 10:38:12 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6544cd94-5ba4"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
cta.svg
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/ Frame FE2C 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/cta.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9dfb44cffee99d525301745d95b278a473069c8b1ff1779ad56876aa48e4a8f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 03 Nov 2023 10:38:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6544cd96-16de"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
pb.svg
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/ Frame FE2C 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/pb.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
15b6a83056d39a5c1da5223406be638d868611ac4df7b0760c98c9007a1bf999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 03 Nov 2023 10:38:17 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6544cd99-101f"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
tag.svg
static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/ Frame FE2C 		20 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/images/tag.svg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
6df196eaadf97f4ab3433774822bd27bef6bf243eb49567c0de5f15312e54380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.criteo.net/html5/germanwingsde/031123/beachvactionfamily/120x600/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 03 Nov 2023 10:38:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6544cd9b-4ee1"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame F00B 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
404997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:05:27 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame ED4B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
41343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 14:06:21 GMT
all
csm.eu.criteo.net/ Frame BB32 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=HyhanUWrFZ6tp3IQNDOyCZviab2twBC_j_UwzjJWW1Fay-Dth4OCNya_ZzJTL62ckJdhQIzkZXz-xfJvgs33iUozpu_OyTEyjSE-QnFnOMVGTWFK-ztyWGdznHg-4TcXYhWhVefgJRKlevRZ1askuVgpoDmEsz0zOqScntpguUDrgVF1fVJGMth5dtnqQ6FWj56v8Lv-QjY8pZsJ-uuI26O1P_rTH6IUvZ8dbmHfT-_PaDDRPBXuel6F26Or_zM792LVSA&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BB32 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BB32 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 11 Dec 2024 01:35:24 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 5C44 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
41343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 14:06:21 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227875491001789533930%22,%22debug_reporting%22:true,%22destination%22:%22https://norrona.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22960337517%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223591453589141948289%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 01:35:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C36E 		672 KB
67 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1476380277117272&correlator=1924920538195814&eid=31079926%2C31079956%2C31079959%2C31079784%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21927187246%2C420616_tempo_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3Dbd735c4aae7f2be5%3AT%3D1702776922%3ART%3D1702776922%3AS%3DALNI_MYJ71uy_x4OpeuCL3C8Bf23kQqGEg&gpic=UID%3D00000d1de8fde0e4%3AT%3D1702776922%3ART%3D1702776922%3AS%3DALNI_MaeibB1GfToxI4Z_ofwnYJB1gHjKA&abxe=1&dt=1702776924562&lmt=1702776924&adxs=800&adys=13984&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=1&ucis=kumi5ws0iec4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&ref=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&top=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&vis=1&psz=0x0&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=469069242.1702776923&ga_sid=1702776925&ga_hid=755912461&ga_fc=true&dlt=1702776923673&idt=742&adks=2423418268&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b08669972de14ad0913b5a323ab1397f6bbfb0b8dedd0aa93252796c3d966e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68439
x-xss-protection
0
google-lineitem-id
5849509328
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373742382
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C36E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ce4b7adc0239e44e8f39f82dd54f9706e7d53ba0125ad3ed74b6ead94b8a1fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12437
x-xss-protection
0
container.html
e5914f7e7310376f93d54505df63b4f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 68E4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e5914f7e7310376f93d54505df63b4f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:24 GMT
expires
Mon, 16 Dec 2024 01:35:24 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 36CE 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
404517
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:13:27 GMT
expires
Wed, 11 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame B243 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYi-8WlB-Zf2yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9C2Uya8j__Lv222j45LUSqK0yOlVbSoIrXOLdJkkcUfVm6dsVWe08pEVgeXiA7mD4QOs8gjRFah4kvSUHZeq5fPlEBI1EIaLoFJ_8QdnDWIkhfhiZEiM--NVwxDNa1er-KYsKVVCBJrJYxGPqiUdo3eeZDMHBJSOVt6knHt5m-ab6yPPVUzOFVUfGF19mNXMWxVUxSmnUOnSVu5QExGYsolRMfNWeJWYl5QPcRgC-7tFFu5YMSkorsM6fTO1TwRnSv1febn4X5A4IAdD856LMW_bgwWnOl2Yzhm_DoZZ7DHep3cVH0BDwv453V2Coknb-P2RnA2ZU5gh1vT1ncGWSyIh5X-XibRjukPlzPUxhny4_1kQqYaZBYR6zeAc2XJEZk7CQtgTHeyLK4Eimr8aifNGEHvKxaPz_Ss6urWdM4SOcuJeSJk20g_c3V2mcE18ASS0AcKIBsv33oCfr2lMx3gBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwOACgP6CwIIAYAMAeINEwimtv2sqpWDAxUNd-AKHWPHCm3QFQGAFwGyFxwKGhIUcHViLTI1NzgzMDE1NDYwNTM4OTcY_akS&sigh=Z2L4O0wwCek&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&cbvp=2&vis=1
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame B243 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kqKXFMc1rAL6AZ2DYgICAAAAjIhZm24OgVaplJJbEFpQfmWqXEAUAiSbROvFAAASAAAKCkFRVURBUUVCQVE&wp=ZX5QWgAOmX0K4HcNAArHY8n4j_-M2fMz9azT2w&cbvp=2
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:23 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
129513
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 8B69 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGnvqWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mhNcxQlq-0wHyeJZB6aKzDUYED_DZoiGogTIYv1Tdxuk22Us05l_gBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwOACgP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwGyFxwKGhIUcHViLTI1NzgzMDE1NDYwNTM4OTcY_akS&sigh=2urkHerlxF8&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&cbvp=2&vis=1
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 8B69 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kqKXFMc1rAL6AZ2DYgICAAAAjIhZm24OgVaplJJbEFpQfmWZouDUdBIkMI4zAAASAAAKCkFRVUJEd0VQRHc&wp=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&cbvp=2
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
182681
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame FE77 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpsG1WlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOICT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqIpbavDSRhu_o78mVWMuQV7KGvQnIcyrLlzTAI5NiPqgHTjV9ZoqK4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMDgAoD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcBshccChoSFHB1Yi0yNTc4MzAxNTQ2MDUzODk3GP2pEg&sigh=kNu6cQO5vwQ&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&cbvp=2&vis=1
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame FE77 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kqKXFMQ1eNgEnYNiAgIAAACMiFmbbg6BVqmUklsQWlB-ZXEizzYCoKZONDEAABIAAAoKQVFVRER3RUJEdw&wp=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&cbvp=2
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
120104
server
Kestrel
content-length
0
372.min.45109c7c.js
statics.dmcdn.net/c/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics.dmcdn.net/c/372.min.45109c7c.js
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
/
Resource Hash
97005dd25cf70a636dc3cbbdf6b292ce3a83275dc375c313125aa845695a06d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2023 05:20:33 GMT
age
7392
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1039
x-llid
ec7f980b8f79d9bac94fcba1383176c8
expires
Mon, 15 Jan 2024 23:32:12 GMT
162.min.bcdf0db7.js
statics.dmcdn.net/c/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://statics.dmcdn.net/c/162.min.bcdf0db7.js
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
/
Resource Hash
48dcc69d44e904faf032c2a3397268031c5cd9093b5e31d8a235acd142d91f5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
last-modified
Wed, 06 Dec 2023 05:20:33 GMT
age
7987
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5214
x-llid
89740cfe3191e28011fceef2e1360030
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 761F 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
85046
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:57:58 GMT
x480
s2.dmcdn.net/v/UP9OK1Zt9JtBlRoHg/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/UP9OK1Zt9JtBlRoHg/x480
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-164-25.deploy.static.akamaitechnologies.com
Software
DMS/2 /
Resource Hash
3626738adede4be7d61eeabff0dc08cfded773f1a05e74fa154bc268758170ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
last-modified
Sat, 16 Dec 2023 22:07:47 GMT
server
DMS/2
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
server-timing
total;dur=2, dc;desc="dc3"
timing-allow-origin
*
access-control-allow-headers
Range
content-length
78081
expires
Mon, 18 Dec 2023 01:34:51 GMT
request.php
hal900027.redintelligence.net/ Frame 64E3
Redirect Chain
  • https://hal900027.redintelligence.net/request.php?zone=zu8zmf86i47n&nw=20&renderingType=javascript&namespace=2b463ecb6d&subid=&uid=929981af7e74409c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900027.redintelligence.net/request.php?zone=zu8zmf86i47n&nw=20&renderingType=javascript&namespace=2b463ecb6d&subid=&uid=929981af7e74409c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/request.php?zone=zu8zmf86i47n&nw=20&renderingType=javascript&namespace=2b463ecb6d&subid=&uid=929981af7e74409c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuKNXWlB-ZfmyOo3ugQfjjqvoBqblvaBpzZacp8kP8C4QASDlx4keYJXaiIKYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgSNAk_QkXk0cZl5TDP2oYtzwNvoN6826t3KaxsY9zXkej8A_4wCAgkJqV3DqBY625xZKHA0Qrkq39-jzwHKNbBKtXz0hi04y-JHcXYBlpQCe3E11MGmcrwAjHfLk1QGFG8-gLjU2m72MRLJShzvuScEW9tgIYf1sgEXpYRIDGvcBBL_t4zAKZjd7zNYh_ZeDcPs1kcFwafePVqzCtwcW0C2HBvKoPlVm5yPF8HPocBC5FeeooLUEhG425gWORgXB4caFsfR4H977xBf_PQ2g5Ms4eFR8x2cUydE1eFqzde25RLER5vcQ9NQw7IBimTzvqCu2gTxk6q-7V7OsU76SXJtAWgkvu1ReORKZLbXzwewwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOnM_KyqlYMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiitv2sqpWDAxUNd-AKHWPHCm2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ%26sig%3DAOD64_1PHXSDm1sRK5iy-p-4IxTiPmUcAQ%26client%3Dca-pub-2578301546053897%26dbm_c%3DAKAmf-AODGNKxXDJGVxRcKq9-TBYli2TwqQ52B-R5lb3Ez-H07nVFUzlWIZ4FhD0sYWLgFVY808_rtTUOnySij6pmO_8Hu7xCw9jxXcOPV1q6jFcxFESMWbsxZVmaUVRIujbjm82UvMwIAXn8zwLQ6WiYsUjjHk0L4utF3iMNDGQS6Cegn0Zob8%26cry%3D1%26dbm_d%3DAKAmf-DaANenpRBSFU8YXEuBopYuGXxw2YbTxDng4NCmvMHzbcBaw6uD4D628eEputw6jXv_X1HBEj_DDOyVzTpM8FfUWmySyEi35m502zsxeQVPY-K_FVUW86wLT_RJhWTy0ddGCt8H640UT3UubqyEjVGaO0K3Wa82R5W8ayOvXVLCWecknO7ET8k2jAoKWWlhvokSqrUYiJUTPK3xAGkayG0cUp6JSCF6t62QOfA3JVIgUo_sAiFVNFpbgJZIxWxul7wips4-FMRwiozojFsh4FTx1LcTFMJmHFthf7mJbHWISmGTpRI9DYa9YQLHi_xH1YZ4Dn91LxcDK8vmCPVpyPJ53pd7QlKKu-UVHjDRLFNw46s2LY5eWUEDzJyXgaYGtHqZSgts_GE36y3hnDSjG0NixZEmMPBVmhPj_qWFn9LVQjHsxZoHtUSl5Rx-PFBijd1qIBgEUN8rTyA0BdYgx92zfUD2Lzq6odVS_Vcbh4er7QVb4uvfXuzLvixZ-ri1LRw_rBxHfU-kh-As1SB8sGZwFE8Wf8cIh0m9w23Sj85pHyJ0tKK05sCj82F7JV1_4JhkiQzGOUVQwkZ5nQk5P_YOQ7f6Y6_45RhITbeSdf3SiuWjuXeIQA4R1ECCnJS77MzIwNPjTGcNARRWroyIrswVzxVSGg%26adurl%3D&documentReferer=https%3A%2F%2Fbola.tempo.co%2F&ancestorOrigins=https%3A%2F%2Fbola.tempo.co&random=710047798638&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
600b932d00e9797d73cd25f25ea5ebc90e4566e64bdfd41014133873c2b4a227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Dec 2023 01:35:24 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
10586500007403004444998012541027
Connection
close
Content-Length
1014
Expires
Sun, 17 Dec 2023 01:35:24 +0100

Redirect headers

Pragma
no-cache
Date
Sun, 17 Dec 2023 01:35:24 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=zu8zmf86i47n&nw=20&renderingType=javascript&namespace=2b463ecb6d&subid=&uid=929981af7e74409c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuKNXWlB-ZfmyOo3ugQfjjqvoBqblvaBpzZacp8kP8C4QASDlx4keYJXaiIKYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgSNAk_QkXk0cZl5TDP2oYtzwNvoN6826t3KaxsY9zXkej8A_4wCAgkJqV3DqBY625xZKHA0Qrkq39-jzwHKNbBKtXz0hi04y-JHcXYBlpQCe3E11MGmcrwAjHfLk1QGFG8-gLjU2m72MRLJShzvuScEW9tgIYf1sgEXpYRIDGvcBBL_t4zAKZjd7zNYh_ZeDcPs1kcFwafePVqzCtwcW0C2HBvKoPlVm5yPF8HPocBC5FeeooLUEhG425gWORgXB4caFsfR4H977xBf_PQ2g5Ms4eFR8x2cUydE1eFqzde25RLER5vcQ9NQw7IBimTzvqCu2gTxk6q-7V7OsU76SXJtAWgkvu1ReORKZLbXzwewwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOnM_KyqlYMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiitv2sqpWDAxUNd-AKHWPHCm2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ%26sig%3DAOD64_1PHXSDm1sRK5iy-p-4IxTiPmUcAQ%26client%3Dca-pub-2578301546053897%26dbm_c%3DAKAmf-AODGNKxXDJGVxRcKq9-TBYli2TwqQ52B-R5lb3Ez-H07nVFUzlWIZ4FhD0sYWLgFVY808_rtTUOnySij6pmO_8Hu7xCw9jxXcOPV1q6jFcxFESMWbsxZVmaUVRIujbjm82UvMwIAXn8zwLQ6WiYsUjjHk0L4utF3iMNDGQS6Cegn0Zob8%26cry%3D1%26dbm_d%3DAKAmf-DaANenpRBSFU8YXEuBopYuGXxw2YbTxDng4NCmvMHzbcBaw6uD4D628eEputw6jXv_X1HBEj_DDOyVzTpM8FfUWmySyEi35m502zsxeQVPY-K_FVUW86wLT_RJhWTy0ddGCt8H640UT3UubqyEjVGaO0K3Wa82R5W8ayOvXVLCWecknO7ET8k2jAoKWWlhvokSqrUYiJUTPK3xAGkayG0cUp6JSCF6t62QOfA3JVIgUo_sAiFVNFpbgJZIxWxul7wips4-FMRwiozojFsh4FTx1LcTFMJmHFthf7mJbHWISmGTpRI9DYa9YQLHi_xH1YZ4Dn91LxcDK8vmCPVpyPJ53pd7QlKKu-UVHjDRLFNw46s2LY5eWUEDzJyXgaYGtHqZSgts_GE36y3hnDSjG0NixZEmMPBVmhPj_qWFn9LVQjHsxZoHtUSl5Rx-PFBijd1qIBgEUN8rTyA0BdYgx92zfUD2Lzq6odVS_Vcbh4er7QVb4uvfXuzLvixZ-ri1LRw_rBxHfU-kh-As1SB8sGZwFE8Wf8cIh0m9w23Sj85pHyJ0tKK05sCj82F7JV1_4JhkiQzGOUVQwkZ5nQk5P_YOQ7f6Y6_45RhITbeSdf3SiuWjuXeIQA4R1ECCnJS77MzIwNPjTGcNARRWroyIrswVzxVSGg%26adurl%3D&documentReferer=https%3A%2F%2Fbola.tempo.co%2F&ancestorOrigins=https%3A%2F%2Fbola.tempo.co&random=710047798638&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sun, 17 Dec 2023 01:35:24 +0100
skeleton.js
fw.adsafeprotected.com/rjss/st/1700995/76574792/ Frame 761F 		255 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1700995/76574792/skeleton.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.63.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-63-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ec746b24a0894a03727f95c601be70f83b6aae8af9c8040fb3fa1436cf186d18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 761F 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Origin
https://ad.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6380
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 23:49:04 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 761F 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
113416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:05:08 GMT
yads-async.js
yads.c.yimg.jp/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://yads.c.yimg.jp/js/yads-async.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/102432/1070/wrapper.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
183.79.248.252 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
gnshbrequest-v3.1.1.js
cpt.geniee.jp/hb/v1/lib/ 		243 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v3.1.1.js
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/102432/1070/wrapper.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.51 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p051.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
bc546ab5163162ebc57a0927d3802c70a07cc91163b12b6701c7c198e3221128

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
last-modified
Thu, 14 Dec 2023 09:04:41 GMT
server
nginx
etag
W/"657ac529-3ca1a"
content-type
application/javascript
cache-control
max-age=86400, private
cross-origin-resource-policy
cross-origin
expires
Mon, 18 Dec 2023 01:35:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C36E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 01:35:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 603E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYoSE25ohA74CpnyqC7XgiL6dpe02pzpBR0JHQbCO8tLegnG7djM8cpnpj31RIpawzLCRMt9xytjL0nts1Yr4tZHIybAr-kybDDmLGdUAaQBkMpySbPXBideQcHbJxfYfOn-wnkB5nrY1pfvGY2XCIFS9I-M8hXHYux-KsJcOBAaSEKgEVnLHqyA8pIist_zhmh0Zg4zfAe1wi74qbpkMSRXUTRJiSqLrJxMa06rCPXVxa91_bnDaOQpHTFf1Bs8M9nz437NpnAWsLcNp3NPl1TOoKEuyyRBRKJ5ZHMEWkED5fNYhEZbmm1o5xh8q-_DotSWVlPfnlInjltRAacYqgrObyMTg&sai=AMfl-YTyeHCnWqBoRpKrzIembGQh-lO1z_zUs4iaqF3uASFCLQsGyywGsrC706JIt5hkehSh55c3teCwVOml_paQg6U0EElBmvMsBt8oBUDKct5KL4yhICnAWW1sV4qgtSc&sig=Cg0ArKJSzE1QXvcTZfrcEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 603E 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 16 Dec 2024 00:13:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 603E 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:24 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 36CE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
41343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 14:06:21 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E388 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
404517
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:13:27 GMT
expires
Wed, 11 Dec 2024 09:13:27 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 761F 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:24 GMT
index.html
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		27 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
26c814f5aa11f127f42207b37223073db641200845ca173a139f63866d5def16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:24 GMT
expires
Mon, 16 Dec 2024 01:35:24 GMT
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 761F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOvSjDTdDelvdz3l6Sl9wTqutfhokqol5Q8-NOqCDYEcrfll1Y1vTft0k0M9xRX1suKVIVdj3xJBqHGxP-UbYUQsA5uu9oL9JHp0yLdtL09_57MG97q0JaCZ7JWoyRVHdJKtHySP6B0hjEmh3Mn4LjNCoI0bwrgm3qRSuNCTcenQ4Zk_Iz3YyVTK0Gn2oUzZy3RbuxDjK13FYxkT0&sai=AMfl-YS9P3a3lhXfZs-lr9wTWnJMXOGjkQHkaMt8C7cE7vjHK-xIKhkQILMP87v9COpMRGbPTelTVI2Pwl6wSBAqEdCcMj3rpTJo3CHnyA&sig=Cg0ArKJSzGLhtHElSQVBEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=139&cbvp=1&cstd=134&cisv=r20231207.77864&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4948 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 19:15:56 GMT
expires
Sun, 15 Dec 2024 19:15:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D424 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a13c4b52110f3c884368f1b4588ebcc8af8f4be421e9b449f3903362c816996
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nVaLiN5Yge78V2W9NqKzZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nVaLiN5Yge78V2W9NqKzZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:24 GMT
expires
Sun, 17 Dec 2023 01:35:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
index.css
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/index.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
39327437bb4c3f219c9f380c662fbf70ddb546553eea35d91aa6a4130f813b41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 05:45:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2804
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 05:45:53 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame A15B 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 12:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 12:23:29 GMT
empty.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		89 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/empty.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
f3aaf5d3c05ef25bdb66dcc560a009f0728d172a44294eb2ec7852fb13ffc2e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 22:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441501
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 22:57:03 GMT
audio-muted.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		349 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/audio-muted.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
f4f0ee27a2bd689131c91420625c7f28583cc5c7c282da7bd29a7f4628c0e51e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 07:23:40 GMT
date
Sat, 16 Dec 2023 07:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65504
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
230
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
audio-unmuted.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		221 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/audio-unmuted.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
a9db5a8ce92e9d1e64b4dc648fcb2a7988850ed5205ef2f7cc1621680ccb8542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 22:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441501
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
181
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 22:57:03 GMT
logo-opel.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/logo-opel.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
35d1f62a8388e4f2aa50a863b522d265a002e83dc94db6e192734a1c05f0cbe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448912
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1244
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 20:53:32 GMT
logo-vauxhall.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/logo-vauxhall.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
8c3a4f4caf2d0f2fad2998de43431e10093a661bc188c61fa5171f4d9ceea1b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:40:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406487
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2058
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 08:40:38 GMT
logo-vauxhall-small.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/logo-vauxhall-small.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
a4c1a3b609b216f99061d9b36dce5915c8ca8e196efbd1c5b366e232846514e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404616
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1594
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 09:11:49 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/ Frame A15B 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
710277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25150
last-modified
Tue, 04 Oct 2022 19:36:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"633c8b2b-623e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2lO7C15IRGCFYn2LEvjHbpNF9Ojivb1hAGm1BtO0JfpiPyXMnmmGzP%2B8a7G66ZzeH4LOScI5HzQToNQzAfIwS%2BHT73S%2FhS4FAfJNPH5rCKuhTkDIEuwmuV3PxKq5w0ctnbOLwDR8GHaXAaQX48tCani"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
836b6de438733a79-FRA
expires
Fri, 06 Dec 2024 01:35:24 GMT
index.js
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
35080d9d3187be4cd798124da6ca85832780f1c9c4ccb97b24142f821a5548d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:38:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
428237
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5899
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 02:38:07 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 603E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs0G-LCd-CvhFIl9WQHYNsUoK98pYCZ6AkGX1W-yq2SIE2IoZOk0DgGGbMF0-qzt81Iu2bsojhsL7CDqBO43hiEt89B_CimO1ERDu6I3rYDRNxt3mlY80zg4h9LdrFdGEixc0M70GjyG6ZvLDdqFoUUvYOi8B3tXGfZ1mEdQf81NsMxlwqtEyuQa9YjRckshl9KUXy4OdxTSrJJP4Aol8SwoTB74ADaupRUPYUOE5a8l90AiQR_hEEBohJDjXl7VWD8CUHTnX2ubVV3jvUX2Uch_CFXq_naYqJOgKMPc2f0mlUK8hCfS9tdG0ogrLDJ6Ya9gjPbXh2OROkaWAyl8-FJE1JQ_sMWQ&sai=AMfl-YQYWFlIrwWR-KscxNa2_A4xhlDtEeEgK8UCOS-dwMtI0bm3vIxBpYm4oNBpVmRVDGZ1xg7Vfn4WUFRLMpifcYlt6mgtfD0IR0XmUi4LBoS4OEJff0bjf8Ns1hLjNmA&sig=Cg0ArKJSzOmWEv9m-Z0PEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:24 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E388 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
41343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 14:06:21 GMT
4.js
static.adsafeprotected.com/ Frame 761F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1700995/76574792/4.js?adContainerId=brand_safety_XFB-ZYCeH5rVjuwPnsSl-Ao&cbFunctionName=goog_wrapCb_XFB-ZYCeH5rVjuwPnsSl-Ao&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_XFB-ZYCeH5rVjuwPnsSl-Ao&cbFunctionName=goog_wrapCb_XFB-ZYCeH5rVjuwPnsSl-Ao&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_XFB-ZYCeH5rVjuwPnsSl-Ao&cbFunctionName=goog_wrapCb_XFB-ZYCeH5rVjuwPnsSl-Ao&true_pb=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H2
Server
2600:9000:223f:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 19:37:42 GMT
x-amz-version-id
vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1
content-encoding
gzip
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
280664
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 13 Dec 2023 19:37:39 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
dcmudgGuVF1_G5tK40uwzK8h6j9tWHKNWCHRf_EQzzPssyD9C767uQ==

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:24 GMT
server
nginx
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_XFB-ZYCeH5rVjuwPnsSl-Ao&cbFunctionName=goog_wrapCb_XFB-ZYCeH5rVjuwPnsSl-Ao&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3179 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:fc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
7521974
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
NyEyz8ZbpC8AOIDRKruXgcR1dNQM1IG0MGOexAe881jozO_aik-hvw==
sodar
pagead2.googlesyndication.com/pagead/ Frame D424 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1476380277117272&rc=null
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame 7A2A 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=10586500007403004444998012541027&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=zu8zmf86i47n&nw=20&renderingType=javascript&namespace=2b463ecb6d&subid=&uid=929981af7e74409c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuKNXWlB-ZfmyOo3ugQfjjqvoBqblvaBpzZacp8kP8C4QASDlx4keYJXaiIKYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgSNAk_QkXk0cZl5TDP2oYtzwNvoN6826t3KaxsY9zXkej8A_4wCAgkJqV3DqBY625xZKHA0Qrkq39-jzwHKNbBKtXz0hi04y-JHcXYBlpQCe3E11MGmcrwAjHfLk1QGFG8-gLjU2m72MRLJShzvuScEW9tgIYf1sgEXpYRIDGvcBBL_t4zAKZjd7zNYh_ZeDcPs1kcFwafePVqzCtwcW0C2HBvKoPlVm5yPF8HPocBC5FeeooLUEhG425gWORgXB4caFsfR4H977xBf_PQ2g5Ms4eFR8x2cUydE1eFqzde25RLER5vcQ9NQw7IBimTzvqCu2gTxk6q-7V7OsU76SXJtAWgkvu1ReORKZLbXzwewwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOnM_KyqlYMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiitv2sqpWDAxUNd-AKHWPHCm2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ%26sig%3DAOD64_1PHXSDm1sRK5iy-p-4IxTiPmUcAQ%26client%3Dca-pub-2578301546053897%26dbm_c%3DAKAmf-AODGNKxXDJGVxRcKq9-TBYli2TwqQ52B-R5lb3Ez-H07nVFUzlWIZ4FhD0sYWLgFVY808_rtTUOnySij6pmO_8Hu7xCw9jxXcOPV1q6jFcxFESMWbsxZVmaUVRIujbjm82UvMwIAXn8zwLQ6WiYsUjjHk0L4utF3iMNDGQS6Cegn0Zob8%26cry%3D1%26dbm_d%3DAKAmf-DaANenpRBSFU8YXEuBopYuGXxw2YbTxDng4NCmvMHzbcBaw6uD4D628eEputw6jXv_X1HBEj_DDOyVzTpM8FfUWmySyEi35m502zsxeQVPY-K_FVUW86wLT_RJhWTy0ddGCt8H640UT3UubqyEjVGaO0K3Wa82R5W8ayOvXVLCWecknO7ET8k2jAoKWWlhvokSqrUYiJUTPK3xAGkayG0cUp6JSCF6t62QOfA3JVIgUo_sAiFVNFpbgJZIxWxul7wips4-FMRwiozojFsh4FTx1LcTFMJmHFthf7mJbHWISmGTpRI9DYa9YQLHi_xH1YZ4Dn91LxcDK8vmCPVpyPJ53pd7QlKKu-UVHjDRLFNw46s2LY5eWUEDzJyXgaYGtHqZSgts_GE36y3hnDSjG0NixZEmMPBVmhPj_qWFn9LVQjHsxZoHtUSl5Rx-PFBijd1qIBgEUN8rTyA0BdYgx92zfUD2Lzq6odVS_Vcbh4er7QVb4uvfXuzLvixZ-ri1LRw_rBxHfU-kh-As1SB8sGZwFE8Wf8cIh0m9w23Sj85pHyJ0tKK05sCj82F7JV1_4JhkiQzGOUVQwkZ5nQk5P_YOQ7f6Y6_45RhITbeSdf3SiuWjuXeIQA4R1ECCnJS77MzIwNPjTGcNARRWroyIrswVzxVSGg%26adurl%3D&documentReferer=https%3A%2F%2Fbola.tempo.co%2F&ancestorOrigins=https%3A%2F%2Fbola.tempo.co&random=710047798638&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Sun, 17 Dec 2023 01:35:25 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
activityi;dc_pre=CPirgK6qlYMDFdgJogMd5WkIGw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009
5994599.fls.doubleclick.net/ Frame 1055
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPirgK6qlYMDFdgJogMd5WkIGw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009?
391 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPirgK6qlYMDFdgJogMd5WkIGw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009?
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f6.1e100.net
Software
cafe /
Resource Hash
68382728eb42ec56a2c0305a103990281436b043588c196cb988bdf809cdf27a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:25 GMT
expires
Sun, 17 Dec 2023 01:35:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPirgK6qlYMDFdgJogMd5WkIGw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal900027.redintelligence.net/ Frame 5F68 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/request_content.php?s=10586500007403004444998012541027&a=9e770e2f
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=zu8zmf86i47n&nw=20&renderingType=javascript&namespace=2b463ecb6d&subid=&uid=929981af7e74409c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x100&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCuKNXWlB-ZfmyOo3ugQfjjqvoBqblvaBpzZacp8kP8C4QASDlx4keYJXaiIKYB8gBCakCDqjL0mBHsj6oAwHIA5sEqgSNAk_QkXk0cZl5TDP2oYtzwNvoN6826t3KaxsY9zXkej8A_4wCAgkJqV3DqBY625xZKHA0Qrkq39-jzwHKNbBKtXz0hi04y-JHcXYBlpQCe3E11MGmcrwAjHfLk1QGFG8-gLjU2m72MRLJShzvuScEW9tgIYf1sgEXpYRIDGvcBBL_t4zAKZjd7zNYh_ZeDcPs1kcFwafePVqzCtwcW0C2HBvKoPlVm5yPF8HPocBC5FeeooLUEhG425gWORgXB4caFsfR4H977xBf_PQ2g5Ms4eFR8x2cUydE1eFqzde25RLER5vcQ9NQw7IBimTzvqCu2gTxk6q-7V7OsU76SXJtAWgkvu1ReORKZLbXzwewwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WOnM_KyqlYMDgAoDmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJEReINEwiitv2sqpWDAxUNd-AKHWPHCm2wE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ%26sig%3DAOD64_1PHXSDm1sRK5iy-p-4IxTiPmUcAQ%26client%3Dca-pub-2578301546053897%26dbm_c%3DAKAmf-AODGNKxXDJGVxRcKq9-TBYli2TwqQ52B-R5lb3Ez-H07nVFUzlWIZ4FhD0sYWLgFVY808_rtTUOnySij6pmO_8Hu7xCw9jxXcOPV1q6jFcxFESMWbsxZVmaUVRIujbjm82UvMwIAXn8zwLQ6WiYsUjjHk0L4utF3iMNDGQS6Cegn0Zob8%26cry%3D1%26dbm_d%3DAKAmf-DaANenpRBSFU8YXEuBopYuGXxw2YbTxDng4NCmvMHzbcBaw6uD4D628eEputw6jXv_X1HBEj_DDOyVzTpM8FfUWmySyEi35m502zsxeQVPY-K_FVUW86wLT_RJhWTy0ddGCt8H640UT3UubqyEjVGaO0K3Wa82R5W8ayOvXVLCWecknO7ET8k2jAoKWWlhvokSqrUYiJUTPK3xAGkayG0cUp6JSCF6t62QOfA3JVIgUo_sAiFVNFpbgJZIxWxul7wips4-FMRwiozojFsh4FTx1LcTFMJmHFthf7mJbHWISmGTpRI9DYa9YQLHi_xH1YZ4Dn91LxcDK8vmCPVpyPJ53pd7QlKKu-UVHjDRLFNw46s2LY5eWUEDzJyXgaYGtHqZSgts_GE36y3hnDSjG0NixZEmMPBVmhPj_qWFn9LVQjHsxZoHtUSl5Rx-PFBijd1qIBgEUN8rTyA0BdYgx92zfUD2Lzq6odVS_Vcbh4er7QVb4uvfXuzLvixZ-ri1LRw_rBxHfU-kh-As1SB8sGZwFE8Wf8cIh0m9w23Sj85pHyJ0tKK05sCj82F7JV1_4JhkiQzGOUVQwkZ5nQk5P_YOQ7f6Y6_45RhITbeSdf3SiuWjuXeIQA4R1ECCnJS77MzIwNPjTGcNARRWroyIrswVzxVSGg%26adurl%3D&documentReferer=https%3A%2F%2Fbola.tempo.co%2F&ancestorOrigins=https%3A%2F%2Fbola.tempo.co&random=710047798638&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e84314e900800effb0c80ba1b8db4a3c7baec04aa708bb886e5d2e4546063a40

Request headers

Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1873
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Dec 2023 01:35:24 GMT
Expires
Sun, 17 Dec 2023 01:35:24 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 64E3
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=10586500007403004444998012541027&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=10586500007403004444998012541027&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=10586500007403004444998012541027&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=10586500007403004444998012541027&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Sun, 17 Dec 2023 01:35:25 GMT
server
nginx
content-length
138
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 761F 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1700995&asId=1043f0b7-f735-7579-d383-c4d07b4827b4&tv=%7Bc:x195gy,pingTime:-3,time:64,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYEKrIq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l11*.1700995-76574792%7C1l111%7C1l112%7C1m1%7C1m21%7C1n%7C1o%7C1p11%7C1q11%7C1r1%7C1s1%7C1s21%7C1t1%7C1t2%7C1u11%7C1v%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1y11%7C1z%7C110%7C111,idMap:1l11*,rmeas:1,rend:0,renddet:na,siq:16%7D&br=c
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 761F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1700995&asId=1043f0b7-f735-7579-d383-c4d07b4827b4&tv=%7Bc:x195gz,pingTime:-6,time:65,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYEKrIq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l11*.1700995-76574792%7C1l111%7C1l112%7C1m1%7C1m21%7C1n%7C1o%7C1p11%7C1q11%7C1r1%7C1s1%7C1s21%7C1t1%7C1t2%7C1u11%7C1v%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1y11%7C1z%7C110%7C111,idMap:1l11*,rmeas:1,rend:0,renddet:na,siq:16%7D&tpiLookup=ao:bola.tempo.co*%2C0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com*%2Cads.eu.criteo.com*&br=c
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
empty.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		89 B
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/empty.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
f3aaf5d3c05ef25bdb66dcc560a009f0728d172a44294eb2ec7852fb13ffc2e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 22:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 22:57:03 GMT
audio-muted.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		349 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/audio-muted.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
f4f0ee27a2bd689131c91420625c7f28583cc5c7c282da7bd29a7f4628c0e51e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 07:23:40 GMT
date
Sat, 16 Dec 2023 07:23:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65505
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
230
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
audio-unmuted.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		221 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/audio-unmuted.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
a9db5a8ce92e9d1e64b4dc648fcb2a7988850ed5205ef2f7cc1621680ccb8542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 22:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
181
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 22:57:03 GMT
logo-opel.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/logo-opel.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
35d1f62a8388e4f2aa50a863b522d265a002e83dc94db6e192734a1c05f0cbe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448913
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1244
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 20:53:32 GMT
logo-vauxhall.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/logo-vauxhall.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
8c3a4f4caf2d0f2fad2998de43431e10093a661bc188c61fa5171f4d9ceea1b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:40:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
406487
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2058
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 08:40:38 GMT
close.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		401 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/close.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
bc978c9056bf82bcdc7f8a2a71c0b26f1537aad1b09b049ffd0d62552b28f56a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
422292
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
231
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 04:17:13 GMT
truncated
/ Frame 64E3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e954c3c49561c9b19c862ed57a65800d0cbc99a0c85457bb74318bc9b3d33976

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4948 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
41344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 14:06:21 GMT
dt
dt.adsafeprotected.com/ Frame 761F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1700995&asId=1043f0b7-f735-7579-d383-c4d07b4827b4&tv=%7Bc:x195hF,pingTime:-2,time:133,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:154,mdZ:352,beA:437,beZ:438,mfA:440,cmA:441,inA:441,inZ:443,prA:444,prZ:450,si:453,poA:454,poZ:467,cmZ:467,mfZ:467,loA:502,loZ:503,ltA:570,ltZ:570%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:133,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B128~0%5D,as:%5B128~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYEKrIq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l11*.1700995-76574792%7C1l111%7C1l112%7C1m1%7C1m21%7C1n%7C1o%7C1p11%7C1q11%7C1r1%7C1s1%7C1s21%7C1t1%7C1t2%7C1u11%7C1v%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1y11%7C1z%7C110%7C111,idMap:1l11*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:16,sinceFw:115,readyFired:true%7D&br=c
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C44 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BqXQYWlB-ZYGzOo3ugQfjjqvoBgAAAAA4AeAEAg&bg=!VValVhnNAAY3kmNgF5I7ADQBe5WfOHhx6LC009X_WASx_U6GG8B8yTB56P-L0JghwoRjS5AZUVbuEL2-SMTMMRliip1lAgAAANdSAAAAAmgBB5kDPGBLi5qIvmgawTmprajeh_xYDeQWQKSGiWCC51KlGunRCEIdVd5jeXCXZlfL3MNqro8pSAbAt3e6FUWRV2mZNJXvVT8sh9so6IMSwE_kY-cXwfzWg8XPLFMUnfLhOXzy0IQcMaSdG7q4ZhA9JnVSaSUazS9dp_gWOs9FFHQcBYqOQyfBsxwpvaPsxvp1Pu-CnupUrz1jScjStc9d_dRhXMMhfrrSH36aY5vfHJAtLVOg0-g8yjf3-NN7omQKGoZh8AGTKAl59eoEj7NWfg0NU-Jndgg0WiGlRQT7Dl-Y3eRnDZNUgJKgmv7CiJKKEWPgQFKVEWseCgxvnB7Cr7A5XoBfWzKhb9x8An4vy0EheLjRZS2sOzAdZh7IkK6zPuerWg-YAfpwlW8LeeEnmK5S_G_FL1eemhx7raTlPGhm44edifAnvmJ8kE_RJXiKSSZJS7TC_x486hkd4U93bbaMSv7PJY8IO6ltvDas4uh22nEo8alGg5GmmG1jYTkXgofvnTk7I_xyk6vEoYDV60r2QsIa4MbXB7NdqmtFLAnqZGLc0BxFf_Jwjj3Ce4-lPxHTxXrBuk_X-KtwieXjA42rTL0_ND3TTEu7scwqJfw78gkalJX_yOVMV0EBuA82-NVQj_mx6cQXthtmoNQ60Fdx4N-2rcYOYmvjnzydRj_zVNAtHduAipimPdpMJrVQqNmOl3zKWdUssjbPz4zNLuvT7s86PD5ctRHjzJ6fbc2OSkn7mMewh-q1eF7CHvPyrgoVJoHAGrO0KKzSRecr_pMZlVpm8yBe2G1nRGCrruYB8_epzM9scQvMvFmMTURS1op_0rdK0O531_1gBk4HDl9r516cu9iWcszN2iHpQmanDWAH2CW58g-iY6xJd6XRpl6unYjw0NafqDdAcN1MJCThtkdXFdDnrBgVdGvNY21nDbHeQuTWKMxBhPyytpdz-ZdgZMREqT2HIH7B2oSBi6MfQ5TsQs4HO0sgGLcpZ-0m_qCKOG1cCd_RI6o1AOTqqclsVanuC1u1iGj8gimzUG_QvpM_27prjzSZiw_wdYLFQGd-AdtsSD0gY528032AHTHiEQ3Fazd_4tx4qQ68Aw
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 5F68 		5 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=10586500007403004444998012541027&a=9e770e2f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 23:59:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Dec 2023 01:35:25 GMT
/
hal9000.redintelligence.net/scale/ Frame 5F68 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=10586500007403004444998012541027&a=9e770e2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.220.201.138.clients.your-server.de
Software
Apache /
Resource Hash
74b6743617c31c5a1450cf1eebd939dbc2b0b9b4ab66b8b680c729bf1334b37f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 01:35:25 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12180
Vary
Accept-Encoding
Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED4B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BqP7RWlB-ZYCzOo3ugQfjjqvoBgAAAAA4AeAEAg&bg=!FRalFlnNAAY3kmNgF5I7ADQBe5WfONoMTunMjaC34mobLhbxDLa-hqJbfU-2qzMRLVweG7yZ08Ey5dpBEGxuqJstrcdKAgAAARdSAAAAAmgBB5kDO09TbWiVnSHFNcgZW-1Ce3vo8no9o1TXHhC4dndXIKQdlbSD09_CWyuRzoZA9LCdP7eBFQOucwm2IZzP14VS2D24CnjxV0ft7SoFF_9SYLDhvhKFbd8Bkw6Jf-xyTJ50nPJUrEtNkG0HTNHqa7Hd_qwZRxE1t1ojhq-Kb6PeKuRo7pduC8BBNB7o8b6lPDi828dUPTQtd0OshbHaDuqDAk38humuImOy-Wd6vGAMBCvfypwPBAmxXvZ9Wi_f7s1fGTo-F7A2ZRljkr5UxJF6Q9x9w9uD_R_bW3RSCPUnZywFxVIoqGNCf_e00wDSr0xznYo_UT4KhyuqvZ0jDRfUzGjLgVIBxU31FD6q1KW-GrMeacB4xsv8re5Bm6xJw-VYRYEWcpVCn5cd-M0aqX9Vh4zzk-YMewvXbFejS6wWhfsstWm4klQhYhbFdPoV09lAyrGRyCsBypF5oTSESCKxsWlaYkHQe0qGbwKLwYoPvONwgljtg_g-uLU_3SAw4NplzWJNxrEdpdwSHmi01eCxOx2R91tGI5ygG9JA35Ab5EO8ekUlBqi84zJ1B3LOks4vi18T0UnTwLDp1tjvAcjxKaIs92PNKbDpgqhl5O_tNWf6-tNWIhImJgswSz2O2HjPhRkBo3xY-PBkI4YJlGhjBGNI4_xIoNXFadlIjYdcUSIBNOKCQXNQXdIYxs8axXFy9X57LxqmDrW04e_U94ODzojPmG4yK9LMZePiEbmey47iIcLgo6He9D0SES8wyCi6RFVKaCi-WQqGjGL8YtYJ4LyP-5T6m_t_5QrPB1h3ZBE-sTW2uuQjTxnUNWMA_qVJ0b04vXeJ6wsBlCIDFGUkf-CElRGTnEfXjiqanfeaQ6XFpk500AXWqKrlOgDYtIvNCZflRF3ePynYQpo0LETDp9K2zxM15IUeECGvmtsadkpG0XH2YnXVwxH57gQsQvm2Ib_zY_gVX-5PUfM_aKQnBgIfyNO3z_uQCWsN65gmwQWk_xblM5DH6TZWoikiQgvOyUMwPHl9DXGulR4AH5z0qqypZKQW3kiUwQ3pUMaOLYq0r0vdiXXpDAF6DnduDt-snkYUUWtiYL_Sy2Q9
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 761F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOvSjDTdDelvdz3l6Sl9wTqutfhokqol5Q8-NOqCDYEcrfll1Y1vTft0k0M9xRX1suKVIVdj3xJBqHGxP-UbYUQsA5uu9oL9JHp0yLdtL09_57MG97q0JaCZ7JWoyRVHdJKtHySP6B0hjEmh3Mn4LjNCoI0bwrgm3qRSuNCTcenQ4Zk_Iz3YyVTK0Gn2oUzZy3RbuxDjK13FYxkT0&sai=AMfl-YS9P3a3lhXfZs-lr9wTWnJMXOGjkQHkaMt8C7cE7vjHK-xIKhkQILMP87v9COpMRGbPTelTVI2Pwl6wSBAqEdCcMj3rpTJo3CHnyA&sig=Cg0ArKJSzGLhtHElSQVBEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=427&vt=11&dtpt=288&dett=3&cstd=134&cisv=r20231207.77864&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adop_sdk_p4.1.0.min.js
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame 9372 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/d94268a0-c59d-4278-9196-e578e8f0747f?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=d94268a0-c59d-4278-9196-e578e8f0747f&type=re&loc=https%253A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rnd=&percentage=false&size_width=300&size_height=600&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21417
x-jsd-version
main
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKaZuzRtzrpNouoWbnhUqFkyd28EDlfrm5oFItd0rMNcfuK%2BCRw6XwJ6BNfTKD3wY1YnuS9YgM76Sa%2BoByJ408%2F6d4d6l87RrQ1uHsOanQKdwgUMpC%2FMODCirv0twn%2FQK8q9Y6yecax%2F0AUjkfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
836b6de5cc6a9bef-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9372 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/d94268a0-c59d-4278-9196-e578e8f0747f?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=d94268a0-c59d-4278-9196-e578e8f0747f&type=re&loc=https%253A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rnd=&percentage=false&size_width=300&size_height=600&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fad578fcd979d0e474d9c0c706f30fde4dc10ae218f5f324b4e7c6a8e00bbee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29868
x-xss-protection
0
server
cafe
etag
152 / 19708 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:25 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A15B 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e147190bf2b71bcded8043a01ff102103adfded90a8c7e5f05b0271780d67ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6000
x-xss-protection
0
viewability
hal900027.redintelligence.net/ Frame 5F68 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/viewability?s=10586500007403004444998012541027&a=ee71cb8d&vb=m
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=10586500007403004444998012541027&a=9e770e2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900027.redintelligence.net/request_content.php?s=10586500007403004444998012541027&a=9e770e2f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 01:35:25 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
collect.php
data.adop.cc/ Frame 9372 		0
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMxMjE3MDEzNTI0IiwiY3RyeSI6IkRFIiwiYWNpZCI6IkRFLTIzMTIxNzAxMzUyNC1hMjJiZDFmYjgzNDM0MjViIiwibmV0IjoiQ3VzdG9taXplZCBUYWcoMSkiLCJ6aWQiOiJkOTQyNjhhMC1jNTlkLTQyNzgtOTE5Ni1lNTc4ZThmMDc0N2YiLCJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiYnJvdyI6IkNocm9tZSIsImRldiI6ImRlc2t0b3AiLCJvcyI6IldpbmRvd3MiLCJpcCI6IjE3OC4xNjIuMjA5LjEzMiIsImZsb2MiOiJodHRwczovL2JvbGEudGVtcG8uY28vcmVhZC8xNzQwMjI4L2RpLWJhbGlrLWVrc29kdXMtcGVtYWluLWNoZWxzZWEteWFuZy1idWF0LXRvZGQtYm9laGx5LW1lcnVnaSIsImZwIjoiMCIsImNkdCI6IjIzMTIxNzAxMzUyNCIsImRpciI6InYiLCJ0cCI6InJlIiwicmVmIjoiIiwidGl0bGUiOiJEaSUyMEJhbGlrJTIwRWtzb2R1cyUyMFBlbWFpbiUyMENoZWxzZWElMjB5YW5nJTIwQnVhdCUyMFRvZGQlMjBCb2VobHklMjBNZXJ1Z2klMjAtJTIwQm9sYSUyMFRlbXBvLmNvIiwibG9nIjoiYmFzaWMifQ%3D%3D&aid=a4f42d85-6d06-4604-9c0f-52d7dce9f663&r=OXgJKwB
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da12:fbe:4202:41d:1858:3645:ec6 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
pes.pip.964bca2b.js
static1.dmcdn.net/playerv5/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/pes.pip.964bca2b.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xbqdn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
ea61f5852605a8fe943e2ffd25651f24c9571665ab9fa392a55d5486d4750679

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
209028
server-timing
total;dur=1, dc;desc="dc3"
content-length
3773
last-modified
Thu, 14 Dec 2023 15:29:33 GMT
server
DMS/1.0.42
etag
"657b1f5d-2e7f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
31346ec55bb5a2ec080353b4e6c83e90
expires
Sat, 13 Jan 2024 15:31:37 GMT
/
pebed.dm-event.net/ 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xbqdn.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed1.dm.gg
Software
edward-ed/2.2.2 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Sun, 17 Dec 2023 01:35:25 GMT
Server
edward-ed/2.2.2
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
cookie.js
geo.dailymotion.com/ 		38 B
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.dailymotion.com/cookie.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xbqdn.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Date
Sun, 17 Dec 2023 01:35:25 GMT
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Server
DMS/1.0.42
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Vary
X-DM-SSL
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store
Server-Timing
total;dur=7, dc;desc="dc3"
Timing-Allow-Origin
*
Content-Length
38
gen_204
pagead2.googlesyndication.com/pagead/ Frame 36CE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BbOz7XFB-Za6vCv_MjuwPnuOJ8A0AAAAAOAHgBAI&bg=!iomlicbNAAY3kmNgF5I7ADQBe5WfOKApLxfo2RlOZSHEbUDNwwhtX2_oevoF3BXWUF1vuvdTwkz_A-CxeLg4UoHrA2NeAgAAAR9SAAAAAWgBB5kDPLt3hVst8-UwA-ymTl9YWbtgtSKQ4i8yYv22bE30YoRKBoQdPDF11XS4_itmoURmn0k4foDvw__g2IuBWuIdLPz8DypBVRyzx83X6un1kxEmiAaysVF5L_cevjmjjX4-Ef59CKqAvhX9-Izqyj9JtOxiVvNtussQ2FhQQ1G7qcHoaE1xv3ZiDQbZP_rVZSPaamAiCH5HSfvoyx8uVw5Fj6wYI4gzIPNL4f0Z3vU4qgVKetSSvZkwbCAi4HN2hougU8TamsFQdgNXDld9O1jTF5eLWNGFboORW1fXGVm-v5NhRNACLEzwBybNgg8HPnSJw92RXtrh-1a1vtPq474jQ8Mz-VzQx9wq8EkjDAojvLSgM1x4KIZoLfU-mvzYavGnRliC56F0pjfhgqOEy6oqtiMbHlr1jVLIDQvvTe44mCss3iqqtpW1oWsViLkSvThHzWOIN_iucUJpGAMuCkoV2JQLeW9CmnZpuZHcox-w5Jey4Qt62ZBTM6nR7gCAaequ5Nr5co-jcnIBedKBHDUXRG-HpJYYKhU-xVT5_2hwEr2e8iQI0xgvm46xKruEFAi5tgVdGvMZBiWIK30R5IH8mVBchg6_6eh1cOILDNtuORmJxp8qKxQeAvSeEYulaLK--tj-H5foYQh8kJi4cUWod0PNfkLBoRnm0hhUFroawrj1zpIjrC0y0sgX1G1u_XdvjzNMSMhNL6Bh3BagWUgEWjebPsU_YMUsjvDzdNEA_xVTO_1FlLtrcDxnEP7-WtMDQlGsukkLp1NekNDag61-mHoJcjFRLw62ct0HlLR0DYuDYV0WAjHd1xkHYLqpuW-WfnVuIfXe9YKLyBhkyZNQpGLJmWy3NVJJt5Pw42_9r4ubtlyxvcMHIkvrWOLzZiBP1gxHs0_oSDwsFeYuqM6Czwk_SK_VjnljXjjG7_L3wyAWJXOSe3suzZbDEz_EPtcTReAOtZqBfY596kmzH3E9aCdexiqg3Djp-oIrf6tW6vaTCAi4FV33eW8WcpnCbLNv9msS26TUfguVaZs1IGKbQmgo5NsF-RetVHgl7RZVSV5DbzqQ5XcB2UlQa9TUx3-AzreBVctztS-X_0dX_A
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adop_sdk_p4.1.0.min.js
cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/ Frame 5F88 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/adop-devel/jsdelivr@main/adop_sdk_p4.1.0.min.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/fa545f0a-3b31-40d2-b6d1-b08b4a418e91?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=fa545f0a-3b31-40d2-b6d1-b08b4a418e91&type=re&loc=https%253A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rnd=&percentage=false&size_width=728&size_height=90&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21417
x-jsd-version
main
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"4750-isEqIF8N2eYoT8i3VVLuvnJTTQc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeNZMsbKzUsi2S3iND0h5zYRf2W4TxZ425SatKNMek3xxeb3iF9KpzpT9BxXGKeP7HOFbx9n76qxTmlJC3AlEiDL3wtUMX%2BbS2LRsjB33cdNBEy5fNA4PHQShSWWA60rsu2qeY0nYQRE4qEiC2w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
836b6de708649c04-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5F88 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: compass.adop.cc
URL: https://compass.adop.cc/RE/fa545f0a-3b31-40d2-b6d1-b08b4a418e91?over-size=null&over-size-w=null&over-size-h=null&over-zone=null&adop-zone=fa545f0a-3b31-40d2-b6d1-b08b4a418e91&type=re&loc=https%253A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&rnd=&percentage=false&size_width=728&size_height=90&
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14532612f856bcc41a39c19b377f374c1c2e6f710b223cf59097fc365def89f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29867
x-xss-protection
0
server
cafe
etag
508 / 19708 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:25 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5F68 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900027.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:12:00 GMT
x-content-type-options
nosniff
age
462205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Dec 2024 17:12:00 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 5F68 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900027.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 08:54:05 GMT
x-content-type-options
nosniff
age
405680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 08:54:05 GMT
0.json
rec.izooto.com/rec/64745806f8afa0d3728d5e249f787c3103e86367/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rec.izooto.com/rec/64745806f8afa0d3728d5e249f787c3103e86367/0.json
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7539fb8fe5a46a2f78875feae0cf07ca418a9e30176fd785df923adda8e662
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sun, 17 Dec 2023 01:32:01 GMT
server
cloudflare
etag
W/"657e4f91-1d89"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
836b6de73c7a3738-FRA
x-xss-protection
1; mode=block
expires
Sun, 17 Dec 2023 01:55:25 GMT
ads
fundingchoicesmessages.google.com/f/AGSKWxU_VrFwwh2lgnMZjnOqCHBlD0liDJt2zGviC-sSaQNEIyixrmkZbfnWwri2F7rFHCI5dRravM1ZxirjdXCfuJuAhKPN33zuGsG0Cc_-mzdXnNpjq-1_RToPMHywlXRtqjBT22H7yw_QzI8jOIrcVPetmwkV3... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU_VrFwwh2lgnMZjnOqCHBlD0liDJt2zGviC-sSaQNEIyixrmkZbfnWwri2F7rFHCI5dRravM1ZxirjdXCfuJuAhKPN33zuGsG0Cc_-mzdXnNpjq-1_RToPMHywlXRtqjBT22H7yw_QzI8jOIrcVPetmwkV3XYcjrfLq-M_vWJ6uEFpkKLuYR3qhswZ/_/ad_code./ads?zone_id=-panel_ad_/oncc-ad./ads?callback
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0db8bcca1db954cb820cb1306bd7cb4d267fb9a379c4821fadcb14898265a357
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ko3zlk8GhC9Oy0ogN5pMEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ko3zlk8GhC9Oy0ogN5pMEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19d44854a4b979ec52fc326e1ba83ee2d8a3882dcbdf4c9ad74470eefce4e5f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:37:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
3454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11389
x-xss-protection
0
server
cafe
etag
13573587406519424940
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:37:51 GMT
AGSKWxW5b_XtPqS5pYxmqUwH7ttRZpA3p6dbmlp65xTl5fxkvdE39nW1JPfyvuIZ05Gdq5DvG3E6iLZZTfAZ71dcOQg2kxyXoU4KlS20IzVagZpc_xRkAO66wUgcX2kqX5N4vCLUK38Z-A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW5b_XtPqS5pYxmqUwH7ttRZpA3p6dbmlp65xTl5fxkvdE39nW1JPfyvuIZ05Gdq5DvG3E6iLZZTfAZ71dcOQg2kxyXoU4KlS20IzVagZpc_xRkAO66wUgcX2kqX5N4vCLUK38Z-A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-720j1mnUY0gd80rCfO_cng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-720j1mnUY0gd80rCfO_cng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bola.tempo.co
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 761F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1700995&asId=1043f0b7-f735-7579-d383-c4d07b4827b4&tv=%7Bc:x195jG,time:258,type:e,im:%7Bpci:%7Btdr:134%7D,imprf:%7Bttecl:467,ecd:125,tsecr:42%7D%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:258,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B253~0%5D,as:%5B253~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYEKrIq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l11*.1700995-76574792%7C1l111%7C1l112%7C1m1%7C1m21%7C1n%7C1o%7C1p11%7C1q11%7C1r1%7C1s1%7C1s21%7C1t1%7C1t2%7C1u11%7C1v%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1y11%7C1z%7C110%7C111,idMap:1l11*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:16,sis:184%7D&br=c
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame E388 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBe8uXFB-ZYCeH5rVjuwPnsSl-AoAAAAAOAHgBAI&bg=!JSalJmnNAAY3kmNgF5I7ADQBe5WfOF8-hFr6FAqjVR8_yJ9Bv3qpjWxjWlFRRAelc4JYheXYaclawHb9BA3loUFt_5h5AgAAAHtSAAAAAWgBB5kDg7HrKOl3jUeDKJhHJgMEOo-v7_izy1YfUEdaloOof1G7XUIuPQMhan5c5yqGugIY2Q2K9xVTb6rEZ7JGCgw_b3S_9Kfti8CoMMQ_8oBpbG4P9ZtV5-otB_ihsjQIDtHmYPDKb2ddtH9yS3Be21U0GMIG5W0DMma8wPoI4Mzs-OqWP6etjYd1s0fBznTvtRJlvKn2QRQvOYVy7gJAYwkleMxDuIQTpNSzf_RuLstfCBMzjOO_HQHIy7IZ6jYLI4Njtj26ldzdhiITAj2pLjfsJVDyEFUyuD2R5bKF-UHTRRzT-JLMRK3LUWr3qAmANOu8qru8xYNabbWkbXpBUE_o4sEzOKVYuMDGY2kbxWzibs1NX_7odhGxw3elrBMNslXax3_r1WoWxC8_0bAd5XjZwd2pDbp8q-EuzFeeAG4vgw8rR4P9J3UCZSa1SIy-L7V0CZqDPHA_DRFb_u968S_5dcqb8WyW2T07YUzn40UiqbBKVkwwVwmuF1FBKBOiH-6lUfT1mzEZK9Qjfi6fgPRtC7L-OItUEN1dGXVZWjTrc74SmkzBCuFxybYR0DoNNkEQMmdvzuiERCaCpdfIivQFeBcBF0GEKnmzQLpWjOAdgQhnEhJOLDEthtJpMPOL2gNZTWbuoOnTqF5YQWzS8UR3jK1VRVtoE8hKN0l1FZ-wjEemHWd6AaavaKcuDwOP3MO4gh0yRhPcZdGbEvDYSUWHKjldp6YjQxNwcPvq8sBOlmyCdfQ_d9sZVw5F7wsdnE2JzS5OXtH4ZlvIl9pcgBDEEktGruXoa0MPRNS81lx_XJiaD1H8rKf5SQvSJv9ULzpzPDLZiPFH9bWAbGhE-u2v-qpWD4PFCWygQIF5JFGefPoA9meHKBiobN-P_f-biT1aO2Nn_6hi9Jrt4CL4g2USbAL6NLYaBptn7cXYeJWVfLtifsc6QP4mP6tvMt5moVvjWGp72Y7k7aWTumNFc94vhqJmuGUD9401foC-HMHlnUSDlG4bP26n2_9LVxZ_V7DbDuPpUe3jgnNy1aaFNYJnn3B2K8fW6FeTI_ia_Q1KBBvZv4UyRghR_rLwIAIkkoINhtZUHw9ZfKRCOP1Q5sFUTSMYXnppTK0TomUI2O9ekykQ0qzMPrZK2iRHdegYw0p1w_TpSmmZDBWAIGrU5YR52ULxLshNkrxVrGwOltGnhA6S5Lmh
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 4948 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?i0fIIA
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4128 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-s2GF7o5ZX4zF9Ri8qB1qcI6z-hxaC-0gx9QMGWvhDwA_9fvGKdOjrvsZW3X5lZviKDOnoAE5PpBYzBuss2T-W6_jetS7y2fPrBgXWoRNGhkTJ1PS&sig=Cg0ArKJSzHhUWma3by7LEAE&id=lidar2&mcvt=1000&p=230,315,480,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1063741250&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702776923585&rpt=643&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CPirgK6qlYMDFdgJogMd5WkIGw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009
adservice.google.com/ddm/fls/z/ Frame 1055 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPirgK6qlYMDFdgJogMd5WkIGw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPirgK6qlYMDFdgJogMd5WkIGw;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8373931097800.009?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A15B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 01:35:25 GMT
AGSKWxW5b_XtPqS5pYxmqUwH7ttRZpA3p6dbmlp65xTl5fxkvdE39nW1JPfyvuIZ05Gdq5DvG3E6iLZZTfAZ71dcOQg2kxyXoU4KlS20IzVagZpc_xRkAO66wUgcX2kqX5N4vCLUK38Z-A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW5b_XtPqS5pYxmqUwH7ttRZpA3p6dbmlp65xTl5fxkvdE39nW1JPfyvuIZ05Gdq5DvG3E6iLZZTfAZ71dcOQg2kxyXoU4KlS20IzVagZpc_xRkAO66wUgcX2kqX5N4vCLUK38Z-A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L_8bCPtEIMTlKcqV4lcFFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-L_8bCPtEIMTlKcqV4lcFFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bola.tempo.co
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect.php
data.adop.cc/ Frame 5F88 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adop.cc/collect.php?data=eyJkdCI6IjIwMjMxMjE3MDEzNTI0IiwiY3RyeSI6IkRFIiwiYWNpZCI6IkRFLTIzMTIxNzAxMzUyNC1hMjJiZDFmYjgzNDM0MjViIiwibmV0IjoiQ3VzdG9taXplZCBUYWcoMSkiLCJ6aWQiOiJmYTU0NWYwYS0zYjMxLTQwZDItYjZkMS1iMDhiNGE0MThlOTEiLCJ1YSI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiYnJvdyI6IkNocm9tZSIsImRldiI6ImRlc2t0b3AiLCJvcyI6IldpbmRvd3MiLCJpcCI6IjE3OC4xNjIuMjA5LjEzMiIsImZsb2MiOiJodHRwczovL2JvbGEudGVtcG8uY28vcmVhZC8xNzQwMjI4L2RpLWJhbGlrLWVrc29kdXMtcGVtYWluLWNoZWxzZWEteWFuZy1idWF0LXRvZGQtYm9laGx5LW1lcnVnaSIsImZwIjoiMCIsImNkdCI6IjIzMTIxNzAxMzUyNCIsImRpciI6InYiLCJ0cCI6InJlIiwicmVmIjoiIiwidGl0bGUiOiJEaSUyMEJhbGlrJTIwRWtzb2R1cyUyMFBlbWFpbiUyMENoZWxzZWElMjB5YW5nJTIwQnVhdCUyMFRvZGQlMjBCb2VobHklMjBNZXJ1Z2klMjAtJTIwQm9sYSUyMFRlbXBvLmNvIiwibG9nIjoiYmFzaWMifQ%3D%3D&aid=27f8bd70-6310-40f4-862a-7af9fa51eb17&r=snlySDv
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da12:fbe:4202:41d:1858:3645:ec6 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
xbqdn.html
geo.dailymotion.com/player/ Frame 8B98 		65 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/libs/player/xbqdn.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
6cbd2a1a56a3eda0da5fcd7da1e74f7cd34952a66da644827babd555a90301c6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

Referer
https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
21453
Content-Security-Policy
upgrade-insecure-requests
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type
text/html; charset=utf-8
Date
Sun, 17 Dec 2023 01:35:25 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Server-Timing
total;dur=26, dc;desc="dc3"
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Timing-Allow-Origin
*
Vary
X-DM-SSL,Accept-Encoding
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame 9372 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
41345
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 15 Dec 2024 14:06:20 GMT
AGSKWxW5b_XtPqS5pYxmqUwH7ttRZpA3p6dbmlp65xTl5fxkvdE39nW1JPfyvuIZ05Gdq5DvG3E6iLZZTfAZ71dcOQg2kxyXoU4KlS20IzVagZpc_xRkAO66wUgcX2kqX5N4vCLUK38Z-A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW5b_XtPqS5pYxmqUwH7ttRZpA3p6dbmlp65xTl5fxkvdE39nW1JPfyvuIZ05Gdq5DvG3E6iLZZTfAZ71dcOQg2kxyXoU4KlS20IzVagZpc_xRkAO66wUgcX2kqX5N4vCLUK38Z-A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-M5H7VflidlbI_ibmuDUo2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-M5H7VflidlbI_ibmuDUo2A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bola.tempo.co
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW5b_XtPqS5pYxmqUwH7ttRZpA3p6dbmlp65xTl5fxkvdE39nW1JPfyvuIZ05Gdq5DvG3E6iLZZTfAZ71dcOQg2kxyXoU4KlS20IzVagZpc_xRkAO66wUgcX2kqX5N4vCLUK38Z-A==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW5b_XtPqS5pYxmqUwH7ttRZpA3p6dbmlp65xTl5fxkvdE39nW1JPfyvuIZ05Gdq5DvG3E6iLZZTfAZ71dcOQg2kxyXoU4KlS20IzVagZpc_xRkAO66wUgcX2kqX5N4vCLUK38Z-A==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5z35NrjSvtxHn4VZT7Oi1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-5z35NrjSvtxHn4VZT7Oi1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://bola.tempo.co
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXnCcCO-DRomgm9kp84e0K-_CtfZls0LZcyRL2OQBM0W7Kgf_1i42O7dlkP1SwTn4jkMBcMqKsSmA8LeILoKxfCutroigWfcVDnVFjD6ieFBkhU_PJiayDhfUN0vdi-D4NQMYoxXw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXnCcCO-DRomgm9kp84e0K-_CtfZls0LZcyRL2OQBM0W7Kgf_1i42O7dlkP1SwTn4jkMBcMqKsSmA8LeILoKxfCutroigWfcVDnVFjD6ieFBkhU_PJiayDhfUN0vdi-D4NQMYoxXw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAyNzc2OTI1LDMzMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYm9sYS50ZW1wby5jby9yZWFkLzE3NDAyMjgvZGktYmFsaWstZWtzb2R1cy1wZW1haW4tY2hlbHNlYS15YW5nLWJ1YXQtdG9kZC1ib2VobHktbWVydWdpIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c93513fa2d430c90381289c68b31ea59c43cdf667526db8d539e440e2d27de6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kul47YRWz7lZ2ndYn_ZT4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-Kul47YRWz7lZ2ndYn_ZT4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 761F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1700995&asId=1043f0b7-f735-7579-d383-c4d07b4827b4&tv=%7Bc:x195mp,pingTime:-10,time:427,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702776925353%7C%7C46f1a44dfa472e5943438f77cec8923b%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7Cac98cc73bc0c552800384a224fc3d6da%7C%7Cff156b874dc6956dee71c42c905dd4e6%7C%7Cfb702a9a9fba0ad2891a5af39b602829%7C%7C5fd6941ce3bb359e906c144c7f6a397a%7C%7C757558a2e79ee58d4296e6256012ed08%7C%7C1663701684%7D
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N778265.154378CRITEO2/B31067358.381188489;dc_ver=99.292;sz=970x250;u_sd=1;gdpr=1;dc_adk=2517281648;ord=n91v5z;click2=https%3A%2F%2Fcat.nl3.eu.criteo.com%2Fdelivery%2Fck.php%3Fcppv%3D3%26cpp%3DkGvNLT6Clrb-2yOceKzy4rowgRd2dZqNA9bAQNfkkYqH9JxruFovovMHJd1fHhn8vRK4dk2a__4x2oxdJz7W4xvfqzchu0o7pbDY0QFTcWLNxXtCDo4PtZmYSQ8SyVuf2ihBImONxDCPE8QqoImconmoLIGUn7wESD6q9Sn1bad0g8cNePSe_antFG1zXUPSMeEctACZAgrVhK5YkIe3Sje8GAsUZ9UoHS3Mbzd24fHSmxujwD4nIlxGkCY2JPz0qfsLRNoMsaA-aeO2jpz6yygA7zwPED2nFHGuKjaD7pN00KIOKVdeoox0qOhmMJ_nOKgjy7Q9Qx6ZezDHDsgg30vH2ape1YlVXM-qjy3OmWeccKgol8oaJRL1V8XPh7F4daolbTSNq1cTVpzdSnc_xi4EadfjEeAnkhPEBKCCm18nQL--DumGusUqaOEML8AKzho1TQ%26maxdest%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fbola.tempo.co$2,https%3A%2F%2F0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com%2F$0;xdt=1;crlt=u3YVkq)mj*;gcsr=m;stc=1;chaa=1;sttr=180;prcl=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame C36E 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 603E 		0
0
check
rtbdemand.apiip.net/api/ 		1 KB
995 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
00b3daadad1897ac8c0691e6352ef5b6fad9ca0305d65837ec06b9bcf4a85ae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"507-dKIOzCbr5nVos9aV4hmUJfnHKOY"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
836b6de818b5b734-AMS
alt-svc
h3=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5a0ac3cab44d05de4129b26e2e01862db4b4aa49c742c51b200feb0eb1b287b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29864
x-xss-protection
0
server
cafe
etag
296 / 19708 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:25 GMT
prebidtempo3.js
rtbpass-us.andbeyond.media/ 		508 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass-us.andbeyond.media/prebidtempo3.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f918cd9b815871fd79a1651e509629573fef2d3329a0f2b5c76c44fb05eede44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
9202GCZMGZ6QSTZ8
age
97
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
162301
x-amz-id-2
J8mxxbJlifM6r/oOkcnR8E65RkD54ahnB0xFwf6O2Y6F2+byQqOiZo0NmZsS1xVeO+1tBrvpdKA3ryWIP3hiKA==
x-served-by
cache-fra-etou8220053-FRA
last-modified
Sat, 09 Dec 2023 09:57:19 GMT
server
AmazonS3
x-timer
S1702776925.433526,VS0,VE1
etag
"d2638177dfba03e0816028761de50d6b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:00:54 GMT
content-encoding
gzip
via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront), 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, PRG50-C1
age
2072
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
s4Sqcn76nVuIUlswm_uKdxz6ZU0eZ7zPT2yUvFo4Ffno2rtU6jLnLg==
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1E43 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
41344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 14:06:21 GMT
dmp.infopack.3cb51e1e6137b7e84257.js
static1.dmcdn.net/playerv5/ Frame 8B98 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.infopack.3cb51e1e6137b7e84257.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
dedc140980acf11856cf47e3cb3e5babbc7812ae9a8deafec03dd451aefa0590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
497827
server-timing
total;dur=2, dc;desc="dc3"
content-length
15108
last-modified
Fri, 08 Dec 2023 16:06:25 GMT
server
DMS/1.0.42
etag
"65733f01-e462"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
643a6bd41ab8a88ef63d9071dedf5c1b
expires
Wed, 10 Jan 2024 07:18:18 GMT
dmp.jq_flight.1d9782312a093aadb89f.js
static1.dmcdn.net/playerv5/ Frame 8B98 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.jq_flight.1d9782312a093aadb89f.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
23843
server-timing
total;dur=1, dc;desc="dc3"
content-length
14946
last-modified
Thu, 14 Dec 2023 15:29:34 GMT
server
DMS/1.0.42
etag
"657b1f5e-a5e2"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
1e17ec8876790e620e61f7f71631560d
expires
Mon, 15 Jan 2024 18:58:02 GMT
dmp.photon_vendor.3ce7557f0c4e78d46b63.js
static1.dmcdn.net/playerv5/ Frame 8B98 		321 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_vendor.3ce7557f0c4e78d46b63.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
45986891113c4ae3780f4974cd3facaf0146bf46605c1b9ef525896d75fa6aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
58659
server-timing
total;dur=0, dc;desc="dc3"
content-length
97739
last-modified
Thu, 14 Dec 2023 15:29:26 GMT
server
DMS/1.0.42
etag
"657b1f56-503f9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
70c85594e4e4077240d7878ca0de6cc6
expires
Mon, 15 Jan 2024 09:17:46 GMT
dmp.photon_boot.3fec52a92eb25b48c2e3.js
static1.dmcdn.net/playerv5/ Frame 8B98 		119 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_boot.3fec52a92eb25b48c2e3.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
2291063995f62baed1232d05327bc1d5e268bda96d1a6879e32d8c60ae1617cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
478161
server-timing
total;dur=1, dc;desc="dc3"
content-length
38445
last-modified
Mon, 11 Dec 2023 11:01:50 GMT
server
DMS/1.0.42
etag
"6576ec1e-1dbfd"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
95d280a667db86454067bfd603923eaf
expires
Wed, 10 Jan 2024 12:46:04 GMT
dmp.photon_app.9dd052baf301d94f254e.js
static1.dmcdn.net/playerv5/ Frame 8B98 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_app.9dd052baf301d94f254e.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
f4ccee8d8068a3b3379e47f428773dbb070498dc38508caa023c4642a0502149

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
387218
server-timing
total;dur=2, dc;desc="dc3"
content-length
57830
last-modified
Tue, 12 Dec 2023 13:58:10 GMT
server
DMS/1.0.42
etag
"657866f2-29bc8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
f5e14500036b53f3f8cd8bd1434fe00d
expires
Thu, 11 Jan 2024 14:01:47 GMT
dmp.photon_player.b315888d9edb10a00902.js
static1.dmcdn.net/playerv5/ Frame 8B98 		68 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.photon_player.b315888d9edb10a00902.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
e447900ce1050ab6f9ac3519a30836eee1100fe0d7e862d547aeacdcaf4317c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
478161
server-timing
total;dur=1, dc;desc="dc3"
content-length
19930
last-modified
Mon, 11 Dec 2023 11:01:50 GMT
server
DMS/1.0.42
etag
"6576ec1e-10e88"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
ff72392cea6e7ac72a54aa7cf99a077b
expires
Wed, 10 Jan 2024 12:46:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A461 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6V93CmkovHuTRev9MZ9v651H3u0FXZc8dF8oqviyeksOuIO3pFcH5tPJOKCqQ7BYcZUv7iz4j16lu61hUNyWWb9wXePakOLIjIMUZwLd1jBZ7FoRDzgCQeZHB9wsdbUorHdhFUUHE7s-HszUKWrev5Dt_&sai=AMfl-YT4uMQN126ju8cYY3QCBqhnuqbJVIA_-Gv7hzvLmVx9xuLLn_2kx6lbPLvukyjyZCnDY-QI15PC6mjXqPkEaFGGUZj6norZyPyHn2VSb1rW2x41KzA1-KdPnzFjX3W2npBlf5DGiZhuFLIaxbGuGg&sig=Cg0ArKJSzMsg1i_lbN5_EAE&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&id=lidar2&mcvt=1029&p=222,129,822,249&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3655511942&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702776923645&rpt=636&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 14D0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPKTPQiE-YyxMvqe34FiVusxA8OQS5qGxNjyYGSPRGxGjobJoXLwsv7t1iNDMx-0ykILK-7SfGLNdJAWhdFZ09PGxlfuJwpSiGqinAV5Za2XWQq_5H9XhJyx8j0Qu1bw4WKjjHPznw7F3ZrvyRZ8_s9vZj&sai=AMfl-YQSW2yf5fO3YAgItkyWz8BtNNqfPnEgNA-E90v5cGC4gjkUoxG7eSfHtJHVhiph0MtmZTm-V_g4geV3LhuZYVbage82qHlrMSYMeoLAheNdpNrzWbJ-iPnqZAgf6BlQNyWThl5Z-ybkScMsC92_jg&sig=Cg0ArKJSzJs1FP5go-skEAE&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&id=lidar2&mcvt=1031&p=222,1351,822,1471&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1739778181&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702776923650&rpt=701&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8B98 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6eab9c5940faf4875ba74f76ea909581bc577fad943041e12196621445175fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:25 GMT
dmp.advertising.513c19fdc48089e784da.js
static1.dmcdn.net/playerv5/ Frame 8B98 		183 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.advertising.513c19fdc48089e784da.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
bdcf5080b018eda5be1a663f1aa43cfba4d1ba58e6cab61cf18ae5749495f02c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
497827
server-timing
total;dur=0, dc;desc="dc3"
content-length
51279
last-modified
Fri, 08 Dec 2023 15:55:56 GMT
server
DMS/1.0.42
etag
"65733c8c-2dd37"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
f1152e4b8cd0c4f4447c975e6f5c9bf8
expires
Wed, 10 Jan 2024 07:18:18 GMT
dmp.locale-en-US.7ea9e0789b5df615c7aa.json
static1.dmcdn.net/playerv5/ Frame 8B98 		2 KB
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.locale-en-US.7ea9e0789b5df615c7aa.json
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
fe5a5f3469030993701e2cb0c63a1a66b1a3d59f87d35a5fc0fb0503fb534cd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
774167
server-timing
total;dur=0, dc;desc="dc3"
content-length
604
last-modified
Thu, 07 Dec 2023 15:34:14 GMT
server
DMS/1.0.42
etag
"6571e5f6-7fa"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
d6a6e0871bfc6ce2161bdc06e3a8ca10
expires
Sun, 07 Jan 2024 02:32:38 GMT
/
pebed.dm-event.net/ Frame 8B98 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed1.dm.gg
Software
edward-ed/2.2.2 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sun, 17 Dec 2023 01:35:25 GMT
Server
edward-ed/2.2.2
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame 8B98 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed1.dm.gg
Software
edward-ed/2.2.2 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Sun, 17 Dec 2023 01:35:25 GMT
Server
edward-ed/2.2.2
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
/
pebed.dm-event.net/ Frame 8B98 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed1.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Sun, 17 Dec 2023 01:35:25 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
x8fl3x0
www.dailymotion.com/player/metadata/video/ Frame 8B98 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/player/metadata/video/x8fl3x0?embedder=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&geo=1&player-id=xbqdn&locale=en-US&dmV1st=68a7d5da-f629-47a6-94bc-102e2c799cc9&dmTs=467607&is_native_app=0
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
9749ae253745e6c2a525a8c92af57837198913f40418fc567d8c1d24404df70b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:25 GMT
Strict-Transport-Security
max-age=31708800; includeSubDomains; preload
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=115, dc;desc="dc3"
Content-Length
4959
Referrer-Policy
strict-origin-when-cross-origin
Server
DMS/1.0.42
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://geo.dailymotion.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Authorization
AGSKWxUhiU2-oonM-wKw-NYSyf6sXa-7pu8oieIF1CwaJNuCqtGnVMyOgI0PRquyu3fo7mdNQjnNnbrddLGFFVrtkQtu8QKFggoLTAaXHYBsl3wU59R7KHtW65C_pCRl8_BQNwGoMQ-Sgw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUhiU2-oonM-wKw-NYSyf6sXa-7pu8oieIF1CwaJNuCqtGnVMyOgI0PRquyu3fo7mdNQjnNnbrddLGFFVrtkQtu8QKFggoLTAaXHYBsl3wU59R7KHtW65C_pCRl8_BQNwGoMQ-Sgw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WLGCc6azImzKJORHlpjeGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WLGCc6azImzKJORHlpjeGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ Frame 5F88 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
41345
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 15 Dec 2024 14:06:20 GMT
vendor-list-v204.json
vendorlist.dmcdn.net/v2/archives/ Frame 8B98 		418 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v2/archives/vendor-list-v204.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.3cb51e1e6137b7e84257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
AmazonS3 /
Resource Hash
b0978fb0412437ad74f3482f09b3c0084254e06ca8a3956467c7a388746ab840

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GSRcJmcaUJWitICBWr9S2xwSG6ODE9pk
content-encoding
gzip
via
1.1 e61ad774b1bb9761f20e1bb4c1d6c734.cloudfront.net (CloudFront)
date
Sun, 17 Dec 2023 01:35:25 GMT
x-amz-cf-pop
CDG52-P1
age
104710
x-amz-server-side-encryption
AES256
content-length
56027
last-modified
Thu, 29 Jun 2023 16:05:24 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
95.140.237.234
x-amz-cf-id
oQzENMNlOW9vB_KdYef5ee5HQyfs5UCd9PG68Ip-E_iqr4KU3C_0yg==
x-llid
8af0b75c52c1e3fe5e49dd8d0d579b66
expires
Fri, 22 Dec 2023 20:30:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 37E0 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3rbzXq2WQzvfvUAgp5R-fp3B3kRwhVB3Tm-MXNr6SUNH7bA0-XgWEPXw2ttSaVMY3d8nuYBuQKNKUowIMOV-m5aSbSU-5tLvobzvnEAHSaxxsLd5N2JbEqSaN8b1Gv7PT4no73jpPhVtlbMPIuszsyT68_IdLYIaqS1DorQVWAuyeeNRDn98h1dkMiPXlh57g98G7t-kAMDdOabbyJXt2lYNkQy8-4LAPVXlTf8d1li90x5mJ8ufP7ZI4OqWj6F71Q4JUHmjxyezLmIVUrH9wlKom-45oGCi79wXXOWGf7fJAY3IxKIJXdMR2y3uJI-72xtHcUnG8KvLk378s-uC4tcJZ1ngPo88-7mAz-ChEpFTblLCqHtRgIX7kBz0RZ9mh-ueTxiCjDoEqp1dWbr-Ui6twry5xPTcqVtO9wo9Vnr-_8X0_zPdwB_v0xSX2r_fePZvA5mn-dahOVKxixniHG0sk0MHb4d9NUiIpP6augKspvj03M21AYLlFh6o7UogtXj-5OHdm4I0qyUlMw1a2O_0jHhby8p84O3_YJe0489UvhvCNxhkkQa_OaMPNPYNC2LVKnVjv9jgmtRT1-Nge01Wv_hkLSeYJkegqOvXMYkfccAv6z3wr-D8Itluqz9J2zjeiiAEUz4XZMlAbbMcoiUmBAFAEF1mXq-ULJ8P4GwCOGrRmTlWq770PxmB_Vf4Yv1ieu_iMPYZLKgOAlRJv7GXYclwmJEaAPXx3HTFpnHpB6yB5gxd-ef2C71So27hNzG3xwghxvaVMvubZyWbTsHQHgMTTd66fafuQPV8RVsRGZhso1b3cfy-hP7FvoiK2-r9h2lm_Tn3Y7HZp0-COt6H8m9Am_UyElu4gvsiZzKvOuUce_gIwcYN_S-R8iBl_ib2iwf7LfSnvlA3jzT0R842EoqvLNbpKztgnmfcLJ8Lwnlbw7xdEgR-hV6WgXnmcGTXiCl5tCICO4U73mK4kk1k0BybgC24YHw4HzLCZ1MnddNbC7CIMPqjAf5kGHzolSf8GOUw8C0gu0Fs8SrbFsiDty51Afewhg04kM_Z5oaZ9FBc6NArbA6-0vRPwLwNB1u3Exgn_nDpgRFrIqJ-icLF0Si_DufFsdzf4N3YTzm-YHovDZlq2aygJDWKoh0jnsq7O1yKPKRAQI5P7BtI9DL52VWu7BpKGe8RLBrIhCn_E0KIfCClUWj86Fh0lOFFevOwh9wAixFdiUBAxXQAf-iEvwiRCkXFQQNJtqLk9-0p4Ck5xIXdLxKXLUgjypYLfHqq-CerKlpjZYxefwAgAPCNPTNNkgmn1XRdPdAvhblEAd8lmSnGoz-qmInfghv4bR6OXG_JAwUF4zruEL18bWPXLT5Dv3939WFXzQxwYLjaT4q79I1UowrTtlIfJGuH0fnQZhr08tMhVo0j6jx8dQiBh6x1gG4u0188MeIdjs0POeAhwBCOvOnv7bNkDpnKeTMMb7Ix8vV7HbttxStKNbWojguZEKPI5yGE9VPpEQF1_Gq9fs5GGxEhlB2Gu4Gs&sai=AMfl-YT_NcEQlrwFASrbckeY6RS-GzWKufWTPeV8zIsTTWLNXeJbQRQ3J_2ODvkkkRR5oMtRKleGR_4xnwRUxR8kiBoGpHB8BZpMaw_scE_D72NJY_zDIXmdKD7zy1VDKZGDIwDBSfTrKBekz6iHYOSQKZYLu7l5PbC7Tbw5qqY&sig=Cg0ArKJSzPDoOxziwucQEAE&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&id=ampim&o=1026,558&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=848&tls=1859&g=100&h=100&tt=1859&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendor-list-v25.json
vendorlist.dmcdn.net/v3/archives/ Frame 8B98 		530 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.dmcdn.net/v3/archives/vendor-list-v25.json
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.infopack.3cb51e1e6137b7e84257.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
AmazonS3 /
Resource Hash
61c3f279c024c4b28081fb6bda43f4e25dd8e7d9efbe3ade1d4ee0b188f88e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
tKdlwoOnw_GuFP84h.C9QwQb.UKCEEKj
content-encoding
gzip
via
1.1 bfd596aba0de57f83442d2ebd6b268f4.cloudfront.net (CloudFront)
date
Sun, 17 Dec 2023 01:35:25 GMT
x-amz-cf-pop
CDG52-P1
age
17854
x-amz-server-side-encryption
AES256
content-length
66845
last-modified
Thu, 02 Nov 2023 16:07:35 GMT
server
AmazonS3
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
x-ip-address
95.140.237.234
x-amz-cf-id
PY5CzDH0mlCkeKe500t6-BkouJsdHavoJCFcjwtjNusaBqqTZBkuaA==
x-llid
d085cdb37e2369bf62c60fb8ef8f6f33
expires
Sat, 23 Dec 2023 20:37:51 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 9372 		135 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=824301949133521&correlator=3228218911890450&eid=31079956%2C95320408%2C31079525%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=223513049%2Cca-pub-5111137191506013-tag%2CTempo_pg_300x600_std&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=1&didk=3594380841&sfv=1-0-40&sc=1&cookie=ID%3Dbd735c4aae7f2be5%3AT%3D1702776922%3ART%3D1702776922%3AS%3DALNI_MYJ71uy_x4OpeuCL3C8Bf23kQqGEg&gpic=UID%3D00000d1de8fde0e4%3AT%3D1702776922%3ART%3D1702776922%3AS%3DALNI_MaeibB1GfToxI4Z_ofwnYJB1gHjKA&abxe=1&dt=1702776925528&lmt=1702776925&adxs=411&adys=150&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=ihwo2fdxspoz&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=2&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&ref=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&top=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&vis=1&psz=300x600&msz=300x600&fws=256&ohw=0&ea=0&ga_vid=469069242.1702776923&ga_sid=1702776926&ga_hid=173251246&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-MWnq8cxSABSAghkEhkKCnB1YmNpZC5vcmcY2Manq8cxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPjFp6vHMUgAUgIIZBIXCghydGJob3VzZRiWx6erxzFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pSzNGWFJXSjJLMHBST1V0RE1WQktkbHBCVDJ0MFp6MDlJbjA9GNLIp6vHMUgAEhkKCnVpZGFwaS5jb20Y-MWnq8cxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjrxqerxzFIAFICCGo.&dlt=1702776924321&idt=1106&adks=1343490699&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0326f8649e060d956d88a71a1100723625e2d8e57dadcd53f8a4a8b2b341a380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44140
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1509 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:25 GMT
expires
Mon, 16 Dec 2024 01:35:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 4FED 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqwy979ayl-hSm548y7vWz3bvmjLCHLb_54RRixbF1udJief_0MaCFNGgjwUr6qhfbp_P7mtsOTFikZemZPVjYqKuzUtZR-wlO2sD-7E6PSVcp1H0Ohi6COIgDzBibOI3w-srGiwPs9m8MfhnlEdYSVxEDg0ahuNwNlJ0RGzwPgoyyG4HrryZiQ9l91BEiq_FRv9o-a_DjT1Dq2F1FOsYCnaADr6tbQakhwtVO11XqQwNzTGQ2u0TT3MzGsMVpjGrxxWEyIvnDoUfkRRiHIsMR9yASVeBVJA7dgy5-U3ggVVKCJThE6KoZexU5nKQcv6UynNvoX-icvqLHOvwVKnBQ8AsP2_eP-lCy5PWHcoiVkcyct0Cz4eQMnf7XEQFknFArUU0T6Ku48rK-AZuGE_0lYt7e0xuRF63uK35XdVx7mCgOzMrT8iX6zrfK6aMdJJx1i2oHuMrW5VhTUlfLXjWlJNr5rknctcv5MqdLPep6v1N_oRbewLiP_b429q__32jDdcw2Bgvo98ZAzW8djT5iAJQIkLzg2fg5aXfC16Nbb53YQdwB1oUxih9hAc2C8xB186hnfXFFRqZLYguOqFhiJXm21j0JZPyior_Oozg_SAk8RsIcTwdTCeHomHVHRPoI_zb5B1pxhcEwJCl3Jw_d3Fg7WkQ8paSXa43XZS2UbAADJ_uxjDNL08nriE7CQ3yMrffgA-d0ma-uWGrYnyaJBRFcr2MSpAiBjnHxiiBnlC4R0RtAPjVl2p0hkGV1V78Mal_pHKGD3k47IO6vgby50qoYxLm6CcY8V0wsi-BPX89lOY32wPzqDTgBnWXiHgjrF5Ea_wowqrjAXkVRCFm96YVEqaR7ak8JWfVWmuwSJseZv3G7PHMT88VmXQ1pkkTBPtfHi6i0MNxdCysLIBZ4QmOk0RqjrcYHboV7jQIBgnNRYCMtY5tUMMXCIuSlYYpyNckjJbvxJCZtgYEyFt-aqSbZAY6vpsSCtBJKlUfiJtTqLjT8RW_GO_KmF5XBG157_IZ-8DHR0lWYuV9ORRD6oav_yoGUBgN23yHGvdMYbCCq2h_R_3u10zMgdlYLJNlCcXz9gCNqFVFwqs3-mlmM0Sb8cI6S71fB1jwVaad9fpuQKgu31RiHF3xlqeM1BaQF3t67-caG8bLqD1pTujLx-s9oK1n1IpW8ELCd6LiPBJHRjD9AGq_9IMZHzd285GTU89JDjMbNPUxC0xgkrFfTo7hhB-eUIW3kpDo349Djh_lT1uoigYHZMsuoxCRymSihv-PlV2NjUXn7VBkiffG4soSO1qUJoaU75RBaXvuGMLo4qEgGeDB5pMKuU4_7ARlrpBNsn50AZLmX58KrFPIxpvxr5_shpPoi6L2DJpTSEN2SWuqWGbLnQ7G45fENal3-fijKGn7ywd4eFpzekpZScoydmvVJaxmGAGEcCb1kPAnrttt1pIv9tKmNLXP56d7OexZ9Y19eG00Tga3O2dVZ67X6pOwtKU8g8ExfNiOBa5k1&sai=AMfl-YTsdFS9R0j5tR8_eizHSDynEqphacVr8qcBdapZ4f57fThc7oAuncsTwwlvNWStuatO1YJh8bRQgClcG0ygdFnWxfB1J3q9UNlYoE-421FDB0ZtlNKl_fHrAfrN5hHCYzAe1gIQ5NyzLtxrFLpAQt77SnXa9IGY2cTwAu0&sig=Cg0ArKJSzKdFoYD0u3zjEAE&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&id=lidar2&mcvt=1032&p=1106,315,1196,1285&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2982763702&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702776923628&rpt=875&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
41345
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 15 Dec 2024 14:06:20 GMT
cd6cddc5-4dca-4d77-9a65-8b894400e772
config.aps.amazon-adsystem.com/configs/ 		564 B
831 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-39.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
dc8e270a6c4089b306a6058d541e71d584db80c236f99875470008a97c8303c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:46:55 GMT
via
1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2910
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
8BxJYOMYT_3u-JuvUXRSH8ggG0a2itqLHitA2UZHD0W5NOSXdlMgjw==
config
c.amazon-adsystem.com/cdn/prod/ 		0
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
date
Sat, 16 Dec 2023 04:37:25 GMT
x-amz-cf-pop
PRG50-C1
age
75481
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
06JnVP5QeFmwzvvrkj56MZvcHdHkxLJkb5ALYSss7P2JeWplxQmgZA==
/
pebed.dm-event.net/ Frame 8B98 		15 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed1.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain; charset=UTF-8

Response headers

Date
Sun, 17 Dec 2023 01:35:25 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
464
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
adview
securepubads.g.doubleclick.net/pagead/ Frame 4128 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTxOhWlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBN4CT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2SszgvrvFowih9Hb929MBJtfT9fTQbjSDlLH-V2S8WLisqyMBdNBJhpyHgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA4AKA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAbIXHAoaEhRwdWItMjU3ODMwMTU0NjA1Mzg5Nxj9qRI&sigh=Q8ZPOKixVqY&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_VPJ34LQOy8OVSZS4zKKkfwdJgNnRUKO8k4Xo6fv4sMHLoVLDQJ-9l1CO8y2IOk1FVKpwbox6KLIRhIgWeev3tKgCDyIY1726pdcYAQ&cbvp=2&vis=1
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 4128 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kt_tF-v_CsoH-gGdg2ICAgAAAIyIWZtuDoFWqZSSWxBaUH5lXxkj5DIT1ccNggAAEgAACgpBUVVCQVFFQkFR&wp=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&cbvp=2
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
145103
server
Kestrel
content-length
0
dmp.quality_switch_mse.cd6c414854f1dfc0038f.js
static1.dmcdn.net/playerv5/ Frame 8B98 		388 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.quality_switch_mse.cd6c414854f1dfc0038f.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
b5cd606e67876d3e7deb409da3c66b4f559b3f0a1d5afc303b6ccd06ac77416c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
832473
server-timing
total;dur=1, dc;desc="dc3"
content-length
118563
last-modified
Thu, 07 Dec 2023 10:19:10 GMT
server
DMS/1.0.42
etag
"65719c1e-60fd9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
19dedd5e8efa02d90b1356001dd3ba5f
expires
Sat, 06 Jan 2024 10:20:52 GMT
latencies.js
speedtest.dailymotion.com/ Frame 8B98 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://speedtest.dailymotion.com/latencies.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.9dd052baf301d94f254e.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.91 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
st.dc3.dailymotion.com
Software
/
Resource Hash
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 01:35:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Sep 2020 07:44:45 GMT
Content-Type
application/javascript
Cache-Control
max-age=21600, public
Accept-Ranges
bytes
Content-Length
2041
Expires
Sun, 17 Dec 2023 07:35:25 GMT
all
csm.eu.criteo.net/ Frame BB32 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=HyhanUWrFZ6tp3IQNDOyCZviab2twBC_j_UwzjJWW1Fay-Dth4OCNya_ZzJTL62ckJdhQIzkZXz-xfJvgs33iUozpu_OyTEyjSE-QnFnOMVGTWFK-ztyWGdznHg-4TcXYhWhVefgJRKlevRZ1askuVgpoDmEsz0zOqScntpguUDrgVF1fVJGMth5dtnqQ6FWj56v8Lv-QjY8pZsJ-uuI26O1P_rTH6IUvZ8dbmHfT-_PaDDRPBXuel6F26Or_zM792LVSA&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
OpelNextW01-Light.woff2
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/OpelNextW01-Light.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
69aa44ad6883f039652f58e34508268cf970fc5320107e869b2c56514c68df59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:43:14 GMT
x-content-type-options
nosniff
age
431531
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16132
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Dec 2024 01:43:14 GMT
OpelNextW01-Regular.woff2
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/OpelNextW01-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
4ebdaf8c14e061acf2086dcf8848748d44eb586ac17a330c0c5d7b135c56672e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sun, 15 Dec 2024 07:23:43 GMT
date
Sat, 16 Dec 2023 07:23:43 GMT
x-content-type-options
nosniff
age
65502
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16396
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
41554636_20230901075215446_OPEL-CORSA-MCM-L-2023-BEV-DIGITAL-DCO-BANNER-970x250-EN-P-KV-cropped.jpg
s0.2mdn.net/ads/richmedia/studio/41554636/ Frame A15B 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/41554636/41554636_20230901075215446_OPEL-CORSA-MCM-L-2023-BEV-DIGITAL-DCO-BANNER-970x250-EN-P-KV-cropped.jpg
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
39cef54102ef7d79c3e5dbe45b39807c45551c9fa12ca95b8c25c8020ea81520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:12:13 GMT
x-content-type-options
nosniff
age
4992
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83789
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 14:52:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Dec 2023 00:12:13 GMT
41554636_20231026081940904_Corsa_CD_970x250.svg
s0.2mdn.net/ads/richmedia/studio/41554636/__version__/1/ Frame A15B 		3 KB
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/41554636/__version__/1/41554636_20231026081940904_Corsa_CD_970x250.svg
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
9e78ab5e659ac5e747433db43f469fe3e905d96b2b3cd2719f6c31780fd96c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 20:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
793
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 15:24:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 20:53:37 GMT
41554636_20230904042117320_Electric_gray.png
s0.2mdn.net/ads/richmedia/studio/41554636/ Frame A15B 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/41554636/41554636_20230904042117320_Electric_gray.png
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
f4a48a95c074e305e6381f269b8697228027d2e1d2f5947a2c3e32abf59d9236
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 19:17:39 GMT
x-content-type-options
nosniff
age
22666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
158317
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 11:21:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 19:17:39 GMT
41554636_20230904042103347_Electric_silver.png
s0.2mdn.net/ads/richmedia/studio/41554636/ Frame A15B 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/41554636/41554636_20230904042103347_Electric_silver.png
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
9cdf42703d450b4732ad5bbbe519c05c911805449d3200ce42f716ce037b4114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:43:45 GMT
x-content-type-options
nosniff
age
6700
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157259
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 11:21:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 23:43:45 GMT
41554636_20230904042106993_Electric_white.png
s0.2mdn.net/ads/richmedia/studio/41554636/ Frame A15B 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/41554636/41554636_20230904042106993_Electric_white.png
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
96989ceac2e006ee2a8ad94227a94349547785614b2dac151b66cedff689903c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 12:23:26 GMT
x-content-type-options
nosniff
age
47519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155811
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 11:21:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 12:23:26 GMT
41554636_20230904042113963_Electric_blue.png
s0.2mdn.net/ads/richmedia/studio/41554636/ Frame A15B 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/41554636/41554636_20230904042113963_Electric_blue.png
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
34e4265b5db14e03a4cf1e751805684c0294f52361f435951b1f827ec09ca75b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 20:48:33 GMT
x-content-type-options
nosniff
age
17212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166113
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 11:21:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 20:48:33 GMT
41554636_20230904042059635_Electric_red.png
s0.2mdn.net/ads/richmedia/studio/41554636/ Frame A15B 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/41554636/41554636_20230904042059635_Electric_red.png
Requested by
Host: 0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
a94a44b482df7c3b5318e0104abb66233a16abe9e5f5b315d9974ff7302b5e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.html?e=69&leftOffset=0&topOffset=0&c=4MAGQX58Am&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 19:50:52 GMT
x-content-type-options
nosniff
age
20673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154239
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 11:20:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 19:50:52 GMT
21928950349
fundingchoicesmessages.google.com/i/ 		182 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/21928950349?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
57b52f5da0136159be2f98cce04e43cbb19866c3e6d1d02662b2ee9f64622036
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EjW0SyQDBuMwGSwLEvC-Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-security-policy
script-src 'report-sample' 'nonce-EjW0SyQDBuMwGSwLEvC-Bw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 5F88 		598 B
353 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4497675277170992&correlator=1277717198263352&eid=31079527%2C31080117&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=223513049%2Cca-pub-5111137191506013-tag%2Ctempo_pg_728x90_std&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&didk=3704069363&sfv=1-0-40&sc=1&cookie=ID%3Dbd735c4aae7f2be5%3AT%3D1702776922%3ART%3D1702776922%3AS%3DALNI_MYJ71uy_x4OpeuCL3C8Bf23kQqGEg&gpic=UID%3D00000d1de8fde0e4%3AT%3D1702776922%3ART%3D1702776922%3AS%3DALNI_MaeibB1GfToxI4Z_ofwnYJB1gHjKA&abxe=1&dt=1702776925697&lmt=1702776925&adxs=269&adys=1268&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=4195qr1g99vo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=2&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&ref=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&top=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&vis=1&psz=728x90&msz=728x90&fws=256&ohw=0&ea=0&ga_vid=469069242.1702776923&ga_sid=1702776926&ga_hid=1240575555&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-MWnq8cxSABSAghkEhkKCnB1YmNpZC5vcmcY2Manq8cxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPjFp6vHMUgAUgIIZBIXCghydGJob3VzZRiWx6erxzFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pSzNGWFJXSjJLMHBST1V0RE1WQktkbHBCVDJ0MFp6MDlJbjA9GNLIp6vHMUgAEhkKCnVpZGFwaS5jb20Y-MWnq8cxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjrxqerxzFIAFICCGo.&dlt=1702776924336&idt=1242&adks=831460572&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2964006fc9c5c1bd1ceeb4353b7dba57f1f569d71e2de32653e909d28ad7cc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
319
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
87dc6a7e1bfdce1605ecb15dc49bb6f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE41 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://87dc6a7e1bfdce1605ecb15dc49bb6f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:25 GMT
expires
Mon, 16 Dec 2024 01:35:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
policy-check
cpt.geniee.jp/hb/v1/ 		12 B
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpt.geniee.jp/hb/v1/policy-check?loc=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&list_id=mid-102432&gam_id=gam-424536528
Requested by
Host: cpt.geniee.jp
URL: https://cpt.geniee.jp/hb/v1/lib/gnshbrequest-v3.1.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.51 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p051.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:26 GMT
cache-control
max-age=10800, private
cross-origin-resource-policy
cross-origin
server
nginx
content-length
12
content-type
application/json
/
pebed.dm-event.net/ Frame 8B98 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.3ce7557f0c4e78d46b63.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed1.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sun, 17 Dec 2023 01:35:25 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
dmp.omweb.c1cdfd180dc6919ef535.js
static1.dmcdn.net/playerv5/ Frame 8B98 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.omweb.c1cdfd180dc6919ef535.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
37102439456373cf920c4466d2d122d857ca0d542db3d57157d1f00012950560

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
381009
server-timing
total;dur=1, dc;desc="dc3"
content-length
14032
last-modified
Tue, 12 Dec 2023 15:31:38 GMT
server
DMS/1.0.42
etag
"65787cda-a1b9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
048905b181a0fbc1a221590b275e3eaf
expires
Thu, 11 Jan 2024 15:45:16 GMT
dmp.omid_session_client.d181307e35c7b19ed8df.js
static1.dmcdn.net/playerv5/ Frame 8B98 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.omid_session_client.d181307e35c7b19ed8df.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
f40a7eafcb8d0cc02a4cdbb7a6081d05972b4a0cc2f490e75178e4ff901de1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
381009
server-timing
total;dur=1, dc;desc="dc3"
content-length
13451
last-modified
Tue, 12 Dec 2023 15:31:38 GMT
server
DMS/1.0.42
etag
"65787cda-11010"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
7f2cb695ea82ad639dedfdff7ad669f7
expires
Thu, 11 Jan 2024 15:45:16 GMT
ABCFavorit-Medium.woff2
static1.dmcdn.net/ Frame 8B98 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/ABCFavorit-Medium.woff2
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b

Request headers

Referer
https://geo.dailymotion.com/
Origin
https://geo.dailymotion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
last-modified
Thu, 20 Jul 2023 12:32:37 GMT
server
DMS/1.0.42
age
984346
etag
"64b92965-ce44"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=1, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
52804
x-llid
9dfa3b8d31bfcf9ae03f6af0fd742370
expires
Thu, 04 Jan 2024 16:09:39 GMT
ABCFavorit-Regular.woff2
static1.dmcdn.net/ Frame 8B98 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/ABCFavorit-Regular.woff2
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b

Request headers

Referer
https://geo.dailymotion.com/
Origin
https://geo.dailymotion.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
last-modified
Thu, 20 Jul 2023 12:37:31 GMT
server
DMS/1.0.42
age
713830
etag
"64b92a8b-c320"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
server-timing
total;dur=1, dc;desc="dc3"
accept-ranges
bytes
timing-allow-origin
*
content-length
49952
x-llid
e35804ffba786620ff9306572c5d5441
expires
Sun, 07 Jan 2024 19:18:15 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DB5C 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.advertising.513c19fdc48089e784da.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6eab9c5940faf4875ba74f76ea909581bc577fad943041e12196621445175fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:25 GMT
logo-opel.svg
s0.2mdn.net/sadbundle/7198902205317376265/ Frame A15B 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7198902205317376265/logo-opel.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7198902205317376265/index.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
35d1f62a8388e4f2aa50a863b522d265a002e83dc94db6e192734a1c05f0cbe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7198902205317376265/index.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 20:53:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448913
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1244
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:34:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 10 Dec 2024 20:53:32 GMT
bridge3.609.0_en.html
imasdk.googleapis.com/js/core/ Frame C3F8 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.609.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7df07e55237808abf24296870e797ad4d6f05014defaf114812b04e0aae75dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geo.dailymotion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
417649
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245985
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 05:34:36 GMT
expires
Wed, 11 Dec 2024 05:34:36 GMT
last-modified
Tue, 12 Dec 2023 05:31:55 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame DB5C 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 17 Dec 2023 01:35:25 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CADE 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 17 Dec 2023 01:48:24 GMT
container.html
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF72 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:25 GMT
expires
Mon, 16 Dec 2024 01:35:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
x8fl3x0.m3u8
dmxleo.dailymotion.com/cdn/manifest/video/ Frame 8B98 		0
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmxleo.dailymotion.com/cdn/manifest/video/x8fl3x0.m3u8?auth=1702949725-2562-6w6omcb2-134ec8dba117f3c6adbe54fa66679841EotTwiEmk-wyVMdlc7-YzBQHC3AhTJjjFzEE2bzFf2SXcmdyH7vJvxOleDnC1ToAMLJasllrZ2R7lm4loxmqYHF20mswU4zi8S9ygSiiWsLvQ4cKwt929tsRUYQ72SpadUYf2W6nL3aDlHUwe8ySBS3sLBy5zyRM4MpH_2JjlLjeyCX2BJMCnUAQMVkRIbGqPSXOtT3248nbR9nsbMDCAnAQn_XVfNxFwiYHsbBXVN6FSDwifd9wokiecaBSfMMkfusy8cJD3KQ9lAMmRj8GKq6-nb_M5ul7y-wjGJFKIcEYHsD4AMd7jHu9Gnh4fUt9oqO5hXCAeAmSTmCdJ66FHJjRGKqAr-Sr7NSPL0TlEthxu5GmrmLShVoEIP2PxSMSfs8gwJgBstCqV_nSPk8gB4peJXrpHNYjI81krajGJ9ZpC4irj5svs5-sUGRWspAo9NRoDHvf1HPXxNoU9vjMNQAExeBXfetSLvhBkJJWWu5jEBxa6tbPPFSf8hnolIIOPSAPjvAjQfkm_37v0atWQR06aFMcICuSPkMkM4SXZRG6UOZfydFKPnoXrb1l3KRC670Kp2KexmKyyWbH8Dsm672jqYVfR_kQqnothLw51VTTH7kV6KaI7DKjYUpoFs2CucAa7ad63VdzB84JFtXEdyfDHathZNCPBRKg1Ha3lIhaIWPGo1Sox26YB1-pXYc_brMXC9_aiQWNpDuM5AOcPnRGdViPLK-7koKRG1SgWI31oB1bNqFr1lCBuR0j2Y9K0OXzKebv4PbBaQjMkc5GK1WxeuhkUu50xrNCjv-__HNgOrk4OZ3ofHzY9_zaJCx1OxiBMLvsZzTHlINxUrHh2uIX9py2WISB_sxOn3gwqSzeFqGRv4lOigd7D-qEW6JJDVWMv-t5JuQ7PFijUtdNjE19ufBqNTXknoQCNnjh0uLuv4ZBSLINc7Z13C5PfMzgQecgHWusThuxL_VhDoNTkBXiyi7snmCd_vZvm0yOETec94P3hyB49CqxssO2by0K9Vp1R1fmM2ycj4NvpOqLZvF7kHr8UTEYLTWkK1xsPeW7LvrvQi9YMtHINgE7kqqcz39nI8QbGdy3xa6RhdSoCRMLone8NSp0N1iVMm2bbDQE1Wpx511wlP5WxSjqj4kc-wru9sxxsTXTqvIGsDrw0p6u-V4FMUxwbQkBlV2RWXRt4s-1K5JEmFdGxLTKBmTZJQeVc7-gI69hriHE-NpQEYXgxlKwE0UX8HeHW7ZH-znY81P98r3ayWBMRdv7JnIAQ&af=[APIFRAMEWORKS]&bs=1&cookie_sync_ab_gk=1&reader_gdpr_flag=1&reader_gdpr_consent=&gdpr_binary_consent=opt-out&gdpr_comes_from_infopack=0&reader_us_privacy=1---
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.advertising.513c19fdc48089e784da.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-m2kwq
date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET
access-control-allow-origin
https://geo.dailymotion.com/
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
dmp.pes_pip_tracking.94db5624c141225f045f.js
static1.dmcdn.net/playerv5/ Frame 8B98 		2 KB
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.pes_pip_tracking.94db5624c141225f045f.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
3f72a34aeb6be15aebad3d119d6d92bfe2119aaf0d1e60b037b56416a7b37e60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
750649
server-timing
total;dur=0, dc;desc="dc3"
content-length
673
last-modified
Fri, 08 Dec 2023 09:02:27 GMT
server
DMS/1.0.42
etag
"6572dba3-656"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
0118b41a9c7e178b22fa2ad566078b40
expires
Sun, 07 Jan 2024 09:04:36 GMT
dmp.pes_pip_banner.24a9caa5ed8094f161ab.js
static1.dmcdn.net/playerv5/ Frame 8B98 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.dmcdn.net/playerv5/dmp.pes_pip_banner.24a9caa5ed8094f161ab.js
Requested by
Host: geo.dailymotion.com
URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.2 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-2.hhn.llnw.net
Software
DMS/1.0.42 /
Resource Hash
a9037060df03210c6d886329dcacd8db520db1e15b956addd9e54a173f94aeb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:25 GMT
content-encoding
gzip
age
1854844
server-timing
total;dur=1, dc;desc="dc3"
content-length
1369
last-modified
Fri, 24 Nov 2023 09:32:39 GMT
server
DMS/1.0.42
etag
"65606db7-b75"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-llid
85edbe75abb2d0bfc18acddc81f8a211
expires
Mon, 25 Dec 2023 14:21:21 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame DF72 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
433866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 01:04:19 GMT
f3d12415f986ed3504122551351bc1d0.js
www.gstatic.com/mysidia/ Frame DF72 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:10:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411890
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16637
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 07:10:35 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DF72 		2 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
50459845d1cbd526a76ea757de42d266.js
www.gstatic.com/mysidia/ Frame DF72 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 03:35:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9842
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Mar 2024 03:35:14 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame DF72 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
9308
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:00:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DF72 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
40664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DF72 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
85266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame DF72 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcBzwOVmQ1_PTcdKcC58r23AIve9LDMM6nGBWXoyWE4c300Lz2dTGzDtpbSm1Mw211NHoCBg6OYynF29R8N7-sHmJn3Q
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DF72 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:26 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame DF72 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 10 Mar 2024 13:56:43 GMT
x8fl3x0
api.dailymotion.com/video/ 		230 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dailymotion.com/video/x8fl3x0?fields=id,title,thumbnail_480_url,mode,onair,owner.screenname,created_time
Requested by
Host: statics.dmcdn.net
URL: https://statics.dmcdn.net/c/dm-ce.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.90 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
fp.dc3.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
e26ad74097535b49041544a27f03e9f2af0de5cabb449dd6b98f45618808ca34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests
Content-Encoding
gzip
Date
Sun, 17 Dec 2023 01:35:25 GMT
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server-Timing
total;dur=59, dc;desc="dc3"
Content-Length
209
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 17 Nov 2022 14:12:45 GMT
Server
DMS/1.0.42
Etag
W/"ZrkjFgVggwTD19ATqAl4sQ-gzip"
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Vary
X-DM-SSL,Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control
public, max-age=900
X-Frame-Options
DENY
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type, Authorization
X-Robots-Tag
noindex
AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/ Frame 8B4B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89393790164cebc76682a7762a947160626322df0a0590e43f41c7374bef522c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
404965
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1292
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 09:06:00 GMT
expires
Wed, 11 Dec 2024 09:06:00 GMT
last-modified
Fri, 20 Oct 2023 13:10:46 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EB6A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17731
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Sun, 17 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DF72 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f212f7c7d5ffe3238c26b9a44ece5ee0993f409f424ed362108828961e7cdaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 761F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssG2Yq7A706Y_IA4O_LXHNzsbeHW1EbqXSDXQqGq_mi5zKvBD08_ecqZgHBMaGPjDQiSdCN0XDAjNqLNI0jtkbV-Jau89L_8-5-Ap0hke17iIWpx7sJbrdoYebz&sig=Cg0ArKJSzMjt3m83YMuDEAE&id=lidar2&mcvt=1016&p=0,0,250,970&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=2517281648&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702776924489&rpt=423&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8B4B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 19:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
21571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Dec 2023 19:35:55 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8B4B 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 19:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Dec 2023 19:07:20 GMT
createjs.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/libs/1.0.0/ Frame 8B4B 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/libs/1.0.0/createjs.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33be66f63aca50629829ad77a1b1def4d69887f267ec408420286cd0138dd587
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 02:02:31 GMT
age
430375
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64214
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 13:10:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 02:02:31 GMT
AD2023-C-004%20(Skyscraper%202)%20300x600%20DE.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/ Frame 8B4B 		53 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20(Skyscraper%202)%20300x600%20DE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ce5caed30fa91c080e1f57d8debc7e2fea32a998c5f75342ff0dc2e9ae68b6f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 11 Dec 2023 23:06:18 GMT
age
440948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11900
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 13:10:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 23:06:18 GMT
dpixel
cms.quantserve.com/ Frame EB6A 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIV32rmW8f1_dKoV_XievFg&google_cver=1&google_push=AXcoOmScC0oNe4ffiZg2bMw0jjVsAKzF8mKUpJxAAUYMcQ8CirRq20Oao3iyHsmVmLpVnUQK8X7IYYK74HM3rVkOVPpt6878eIuu
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame EB6A 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEGNitiiRbrQagnLrAELE9nk&google_cver=1&google_push=AXcoOmT_t60lERROOt-K2M5dhTfhJKsAHlJCWpDCoSzx1s0O-8C__wDgTnKsxHpxeIfYq7pVYkkfWZoF6cl76JtyyQNs7m6KvXqclw
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame EB6A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMpoM7DWMyv3ycgsCUTvjkQ&google_cver=1&google_push=AXcoOmTJLV2cCVON2MJYY7a8JBtUr6qrTGIRiFY-VTU5nnnErEdwV1MGEcPqTlulxVuxO1MC38k2RzDTbymfdCqR1SdrFVO...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTJLV2cCVON2MJYY7a8JBtUr6qrTGIRiFY-VTU5nnnErEdwV1MGEcPqTlulxVuxO1MC38k2RzDTbymfdCqR1SdrFVOFiadgzw&google_hm=eS1kdmpwRzdGRTJwRUM1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTJLV2cCVON2MJYY7a8JBtUr6qrTGIRiFY-VTU5nnnErEdwV1MGEcPqTlulxVuxO1MC38k2RzDTbymfdCqR1SdrFVOFiadgzw&google_hm=eS1kdmpwRzdGRTJwRUM1cUV6Yl9Bc2p6SmozemZHVm56MH5B
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 17 Dec 2023 01:35:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTJLV2cCVON2MJYY7a8JBtUr6qrTGIRiFY-VTU5nnnErEdwV1MGEcPqTlulxVuxO1MC38k2RzDTbymfdCqR1SdrFVOFiadgzw&google_hm=eS1kdmpwRzdGRTJwRUM1cUV6Yl9Bc2p6SmozemZHVm56MH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame EB6A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQx1A...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-39cMI1tF_x3q3JDHPRoHhqDcCeFhrC3-cbvPwQ&google_push=AXcoOmQx1AY7cJF0kfznGggIKGJ6XteGfbgd-E8dP-O85w-x6i4FbwNyODLtQI9sk8E8zYt04lXXxj9trAgq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-39cMI1tF_x3q3JDHPRoHhqDcCeFhrC3-cbvPwQ&google_push=AXcoOmQx1AY7cJF0kfznGggIKGJ6XteGfbgd-E8dP-O85w-x6i4FbwNyODLtQI9sk8E8zYt04lXXxj9trAgq1kH27H_V-yxYAwuvzQ
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:25 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-39cMI1tF_x3q3JDHPRoHhqDcCeFhrC3-cbvPwQ&google_push=AXcoOmQx1AY7cJF0kfznGggIKGJ6XteGfbgd-E8dP-O85w-x6i4FbwNyODLtQI9sk8E8zYt04lXXxj9trAgq1kH27H_V-yxYAwuvzQ
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
802997
content-length
0
expires
Sun, 17 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB6A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDVZ_t-Kz86Z0kXUFJPZMEQ&google_cver=1&google_push=AXcoOmSkO5v-qzZVGGuzLojiK5Wsjbw7jb14gxSPpQ2HVpaT3CTiJDERSxihYuvfByAT5-mu6Et2NT_D...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDVZ_t-Kz86Z0kXUFJPZMEQ&google_cver=1&google_push=AXcoOmSkO5v-qzZVGGuzLojiK5Wsjbw7jb14gxSPpQ2HVpaT3CTiJDERSxihYuvfByAT5-mu6Et...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcwMzk5Mjg3MjQ3MDc0NzU5MA&google_push=AXcoOmSkO5v-qzZVGGuzLojiK5Wsjbw7jb14gxSPpQ2HVpaT3CTiJDERSxihYuvfByAT5-mu6Et2NT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcwMzk5Mjg3MjQ3MDc0NzU5MA&google_push=AXcoOmSkO5v-qzZVGGuzLojiK5Wsjbw7jb14gxSPpQ2HVpaT3CTiJDERSxihYuvfByAT5-mu6Et2NT_DBt5LhOLvWQLC-T0-e-v-mw
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcwMzk5Mjg3MjQ3MDc0NzU5MA&google_push=AXcoOmSkO5v-qzZVGGuzLojiK5Wsjbw7jb14gxSPpQ2HVpaT3CTiJDERSxihYuvfByAT5-mu6Et2NT_DBt5LhOLvWQLC-T0-e-v-mw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame EB6A 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEFDumDnFdvUUEHihyJ3749M&google_cver=1&google_push=AXcoOmQCAjHt9vtxEcmBeQd_8zizB8jxXxfB8egSMg08LIxrPiS6OgjLnUlKpKXeqD22K6dhdzNTbFOvxh7jBLJpLQezg5DYzCw9hA
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame EB6A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEG...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTnCVojs-yXVpLqca8aLKv-rkg1Ref6yoQCp6n1DmIQP0s5_vl99cH3BgyOBCETlTnexFBSRnzZ0kxYjZDn_N4zEJWtVN6UiQ&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-a2b73a26-d189-409c-82eb-06f171304430-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTnCVojs-yXVpLqca8aL...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTnCVojs-yXVpLqca8aLKv-rkg1Ref6yoQCp6n1DmIQP0s5_vl99cH3BgyOBCETlTnexFBSRnzZ0kxYjZDn_N4zEJWtVN6UiQ&google_hm=A6K3OibRiUCcgusG8XEwRDA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTnCVojs-yXVpLqca8aLKv-rkg1Ref6yoQCp6n1DmIQP0s5_vl99cH3BgyOBCETlTnexFBSRnzZ0kxYjZDn_N4zEJWtVN6UiQ&google_hm=A6K3OibRiUCcgusG8XEwRDA
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTnCVojs-yXVpLqca8aLKv-rkg1Ref6yoQCp6n1DmIQP0s5_vl99cH3BgyOBCETlTnexFBSRnzZ0kxYjZDn_N4zEJWtVN6UiQ&google_hm=A6K3OibRiUCcgusG8XEwRDA
date
Sun, 17 Dec 2023 01:35:26 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXa2b73a26d189409c82eb06f171304430003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame EB6A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JqrHgnOPm82CCxTTptvE4W-7sPdnZUm5490UkgHUwbpXJEJvyeCFcySzV0G0s4MA29Qwk3
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 8B98 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_app.9dd052baf301d94f254e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 01:35:26 GMT
ageLOCWellSpaiOLogoWhite1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/images/ Frame 8B4B 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/images/ageLOCWellSpaiOLogoWhite1.png
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a8b758fdf5cc8a6ddc72409227339b0c2a2aec1ef8502a8531f86fa067a17b6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 12 Dec 2023 08:50:41 GMT
x-content-type-options
nosniff
age
405885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32812
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 13:10:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 08:50:41 GMT
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 8B4B 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
404999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:05:27 GMT
cast_sender.js
www.gstatic.com/eureka/clank/120/ Frame 8B98 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/120/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.dailymotion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 18:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 23 Oct 2023 15:04:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 17 Dec 2023 18:32:23 GMT
Bitmap1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/images/ Frame 8B4B 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/images/Bitmap1.png
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e815b8dff2deea57dac496bdaf8e4a6dc8deb14bc1f9d48712605bc616363402
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 11 Dec 2023 23:06:18 GMT
x-content-type-options
nosniff
age
440948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61949
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 13:10:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 23:06:18 GMT
bulletpoint.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/images/ Frame 8B4B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/images/bulletpoint.png
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
486f953b427755752bc1d64c2c9a832669d8095f624d51dcfac732a0d6e5036a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 14 Dec 2024 19:20:10 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 15 Dec 2023 19:20:10 GMT
x-content-type-options
nosniff
age
108916
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1673
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 13:10:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
comp_ageLOC_WellSpa_io_Model36.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/images/ Frame 8B4B 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/images/comp_ageLOC_WellSpa_io_Model36.png
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a6a9aa3a98a6bac02ac8f435a9f48bfd7ed554ba9159abac33b17ee7a6f172
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 12 Dec 2023 01:37:25 GMT
x-content-type-options
nosniff
age
431881
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53275
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 13:10:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 01:37:25 GMT
comp_ageLOCWellSpaiODevice2top1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/images/ Frame 8B4B 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/images/comp_ageLOCWellSpaiODevice2top1.png
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
180dc12a73d75f837b0d86ce0eff5c6cc762eb1b1fbda654a12f61c7b3097667
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2978001649668390450/AD2023-C-004%20%28Skyscraper%202%29%20300x600%20DE.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 11 Dec 2023 23:06:18 GMT
x-content-type-options
nosniff
age
440948
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18582
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 13:10:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 10 Dec 2024 23:06:18 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5F88 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7187b9022bf0f2e39df2d8c8b6cddd91dff6e627c6a858b99b63e76a3bd92f67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12210
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Chn7IXVB-ZZriItzB1PIPkLmXqATs46zDdJWv4YzrEdrZHhABIJm1iUNgldqIgpgHoAGtqJ-tKcgBCakCDqjL0mBHsj7gAgCoAwHIA0iqBIoDT9ABaxz7X8VFaZWGCka0RkNBHSRPLgh3ForRmT4Icnd91QjXCsyEcOo0q5DAZKlS_s3GnsaZD20dTExkAbpqdwIHOBjcc9vuGq_28jABzGy5d9wR8kAvcWmcJLUzgbbfliEatLrhzxaBHCemFTr6ODlg9FKSGBioIJkbh9XVAd1JxuExRBJaO2HH5_eeXnEfUzuggBbB7mfDBGmQecj9xO_0Nb0r0Z64kpkvwvMMVbmdRlRGvZ1k7xMqpxrJ7CSaeCSSt-nnUJt9iHnIXQjjFg0MVgz_3-AD41tlZQiG2ICmwh1AJ1MtEB7Png4pzkuGoqAEO70S3pzkLTqnh-h_heFxD0pxhu_1pN9pca53g--g8vTL9Bby3GAu20ewNmQzb7Y64O7YdUL0X58U_aaKyxfGMrTGsTPElerZtXsopK4cRyQLy5cZkDZ8BozOzrpDKdygyPSfYjMORZyCjdHHEk_nZzYXOHgVrJMKOAY-czdR_QjQluKS8CzUB-1F2JOOG74JvWwFvqTtusAEh4rgu8sE4AQBiAXCycOFTZIFBAgEGAGSBQQIBRgEoAYugAet4O-MBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELj_B9IIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYnuudrqqVgwOaCfcBaHR0cHM6Ly93d3cubnVza2luLmNvbS9jb250ZW50L251c2tpbi9kZV9ERS9wcm9kdWN0cy9udXNraW4vc2hvcF9hbGxfcHJvZHVjdHMvYWdlbG9jLXdlbGxzcGEtaW8uaHRtbD91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1faWQ9YjAyYzAwMWEwMDE1NyZ1dG1fY29udGVudD1iYW5uZXJzJnV0bV9jYW1wYWlnbj1kZS1kZS1wcm9kdWN0cy1iYW5uZXJzLXdlbGxzcGEtaW8tYjJjLWFnZS1hbGwtSFRNTDUtYmFubmVyc4AKA8gLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC4g0TCPiVnq6qlYMDFdwgVQgdkNwFRdgTDdAVAYAXAbIXHgocCAASFHB1Yi02NTE0MTQ1ODkxMzk3MjE4GNHUIg&sigh=cOGwwcH3joM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_qCR70WtcVYFmMz_V0_cHnaaX6mZX3eYqg3bgx8O_Rmf6YaSvB6vvmkDuOrA56qeUNthpvwbLYBgB&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 01:35:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame DF72
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=Chn7IXVB-ZZriItzB1PIPkLmXqATs46zDdJWv4YzrEdrZHhABIJm1iUNgldqIgpgHoAGtqJ-tKcgBCakCDqjL0mBHsj7gAgCoAwHIA0iqBIoDT9ABaxz7X8VFaZWGCka0RkNBHSRPLgh3...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225887712007508112870%22,%22debug_reporting%22:true,%22destination%22:%22https://nuskin.com%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225887712007508112870%22,%22debug_reporting%22:true,%22destination%22:%22https://nuskin.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211100738605%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214623530138218526993%22}&andc=true
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"5887712007508112870","debug_reporting":true,"destination":"https://nuskin.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11100738605"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"14623530138218526993"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:26 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 01:35:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5887712007508112870","debug_reporting":true,"destination":"https://nuskin.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11100738605"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"14623530138218526993"}&andc=true
access-control-allow-origin
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9372 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae0915a8616c799af8d5a13c68e2b18e7f6c9839219ee434d088448955e7f3ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12236
x-xss-protection
0
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 3EA4 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: 8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
URL: https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
404999
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:05:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5F88 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 01:35:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9372 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 01:35:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2D61 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 19:15:56 GMT
expires
Sun, 15 Dec 2024 19:15:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DA9B 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3822377f93c7c7475b7d0ba8173084d59707926b21b643af861ae2a806da7d7f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CYrOl72QGnSxaRXBtMMRpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-CYrOl72QGnSxaRXBtMMRpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:26 GMT
expires
Sun, 17 Dec 2023 01:35:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1143 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 19:15:56 GMT
expires
Sun, 15 Dec 2024 19:15:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 20AE 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f2ce7f23196d64fd502723f1b26b34ac19131faaf771ee3b1f03ef25e045f547
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kGBM2QiqqKqrJLRpx4N82g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kGBM2QiqqKqrJLRpx4N82g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:26 GMT
expires
Sun, 17 Dec 2023 01:35:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 2D61 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
41345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 14:06:21 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225887712007508112870%22,%22debug_reporting%22:true,%22destination%22:%22https://nuskin.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211100738605%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214623530138218526993%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 01:35:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1143 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
41345
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 14:06:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DA9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=4497675277170992&rc=null
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 20AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=824301949133521&rc=null
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
all
csm.eu.criteo.net/ Frame 8E79 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=TgWDfkWrFZ6tp3IQ7O5-F4AMH64g1Fl-N79FcX-N-tg14IukxZfg3g2z0cqdi68JIy_qwOUxgcX5AAJarsnXe6b_5u27J2MQnPkqNcmY5GqPqhoCF5lGz8DzPBKga-JZmViHi8fnUTV4TVr4WGqQa21amOwO11l0YY_ypzT5HGrf_t-8jfoq1LtEindS02WZo_2qYaWQRsbLrRmKDLMC1s9UjcW5MAlxMKKLNobQfraYDf67IU8hl3mXAhNhn6UcqGgKlQ&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:25 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2D61 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ciWj6g
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 1143 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iTT4zw
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 64E3 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2663250324417&version=m202309260101&ct=77&x=1&cor=6359564635869382000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1636798576634750&correlator=1414667090955683&eid=31079956%2C31079239&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=424536528%3A14056285%2C1544679_Tempo.co_Wipe_Ad&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=18&didk=654219467&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbd735c4aae7f2be5%3AT%3D1702776922%3ART%3D1702776922%3AS%3DALNI_MYJ71uy_x4OpeuCL3C8Bf23kQqGEg&gpic=UID%3D00000d1de8fde0e4%3AT%3D1702776922%3ART%3D1702776922%3AS%3DALNI_MaeibB1GfToxI4Z_ofwnYJB1gHjKA&abxe=1&dt=1702776926441&lmt=1702776926&adxs=0&adys=14379&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=469069242.1702776923&ga_sid=1702776923&ga_hid=976349232&ga_fc=true&dlt=1702776921334&idt=4358&prev_scp=cpt%3Dtrue%26cptver%3D3.1.1%26slotdiv%3D1544679_Tempo.co_Wipe_Ad_PC%26mini_cpt_type%3Ddirect&cust_params=geniee_pv%3Dd5bb3b05-1952-43f6-b452-998ef877ef20%26cpt_type%3Ddefault%26amznbid%3D0%26amznp%3D0%26geniee_type%3D0%26geniee-type%3D0&adks=11509003&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95bbbb9ecce7860df9b823a0175fd9f3fc748c3dc0bc1576b0d30f40a7627f81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12102
x-xss-protection
0
google-lineitem-id
6313811754
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138457563615
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
87e221c1dabb468bc443309c456b8d25.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D65 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://87e221c1dabb468bc443309c456b8d25.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:26 GMT
expires
Mon, 16 Dec 2024 01:35:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 19E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBhkCMsw6iKczgqSFlm4I45FTxeKcDK8_9sNWbBrS3bCQHrTzZaGxzJYsgUP48U1TG1yob2gVB6_b52irQW6q1GGNESsO655rJio885zx7XzYM57tZxVAAlaQ3V8wEO31m9zMOI3V7SSWzTNvPuko-l0ezMFXql7u2JntKeeIJ5YugE2bhMM8T9gsCAqAoK8YsFhFTF6fr2aVh81B778UpvtAd1o6yEHUQnlN_nw-ljNG5ey4qorqZ2J4WAPG-BO7xFv-9lSCfmTXtuqxNh2LLpEMsIKJeB1WUFcbq7p2TVzdLy8IthOTXlPjj3vBpS5KKWVmRjoN8NIifKLOnh1cde_b-EvltrXSQKlmCHvBX5TRpqoheJS-szoG9KEXq4g&sai=AMfl-YT9q44MO8RoR7SteRQ8xkZTyRjSCX0WektHfV0sx4eQgrWUYDccY5Fl7Qj3ED6FVukA9nfJjxueiev1LzAQaOh1kBhfch6rgTogHOMGqqAMsWaxxiRn9D3subQb3Ak&sig=Cg0ArKJSzDj88OLHVfTkEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a1544679.js
js.genieessp.com/t/544/679/ Frame 19E0 		0
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.genieessp.com/t/544/679/a1544679.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
133.186.12.50 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS
p050.net133186012.broadline.ne.jp
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:27 GMT
cross-origin-resource-policy
cross-origin
server
nginx
content-length
0
warning
199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
content-type
text/plain
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 19E0 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:26 GMT
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 01:35:26 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 27 Nov 2023 07:14:08 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1707639
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02n%2BjupRHrXuDFa%2FuDDY%2FuyKUPYxFtfsjyhXzVcuc9u21XwMZhri22L2nlz%2F%2F4VRxBiQaq1sKbNGbC1nGhvug%2FSqQ3gdHzVCWzFjsV6gsuPqXBxYzCBkQ%2FGr7NtFIHt1FX0uE2RaS5vys0nP"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
836b6df07cac1c01-FRA
hbjson
grid.bidswitch.net/ 		22 B
362 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.37.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-37-27.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d192ff006ee3cd44950e3556d10b3590a004d10330faa871d042844273244da9

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 17 Dec 2023 01:35:27 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
47
c
prebid.a-mo.net/a/ 		0
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

x-nbr
1
date
Sun, 17 Dec 2023 01:35:26 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://bola.tempo.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
prebid
ib.adnxs.com/ut/v3/ 		258 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
545a841bb3108d13c769e791e856dea8c330f876124c2c37da2c6cb2ea66f80e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:27 GMT
an-x-request-uuid
2f9cf92a-50a7-4f52-87da-9da98d8396be
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
258
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.34.65 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
bid-request
a.teads.tv/hb/ 		16 B
379 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.39 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-39.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bola.tempo.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 17 Dec 2023 01:35:26 GMT
/
ghb.adtelligent.com/v2/auction/ 		9 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:944:0:3eec:efff:fed0:86a2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
56b6ecbd5269f04a438b612962a19c3c276862b9f80d690349fbc1866a61fda6

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 17 Dec 2023 01:35:27 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://bola.tempo.co
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1007
/
shb.richaudience.com/hb/ 		5 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
010444ffb3c3f06a8b172ee90398d29bec521e55f19c1c80c5c8d3dec460f4e5

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://bola.tempo.co
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		5 B
250 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
010444ffb3c3f06a8b172ee90398d29bec521e55f19c1c80c5c8d3dec460f4e5

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://bola.tempo.co
access-control-allow-credentials
true
header
hb.aralego.com/ 		0
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2792439B3968D616ADB4283E4236E&tdid=&schain=&eids=&pubcid=b0a309c8-884a-4dd6-939f-ba1b2a84aa77&u=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&host=bola.tempo.co&ucfUid=473301b6-5530-4673-ba03-caac0205395a&w=728&h=90
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bowie, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bola.tempo.co
date
Sun, 17 Dec 2023 01:35:26 GMT
access-control-allow-credentials
true
connection
close
header
hb.aralego.com/ 		0
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2792439B3968D616ADB4283E4236E&tdid=&schain=&eids=&pubcid=b0a309c8-884a-4dd6-939f-ba1b2a84aa77&u=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&host=bola.tempo.co&ucfUid=473301b6-5530-4673-ba03-caac0205395a&w=728&h=90
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Bowie, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bola.tempo.co
date
Sun, 17 Dec 2023 01:35:26 GMT
access-control-allow-credentials
true
connection
close
hbjson
grid.bidswitch.net/ 		24 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.75.37.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-37-27.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f775ca6edf7ce1bab2754b33aaac62509687c01f92282753a78cae627f5ee537

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 17 Dec 2023 01:35:27 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
3906370
bs.yandex.ru/prebid/ 		0
166 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3906370?imp-id=1&target-ref=bola.tempo.co&ssp-id=10500
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:27 GMT
last-modified
Sun, 17 Dec 2023 01:35:27 GMT
x-yandex-req-id
1702776926990048-763749267235871685400229-production-app-host-sas-pcode-178
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://bola.tempo.co
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Sun, 17 Dec 2023 01:35:27 GMT
3906370
bs.yandex.ru/prebid/ 		0
439 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3906370?imp-id=1&target-ref=bola.tempo.co&ssp-id=10500
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:27 GMT
last-modified
Sun, 17 Dec 2023 01:35:27 GMT
x-yandex-req-id
1702776926989525-1006033221381027047600370-production-app-host-vla-pcode-534
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://bola.tempo.co
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Sun, 17 Dec 2023 01:35:27 GMT
auction
tlx.3lift.com/header/ 		19 B
525 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.27.0&referrer=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tmax=4000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.120.213.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-213-234.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:27 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
prg-apac.smartadserver.com/prebid/ 		171 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bola.tempo.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		171 B
555 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://bola.tempo.co
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		66 B
531 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 17 Dec 2023 01:35:26 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Duplicate adUnitCode: andbeyond72820, Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: andbeyond72820
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
836b6df0de81bbd1-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		374 B
887 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=301194&zone_id=1513732&size_id=2&alt_size_ids=1&rp_schain=1.0,1!andbeyond.media,11139,1,,,&eid_pubcid.org=b0a309c8-884a-4dd6-939f-ba1b2a84aa77%5E1&rf=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&kw=Chelsea%2CBursatransfer%2CToddBoehly%2CLigaInggris%2CKaiHavertz%2CRomeluLukaku%2CHakimZiyech%2CN%27GoloKante%2CMateoKovacic%2CBeritaChelsea&tg_i.domain=bola.tempo.co&tg_i.page=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tk_flint=rtbpbjs_lite_v8.27.0&l_pb_bid_id=4139d9658bc5ef8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.2205302844898891
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e05cd4f9280ff152f6b2db846ec76fe218a2a13fdfd7fc8d4b3d89d8e8fd14d3

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
374
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		374 B
714 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=301194&zone_id=1513732&size_id=2&alt_size_ids=1&rp_schain=1.0,1!andbeyond.media,11139,1,,,&eid_pubcid.org=b0a309c8-884a-4dd6-939f-ba1b2a84aa77%5E1&rf=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&kw=Chelsea%2CBursatransfer%2CToddBoehly%2CLigaInggris%2CKaiHavertz%2CRomeluLukaku%2CHakimZiyech%2CN%27GoloKante%2CMateoKovacic%2CBeritaChelsea&tg_i.domain=bola.tempo.co&tg_i.page=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tk_flint=rtbpbjs_lite_v8.27.0&l_pb_bid_id=420641613ab68ab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.528021976375538
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0ae1ede93790ad347d74526480c0d05822530c9bd451370527362bbfe1ae31ab

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
374
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		262 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ced57816e9beb2f16dc1ac6c34ed5bf3b96215a233bc8341eb1916a7199b1fe0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
an-x-request-uuid
dcd3f934-8ef1-4af8-a410-a486d43c4819
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
262
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
490ac3032dda1bf4e46c7bc273c0ef605e1ebe8fee0a782c017cd308709be28f

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://bola.tempo.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ 		0
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bola.tempo.co
date
Sun, 17 Dec 2023 01:35:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		246 B
923 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
c816a3d5d84cc0d37fad879b5642c5bc957d38ff6a3ab739d7421c1e6eeb4222
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
an-x-request-uuid
fed2f33f-d117-4531-a050-77d5cc3135c5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
246
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.27.0&cb=85079889305&lsavail=1&bundle=568N5V9nT0V6UkxubHBGVDZxS0dXUEJCQ2pNdUUzUXU2UmElMkJUTDl4ZGxZRXklMkJ4cVV4NSUyQkozJTJCZ3VwaloyQzB1UkIwY0NvQTRpaDJHNnh5VHRhT1JzWHNTUkZGeSUyRkNWdHdCalV2bERJZ0U0bVVmZjdTNVdzeHpVbEdCbTljajFhekR5WVIzang3NjB3M0czZnE0bWhwQ2JXOVp3JTNEJTNE
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bola.tempo.co
date
Sun, 17 Dec 2023 01:35:26 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/ 		334 B
642 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ac081b8bedfa7ace9ad61f7ef0a71bd8ede25d4537f848a3ab86de6b4d192a56

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:26 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bola.tempo.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 17 Dec 2023 01:35:26 GMT
bid
ap.lijit.com/rtb/ 		24 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.27.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a1815a1ca7d0c448de8bc1832def4e23914314313fdaeeaa49cee687a8d7b5fe

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 17 Dec 2023 01:35:26 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://bola.tempo.co
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
f02f3e282819c32b45a25ee7ad921262af59f271e66325ba941ce7f1ed742f0f

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 17 Dec 2023 01:35:26 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://bola.tempo.co
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
prebid-request
onetag-sys.com/ 		15 B
410 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://bola.tempo.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
ib.adnxs.com/ut/v3/ 		49 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
8a815f5ecb626476d0cc437566d8d7015da56886e46baba61d1bb89466533e5d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:27 GMT
content-encoding
gzip
an-x-request-uuid
ff14d3db-a9b0-40fc-8899-0c1771eb542c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 01:35:26 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 27 Nov 2023 07:14:07 GMT
Server
cloudflare
ETag
W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DG9an%2BCLW3Z61wEzcxzDP%2Bcmx%2BXIJJETvnG8d7c7QtN1QFw8Qzqbvl3u%2BZgZiNQOmJDC1z1FFgO6i98m2lMDIFeNmyEpp4%2FyPctocAZaLQV5J6M1YDrJkC3MsJhDA%2B4J4m8jC8TqGnP5KhIx"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
836b6df10fdd6946-FRA
sodar
pagead2.googlesyndication.com/pagead/ Frame 5F88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=4497675277170992&bg=!JCelJ2jNAAY3kmNgF5I7ADQBe5WfOIQCRD8uAup_08ia-St2BTjkISpN0xfldw5IhA1PwcLWbPNr9Vw6psuJ2HQt2xxTAgAAAEdSAAAAAmgBB5kDNnQTi_AiykGok2UDH5idZKoOXwzpk4h_FgwOhO10ndWJ_tgG7xIiZ8gIcqb3gvvmp4qLZoD4NEdueWzbVboRvCSw5SFUxT26W2UCMR8I_rxYfYpoVLGrGSZdFNhfZwLWV__gRiBKsL9ejDpTKjDQPngem7yAEHQceaBhoHMiskblLKASFPvXdDqB9jXNNi1FlFjuOxrZQEzhKuZpp4SnE1tEb4u2bC75zA_7gWmLtZKuOM35VgivKAg82xAVa7BXLbWxH1EXRbU2HkRFAXm16AMloakvNn0HZmvYmnpytgwahiSdGUJJpmhxRd-J5eaNOcCQ0z9ktrItccmJYidzLDHdQpid1BUBbCwYv4toCmnIRFjlRI6J0dnyyuTyqL4GukesGWl3rKSasUa4JOmaqcMi806oJbrL_b3SqXpUuj5kGPdWYdN2cdJW3O0IwaMBf2_unk3wtx717cXuHS1nWYqFt9cKMmJT61knynedvq0CzTnpVdUQdIZmfeusqPE6wh5eWLfkUQWsZirLCyy480rkC0KAvcXPtV6vuo4FKhWjGzThdKBQy6IDGiR2x-lpQn4RgoKH73RCoUpLTE5lwFH8rkBYC1pKJWvfpmJ9GgCiiYOwKrng4h7zzLla3MxA1LEk1Ci76wZ5Xc_cmF3Oic6ck170fMctqLcXVAqPK7PSiG2hRStxi8xcnJxx2DSyalmHDDcDONcW6p_oqVIgmH0hcB-MWHyipfrqcKYFfMTeHQv1lhXKYuYk1FGKIztwCPfQd3b-tSmBaNAKDZqf2th6-j5quyjd9PDDy1d0YWOq0KglTqBa2i1LwHkUyc47-GIZw6YOLIcLh6HZUzkzvldBXUF5A3xh8bhtOc3dd1BvR4SebNPGrs5J-95B9l-Zi_866CYaVwweI7VhyMRwzOFRsQpbC4FYon2rnPVEB8O9KtWX5SHVkVYCvnybD1q1kLjwt20bOlf67XL555Ib7_Yhh8VKNVFnFsbqNyvCwbtgKbwiY9tNqgudM0O26qXnVVqONT9V6Sm6DdnPXOT3qghozHuSsSmyc7hEEwEtrEw_jx80v_WeK-AS_h6AfI8ryIOczBnefA
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 9372 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=824301949133521&bg=!GRqlGlXNAAY3kmNgF5I7ADQBe5WfOL7f4H8IeaaVpEVCb3tC3sIvE1aRyHWBVtnVSXpSFOz-nECuVcFReJ-cIWDruV8YAgAAAEZSAAAAAWgBB5kDMGds1se65afSOcjw-RDfYqpZb4x8Lw5850YL4rc2RJuUIlqRddf9WRQPh0usLPAA-1JrRrR7qIXaJ4X6vdkRV-0REbApRp8QG7PXJIoXV3zUiVry20qxCsj1a7UebZL9KsKlljnkWrnTpiD2Ml5Kz5gxKOgT5Vs5SCiJIr3f6Vhz73JEmVZfryQB2o3u77XESnCnFgIQIBvQiLaU-EHBtdEEl34mX0EvQDiJxNnbq0LmJybuv4mU5HsH8_zhvP96qe3u8tv6qFYddUFOmLY-oCi0GfYPy-dEoO0uxLqrCTMG2ENTaGDFwlTznh5Eau7i4qk2uJN-s3qbSN2OjjsFwi5Tz-5M4R3xnY0oKZIr_jQC43ei-F1HFppnoF-M6pjIBY9pq3rJEmtohSLT0CLOTU3CG_0uiEyYwkavqs2TCplcu1ElXiK4mokiwyh1znQ76ldWQdKWsMk_5-Yny0ChQTeddkeyk8afGza196JgHuPDg3jnzPK3US2Ex_EOEpaQ_KqIYd7LVQqB69Y-IUVTwHBOjGdZWp3rnYu8hj3oZjacJTtKr7ADghItN3ruv0c85rlGjQWOFw8eHr2f0mzTXT-OWtorPG1zPpzLBGkDaU8-mxRkftbyje9842mD--d41p1SbjbmE4I0bIxEKBJBKJboygCLOltlyW6gfwPXu17qan2l1c_iQXTFJoF89sdCH_clMgBLg591cfm6L_wXMothdTrTB762dtzeE4c8HXJCQNpH8Rwytx5AuRfjzunyGRnPXoYk-wWzMcYNNIrLsz3fL5hc68J-hGGFGfxzJvWtwpKF-QDScPFlxI362HkWfYH5yY7Md7X0nTw5KU2AsgBwYyvCnuB0EdDLFnnmyxjt8Hy1gg3HREold7m9lFrvztS69jAypRL9hz4uckJEn7g7nmwl2S5-yFhzcNeyT0x2boXN0p85hHW7lMn0E16jBXs-r8DVCEDH8qkQVYGXlTVSiPEa2-KY8AOLB7_WSZXxrj4n2dOFkbC6_58A9vjizRS9ng_coLyTE6N3D_Yv7g3HxZ_nQ6xZWU7HARUx0-wrQGO9aZhTcsgIY-HOSpk3Kw
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 761F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1700995&asId=1043f0b7-f735-7579-d383-c4d07b4827b4&tv=%7Bc:x195Ol,pingTime:1,time:2159,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:16%7D,%7Bpiv:100,vs:i,r:,t:1159%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1158,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1154~0,0~100%5D,as:%5B1154~970.250%5D%7D%7D,%7Bsl:i,t:1158,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:282,fm:tYEKrIq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l11*.1700995-76574792%7C1l111%7C1l112%7C1m1%7C1m21%7C1n%7C1o%7C1p11%7C1q11%7C1r1%7C1s1%7C1s21%7C1t1%7C1t2%7C1u11%7C1v%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1y11%7C1z%7C110%7C111,idMap:1l11*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:16,sis:184%7D&br=c
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:27 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 761F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1700995&asId=1043f0b7-f735-7579-d383-c4d07b4827b4&tv=%7Bc:x195Ol,pingTime:1,time:2159,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:16%7D,%7Bpiv:100,vs:i,r:,t:1159%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1158,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1154~0,0~100%5D,as:%5B1154~970.250%5D%7D%7D,%7Bsl:i,t:1158,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:282,fm:tYEKrIq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l11*.1700995-76574792%7C1l111%7C1l112%7C1m1%7C1m21%7C1n%7C1o%7C1p11%7C1q11%7C1r1%7C1s1%7C1s21%7C1t1%7C1t2%7C1u11%7C1v%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1y11%7C1z%7C110%7C111,idMap:1l11*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:16,sis:184%7D&br=c
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:27 GMT
server
nginx
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 761F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1700995&asId=1043f0b7-f735-7579-d383-c4d07b4827b4&tv=%7Bc:x195Om,pingTime:1,time:2160,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:16%7D,%7Bpiv:100,vs:i,r:,t:1159%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1158,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1154~0,0~100%5D,as:%5B1154~970.250%5D%7D%7D,%7Bsl:i,t:1158,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:282,fm:tYEKrIq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l11*.1700995-76574792%7C1l111%7C1l112%7C1m1%7C1m21%7C1n%7C1o%7C1p11%7C1q11%7C1r1%7C1s1%7C1s21%7C1t1%7C1t2%7C1u11%7C1v%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1y11%7C1z%7C110%7C111,idMap:1l11*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:16,sis:184,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:27 GMT
server
nginx
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
jxpublisher_3_1.nb.min.js
scripts.jixie.media/ 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.jixie.media/jxpublisher_3_1.nb.min.js
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/onescript/Te267Ckc0n/jx-Te33267EnmTw.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.119.20.21 , Hong Kong, ASN58453 (CMI-INT-HK Level 30, Tower 1, HK),
Reverse DNS
Software
openresty /
Resource Hash
4534b7e2aaa49193df6fcadc77a7e7d57f8a968384cae5bb5b6c94834921e626

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:27 GMT
x-amz-version-id
paqqr_qxFVyaNeF5aVz1RLegRPuUuXKc
via
EA-SGP-EDGE1-CACHE1[3],EA-SGP-EDGE1-CACHE2[0,TCP_HIT,0],EA-SGP-GLOBAL1-CACHE28[62],EA-SGP-GLOBAL1-CACHE15[42,TCP_MISS,56]
x-ccdn-cachettl
2592000
content-encoding
gzip
x-amz-request-id
AKWY5H0G9KXDKFAA
age
266901
x-amz-server-side-encryption
AES256
x-amz-id-2
xqHbAXwpIpp/Z2HVP6qZwAG3ySuCffVQJzmVykhTJeBONQKEFjO53BGMXZtOjjGm0xPSy929e3g=
last-modified
Wed, 13 Dec 2023 23:27:05 GMT
server
openresty
etag
W/"711c0e0ed1ea09abfd4fb726c66f80de"
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
x-hcs-proxy-type
1
truncated
/ Frame 19E0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eae9534858fc319b8284aa51ca14a0f467c291e0b83c39e67b8665c8515d4a0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 19E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXq09a9bYOF6JhXQgExZgETk6hg9PljomT1P_GfZS2mWXt7wu1Hm4LZQ-2dnqtvEaRFaGG5Jg-C80131jcA8gzV3CuWo_xRhitk11RnQRTaVbKUzfA80HGaR2RG9lQEHPKBmFaf1PuPO6zvZaxTXVDrY9y2DcAiZi5ygS7zQb4F2hTEzOZQjinNKHZyCFMn7vJrTT0JirZNaY5tCplPpiqbda6ZqNZ4rc2y1FmmjbhOjN-xzAlBhMpCNcSju2kCeNHd3FUamZoOJRTbKVKYAxrqoOlqLwGY1Q4be36jlH6Rk4u-it8eG5GkDpmkRGlscJ3rHFq-NRd_5NfQbbZOyRqbF4OslrvSebdLM1FlomVBw9S8-_jsAGCj-_owtqZ2xD8&sai=AMfl-YSBW3tF1JbeSwTfioROrk14FNQMMuigICiAKVdMV6hsjb9txXgkUNnpv-oH4rJG5rtY_9tcf8CluOatQJjKzD7i8MORC8I36wRAaLG_Q80kuLtVOrVBnRFL9LDu-9Q&sig=Cg0ArKJSzASyHszdrIbzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e0d6102e4a1c6d6e60742db4e6703473705cc365f0858223a763120642af4a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12005
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame F86B 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=dau4z8c&ref=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&upid=ms68wdr&upv=1.1.0&gpp_consent=&gpp_sid=-1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Sun, 17 Dec 2023 01:35:27 GMT
server
Kestrel
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Dec 2023 01:35:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C47F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 19:15:56 GMT
expires
Sun, 15 Dec 2024 19:15:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C845 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
284d7cae45e0e92faef37236ec477d843e3f4efbf9084c1d38696d465cb9b3bc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YNyK8buZht8X1n1pN5slfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YNyK8buZht8X1n1pN5slfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:27 GMT
expires
Sun, 17 Dec 2023 01:35:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame C47F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 14:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
41346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 14:06:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C845 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1636798576634750&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C47F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nTQ1DQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
q
p.adlooxtracking.com/ 		49 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&s=%2F424536528%2C14056285%2F1544679_Tempo.co_Wipe_Ad%091544679_Tempo.co_Wipe_Ad_PC&s=%2F21751243814%2C14056285%2F420616-728-90-20%09andbeyond72820
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2acd1f8d72047b9a25420dbfe99059a9ff6f4c4c1a31ef33b5bea8e6e393a718
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-adloox-pubint-version
20231217012743
date
Sun, 17 Dec 2023 01:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
178.162.209.132
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
5ee398e7e-dirty
server-timing
conn;dur=0.008, ua;dur=0.033, segment_pipeline;dur=0.252, segment_ip;dur=0.009, segment_iab-valid;dur=0.019, segment_iab-spider;dur=0.889, segment_bs;dur=0.005, segment;dur=1.431
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://bola.tempo.co
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1636798576634750&correlator=1628854344422050&eid=31079956%2C31079239&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A14056285%2C420616-728-90-20&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=19&didk=1483248976&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dbd735c4aae7f2be5%3AT%3D1702776922%3ART%3D1702776922%3AS%3DALNI_MYJ71uy_x4OpeuCL3C8Bf23kQqGEg&gpic=UID%3D00000d1de8fde0e4%3AT%3D1702776922%3ART%3D1702776922%3AS%3DALNI_MaeibB1GfToxI4Z_ofwnYJB1gHjKA&abxe=1&dt=1702776928127&lmt=1702776928&adxs=270&adys=2244&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&vis=1&psz=738x-1&msz=728x-1&fws=4&ohw=738&ga_vid=469069242.1702776923&ga_sid=1702776923&ga_hid=976349232&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y-MWnq8cxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjrxqerxzFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBj4xaerxzFIAFICCGQSGQoKcHViY2lkLm9yZxjYxqerxzFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y-MWnq8cxSABSAghkEj4KBW9wZW54EixleUpwSWpvaUszRlhSV0oySzBwUk9VdERNVkJLZGxwQlQydDBaejA5SW4wPRjSyKerxzFIAA..&dlt=1702776921334&idt=4358&prev_scp=prebidtrue%3D0%26refresh1%3D0%26adl_dis%3D-1%26hb_format_projectago%3Dbanner%26hb_size_projectagora%3D728x90%26hb_pb_projectagora%3D0.19%26hb_adid_projectagora%3D7619694afe81fd4%26hb_bidder_projectago%3Dprojectagora%26hb_size%3D728x90%26hb_format%3Dbanner%26hb_pb%3D0.19%26rtb_pb%3D0.19%26hb_adid%3D7619694afe81fd4%26hb_bidder%3Dprojectagora&cust_params=geniee_pv%3Dd5bb3b05-1952-43f6-b452-998ef877ef20%26cpt_type%3Ddefault%26amznbid%3D0%26amznp%3D0%26geniee_type%3D0%26geniee-type%3D0%26prebidtrue%3D0%26adl_ip%3Dadloox-dc%26adl_ok%3D1&adks=844114831&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
693c37a3c44d3478f575cc9bd65d9481e18f822d3e7d2162f69f1a1c534f8e9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12453
x-xss-protection
0
google-lineitem-id
5018429208
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254882280
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0E01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstr9sNzLDepg8OVbJFyWNWj6NDxw7AI67k7CdkUcSv8OrGn-oOQDtWW9uAOsXD3GYiQkBzTFlEdmqJ1lQHUXcVKhR2FJH6-jTA3-esIhEETcHLAbH9VtURyFsGI9azcWGnY-mksjlXkXDb_wTv6vVetgfIkKF4EDAv9BtJXAlHaDwZ21V0Bjnt4ITHRn4AXbtnIYmaGsYx-zcAn3GLbJ-rZF-uAS_ZjhAkivi0hexn9A4fFkc07x9Ilu8NoqfqxeEhfCrPYEDPlaxW4PWy1CCoLprH7yaMLlxYAxR42V6DWqddgJPEZ7XPKRPBzuFfIGwC14D2DBQQsTurowLWgCJzxk2mqlF2-IIaQu49XmzbamkGsXtAap-EzGwOaWw&sai=AMfl-YR1GBstVYrTERVvx6J8RJBFmmcy_GZyetvg6_udyNNP5B6z6TKWbMuxCDYNEAfAsYfudYG49q9XWxShSMg4BkAHxnK4ZrSLQAQolOa8iARioMDQWMR1BOPAkPUdK2Y&sig=Cg0ArKJSzNJiocd5ZALTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
render_post_ads_v1.html
googleads.g.doubleclick.net/pagead/ Frame A5F7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17585
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
4767
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 20:42:23 GMT
etag
12223946614886178233
expires
Sun, 17 Dec 2023 20:42:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 0E01 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0481712fe5bae84f1b02cc375afad77dc9e141437602c3a0717739654e9a003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
3075
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3350
x-xss-protection
0
server
cafe
etag
10582483094955927000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:44:13 GMT
trk.js
cdn.adnxs.com/v/s/240/ Frame 0E01 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 01:35:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27680
Expires
Mon, 16 Dec 2024 01:35:28 GMT
it
fra1-ib.adnxs.com/ Frame 0E01 		0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fbola.tempo.co%252Fread%252F1740228%252Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&e=wqT_3QKaB_BMmgMAAAMA1gAFAQjeoPmrBhCWrviM3Jf9jVUYs-ymnIrJ9rgRKjYJ4xqfyf550j8RtnTXop2E0D8ZAAAAAClcA0AhtnTXop2E0D8p4xoJJNAxAAAAQOF6tD8w4_GcDTilFUDlHkhlUKeiyyVYrtChAWAAaLO3K3j4yASAAQGKAQNVU0SSAQEG9A0DmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAr6DXuoCX2h0dHBzOi8vYm9sYS50ZW1wby5jby9yZWFkLzE3NDAyMjgvZGktYmFsaWstZWtzb2R1cy1wZW1haW4tY2hlbHNlYS15YW5nLWJ1YXQtdG9kZC1ib2VobHktbWVydWdpgAMAiAMBkAMAmAMXoAMBqgPnAQq_AWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ_aWQ9YXdiaWQmYXdiaWRfYj1BS0FtZi1BeFRhTTNDbU1KTmozUWFURThMU0V1RzBpTkFXZDZZMGx1UTA3SVE3dnNpU0liZ0ptRm9kWU1jaXZwcnpLeWstQXBxMVc5b1h3bVI4Mkhzdzk4NFpBalF1a1BldyZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM2MTMyNzY0NDEzNDI5NDIxODQ2Igg3ODgyNzgxNSoEMzk0McAD2ATIAwDYA8GFL-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzKoBACyBA8IABABGNgFIFooADAAOAK4BADABPL0uSLIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAF9bal5c3c1fcrwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2rxg-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDE1NDk3NjkxNzYxNMgH-MgE0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfC_AOKCEcKQwAAAYx1ae8wVRv0vcGeFxbHItkabfMzEhYXNmThNSeIevrADk1bl4o-ylWbEz0kkIpxGg3f_T1i7NgTWlEAppn5BfsQAZUIAACAP5gIAcAI6hDSCAkIsP__PxAAGAA.&s=1156739b3cd1bd744b60023b2cdae75f6a43ff8f
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:28 GMT
an-x-request-uuid
0f59a08c-ea7a-49ed-bb69-1523ff394f18
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E01 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-B163BE6zROoCY9h3Je7Ryz7QWoaKUDD9pqZ9v9EPlwSBAE_hJaWApoVSnKlQpgA1G_maehZioNWWzI8MhS7DJbaytIog
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
bid.g.doubleclick.net/xbbe/ Frame 0E01 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAFCYkFLQW1mLUFCREVXTGYzRTZ0VGJsZjRYUU5Jdk5rb1MyOTdiYzBlQnNhYU1MOEpEeVY3U01oT3lYQTV2TWpmaDFMTXBQdVplT0NvU2Fib3dueW5hSzNjbERyVmNWMTlXRlRn&v=APEucNUSjotx_tA82jEUwt5SndIVgLAqpDfMDQRc502KKJEdLwGf3sLNT9ZmuGRotDa96orPzXqSlX6QaHB9wzv1dUDeiUvH7NMLDrweGWcL3O2xym4BWoEnpJLF9uDEn7mBiwsyWVPCBEiAvY6K487Fg1vtLdowz1ARmUJyyGv2K46X-dQBbrmuTshVSShcrt2tSQd1EBDUEW0GbTgZuLo2UyPH_dXW5w
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0E01 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:28 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame CFB7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 17 Dec 2023 01:35:28 GMT
ETag
"623de86a-cf34"
Expires
Mon, 18 Dec 2023 01:35:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 0E01 		0
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&e=wqT_3QK5PPBMOR4AAAMA1gAFAQjeoPmrBhCWrviM3Jf9jVUYs-ymnIrJ9rgRKjYJ4xqfyf550j8RtnTXop2E0D8ZAAAAAClcA0AhtnTXop2E0D8p4xoJJNAxAAAAQOF6tD8w4_GcDTilFUDlHkhlUKeiyyVYrtChAWAAaLO3K3j4yASAAQGKAQNVU0SSAQEG9DsDmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAr6DXuoCX2h0dHBzOi8vYm9sYS50ZW1wby5jby9yZWFkLzE3NDAyMjgvZGktYmFsaWstZWtzb2R1cy1wZW1haW4tY2hlbHNlYS15YW5nLWJ1YXQtdG9kZC1ib2VobHktbWVydWdp8gIMCgZIRUlHSFQSAjkw8gIMCgVXSURUSBIDNzI48gIhCgZMT0FERVISF3JlbmRlcl9wb3N0X2Fkc192MS5odG1s8gIYCgpJRlJBTUVfS0VZEgoxMzgzNDcwNzYw8gLIFQoLUFJFX1NDUklQVFMSuBU8c2NyaXB0PihmdW5jdGlvbigpey8qCgogQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4KIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wCiovCnZhciBrPXRoaXN8fHNlbGY7ZnVuY3Rpb24gbChhKXtsWyIgIl0oYSk7cmV0dXJuIGF9bFsiICJdPWZ1bmN0aW9uKCl7fTt2YXIgbT1BcnJheS5wcm90b3R5cGUuaW5kZXhPZj9mdW5jdGlvbihhLGMpe3JldHVybiBBcnJheS5wcm90b3R5cGUuaW5kZXhPZi5jYWxsKGEsYyx2b2lkIDApfTpmdW5jdGlvbihhLGMpe2lmKCJzdHJpbmciPT09dHlwZW9mIGEpcmV0dXJuInN0cmluZyIhPT10eXBlb2YgY3x8MSE9Yy5sZW5ndGg_LTE6YS5pbmRleE9mKGMsMCk7Zm9yKHZhciBlPTA7ZTxhLmxlbmd0aDtlKyspaWYoZSBpbiBhJiZhW2VdPT09YylyZXR1cm4gZTtyZXR1cm4tMX07ZnVuY3Rpb24gbihhKXthPXZvaWQgMD09PWE_ZG9jdW1lbnQ6YTtyZXR1cm4gYS5jcmVhdGVFbGVtZW50KCJpbWciKX07ZnVuY3Rpb24gcChhLGMsZSl7dmFyIGI9ITE7Yj12b2lkIDA9PT1iPyExOmI7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChhLmdvb2dsPhoAeD1bXSk7dmFyIGQ9bihhLmRvY3VtZW50KTtpZihlKXsBGhBmPWZ1bgWDCCgpexkXIGc9YS5nb29nbD5TAEwsaD1tKGcsZCk7MDw9aCYmQXJyYS7QAahzcGxpY2UuY2FsbChnLGgsMSl9ZC5yZW1vdmVFdmVudExpc3RlbmVyJiZkThcANCgibG9hZCIsZiwhMSk7tjoAEGVycm9yDTsYfTtkLmFkZEJzAD4UAD5wAD4gAAQmJkZIAAAoNmoAMGImJihkLmF0dHJpYnVBERRTcmM9IiIBvhRzcmM9YztaSgEkLnB1c2goZCl9Cnl9BHEoKZYEYT0xrDguY3VycmVudFNjcmlwdDtpj2goYT12b2lkIDA9PT1hP251bGw6YSkmJiI3NyIBEhAuZ2V0QQ2QOGUoImRhdGEtamMiKT9hOhVXPHF1ZXJ5U2VsZWN0b3IoJ1sNJQA9AUQMXScpfUU3LHI9UmVnRXhwKCJeaKFp4D86Ly8oXFx3fC0pK1xcLmNkblxcLmFtcHByb2plY3RcXC4obmV0fG9yZykoXFw_fC98JCkiKTsKZk1jBCB0FeAAawVhDGM9W10FCQRlPQHGDDtkb3tBlRhiPWE7dHJ5BQwAZEGtGGQ9ISFiJiYBJBwhPWIubG9jYSFqIC5ocmVmKWI6ewEtkGwoYi5mb28pO2Q9ITA7YnJlYWsgYn1jYXRjaChoKXt9ZD0hMX0BXghmPWQZFwBmARYMaWYoZil5AGc-XgAMO2U9YnU5BCYmGQwoLnJlZmVycmVyfHwBlyR9ZWxzZSBnPWUsDcsAYyngMG5ldyB1KGd8fCIiKSkF1RRhPWIucGEh1BmGAGEF__BAfX13aGlsZShhJiZiIT1hKTtiPTA7Zm9yKGE9Yy5sZW5ndGgtMTtiPD1hOysrYiljW2JdLmRlcHRoPWEtYjtiPWshKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHAANawA9HXUAKQmGDDE7YTwRikw7KythKWc9Y1thXSxnLnVybHx8KAUILkIBOnYAFFthLQoxXSEMGCxnLmg9ITAB4ykiAGsZqyHVZf8AZyUWJQIEZT0yBAEgMDw9ZTstLWUpIbpEPWNbZV0sIWcmJnIudGVzdChmAY8gKSYmKGc9ZiksBQ4sJiYhZi5oKXtiPWY7RRsAfQ1dAGUV5gQmJgHMATsEOzBBZQBkIVoIJiZlBUgBGwgpO2MFrRR2KGIsZyltixggYy5nP2MuBfoMOmMuaQFAAH2xUwwgdihhwfwUdGhpcy5pQdUBCQhnPWMZIgB1HSIIdXJsESQUaD0hIWM7BS8FiCUKAH2ZKQB3dUkkdCgpLGM9YS5pbsneOCI_Iik7c2V0VGltZW91dC5JCEH9AGWZOhhlPy4wMTplQTVEIShNYXRoLnJhbmRvbSgpPmUpaQ8MYj1xKCGkACJl_zQ6Ly8iKyhiJiYidHJ1ZYFrAGJWawQ4LXJjZCIpPyJwYWdlYWQyzUoQc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGQ9KGQBsQApobZSBAUALQ0xMCIpfHwidW5rbm93biJh41wrZCsiJnNhbXBsZT0iK2U7Yj13aW5kb3cFWABmOTQUZj8hMTpmITM0ZD1iLm5hdmlnYXRvcikyDgBQLnVzZXJBZ2VudCxkPS9DaHJvbWUvSZsgZCkmJiEvRWRnGREcPyEwOiExO2RhkxVRMC5zZW5kQmVhY29uPwodaR0YJChlKTpwKGIsZSzVDAmeECl9fSwwVaAsMDw9Yz9hLnN1YnN0DiUJHCgwLGMpOmF9CeAMLnJmbC4CCMlgbCBlbmNvZGVVUklDb21wb25lbnQodygpKX07fSnp20GaFCk7Cjwvc8WYbD7yAvMGCgpFWFRSQV9UQUdTEuQGPGRpdiBzdHkhUgxwb3NpobFkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIOFMVYdJFEpZAkE2DR4uMgIUYXdiaWQmBQbwhl9iPUFLQW1mLUIxNjNCRTZ6Uk9vQ1k5aDNKZTdSeXo3UVdvYUtVREQ5cHFaOXY5RVBsd1NCQUVfaEphV0Fwb1ZTbktsUXBnQTFHX21hZWhaaW9OV1d6SThNaFM3REpiYXl0SW9nIiBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0iIjEaTGRpc3BsYXk6bm9uZSI-PC9kaXY-_joBbjoB9KgBYmlkLmcuZG91YmxlY2xpY2submV0L3hiYmUvcGl4ZWw_ZD1LQUZDWWtGTFFXMW1MVUZDUkVWWFRHWXpSVFowVkdKc1pqUllVVTVKZGs1cmIxTXlPVGRpWXpCbFFuTmhZVTFNT0VwRWVWWTNVMDFvVDNsWVFUVjJUV3BtYURGTVRYQlFkVnBsVDBOdlUyRmliM2R1ZVc1aFN6TmpiRVJ5Vm1OV01UbFhSbFJuJnY9QVBFdWNOVVNqb3R4X3RBODJqRVV3dDVTbmRJVmdMQXFwRGZNRFFSYzUwMktLSkVkTHdHZjNzTE5UOVptdUdSb3REYTk2b3JQelhxU2xYNlFhSEI5d3p2MWRVRGVpVXZIN05NTERyd2VHV2NMM08yeHltNEJXb0VucEpMRjl1REVuN21CaXdzeVdWUENCRWlBdlk2SzQ4N0ZnMXZ0TGRvd3oxQVJtVUp5eUd2Mks0NlgtZFFCYnJtdVRzaFZTU2hjcnQydFNRZDFFQkRVRVcwR2JUZ1p1TG8yVXlQSF9kWFc1dyIgYm9yZGVyPTAgd2lkdGg9MSBoZWlnaHSSKgIw8gKaAQoMUE9TVF9TQxZEDgSJARpEDjYyAwBnEs0LCGFkc0r-AWlOQC94YmZlX2JhY2tmaWxsLmpzQY8Ac2nfDVMAPt1OZCB7cjNweCgnMTM4MzQ3MDc2MCcpO30pKCk7nRUQlBcKEEgBnjRQT1JUX1BBUkFNUxL_FtFOipUA8IthZGZldGNoP2Fkaz0yNzEyNzE4NTI4JmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD03Mjh4OTBfYXMmaXA9MTc4LjE2Mi4yMDkuMTMyJm91dHB1dD1odG1sJnBzZD1XMTAlM0QmdW52aWV3ZWRfcG9zaYHCIF9zdGFydD0xJuGtHnEQECZzdWJfDYUAYoG28H1yLTY0MzU2MjImaGw9ZGUmYWNlaWQ9TUR1c0ZRQWhIYlFBT3RUbUFBdVVOQUVTbERRQnJaUTBBWUtWTkFHeWxUUUJkSlkwQVhhV05BR3RsalFCNXBZMEFldVdOQUhfbHpRQkE1ZzBBUW1ZTkFFa21EUUJONWcwQVVPWU5BR1UBECxvNWcwQWJTWU5BRzQBEAA0ARAYZWVZTkFIMAEQWDlwZzBBUTZaTkFFVG1UUUJGcGswQVJ5ARAAcgEQFFNaazBBVQEQBEZPARAAVQEQGFdHWk5BRm8BEPQFDFMzTkJBVk56UVFIZ0gxd0N2XzZJQXRfLWlBTGpfb2dDN1A2SUFpRF9pQUluUXFvQ0tFS3FBdjU0cWdKdWdhb0NSb21xQWhpTnFnS0FtNm9DZ1p1cUFvS2JxZ0tpcUtvQ1U5bXFBa1Q0cWdKQy02b0NOdnlxQXJVSHF3SThJNnNDaENlckFsUW9xd0o5S3FzQy15dXJBdFEycXdJbE9xc0NLVHFyQWkwNnF3S25PNnNDUVVHckFteEtxd0xIU3FzQ1lFNnJBcmhPcXdJZ1VLc0M5RkNyQWdKUnF3SUtVYXNDaWxtckFpQmNxd0p3WGFzQ2JHZXJBb05ucXdJUWJhc0NHWEdyQXU5eHF3Sl9jNnNDeW5TckFoWjNxd0liZDZzQ0lYZXJBaVozcXdJcmQ2c0NiWGlyQWdoNXF3TEpmYXNDVW9DckFweUJxd0szZ3FzQ0hZT3JBbUdFcXdJa2g2c0Njb2VyQWxPS3F3S2ZpcXNDdEl1ckFoU01xd0swaktzQ09wR3JBdUdUcXdJWWxhc0NwWmlyQWd1WnF3SlptcXNDMFoyckFycWVxd0pnbjZzQ0tLS3JBcUtpcXdKQXBhc0NIYWFyQXRPbXF3SVBxYXNDSTZtckFrU3Bxd0w4cWFzQzVhcXJBc3FycXdMYnE2c0MtcXlyQWtLdXF3STdyNnNDRTdHckFtS3lxd0tzczZzQzdiT3JBaGEwcXdJYXRLc0NJYlNyQWlXMHF3SXB0S3NDRnJXckFuUzFxd0xMdHFzQzY3YXJBclczcXdMU3Q2c0NBN2lyQWdlNHF3SXh1S3NDUkxtckF2cTVxd0pDdXFzQ2U3cXJBb1c3cXdMV3U2c0NUcnlyQWxDOXF3S092YXNDUEw2ckFrSy1xd0pvdnFzQ21MNnJBb250QlFPVTdRVUROVjczQktCNHJnV2tlYTRGbVh1dUJRZDhyZ1ZVc3NVRkJ0cF9DTkNHSXdwNjkzNFNDYWo3RWdPcy14TE0wZnNTZU4zN0VqSHoteEpxOF9zU3doUDhFajRWX0JKNUdQd1M1aHY4RWpJY19CSTZIZndTMGgzOEV1WWRfQklySHZ3UzlCNzhFZ1FmX0JKdUhfd1MyaF84RXVsYjBCT3Y5UU1WLWxackdnJmV4az0xMzgzNDcwNzYwJmF3YmlkX2M9QUtBbWYtQU5iTVlfS3Z6d0dJb1o4UF82ZS1XRmw2TnhMeG5rc2FwQVhPSUxoclpydTU1WlJEMW5jZDE4bVJqd2dtVmtIenNiVEdDSGpkQ21Bb2dncVR6cWQ3c3RYblpwMmw0WjAyVVR1SGUtQTJJYW1jdDRkRHd2ckRoX0lzZ29zeUlOMlFFNWZwbXhGcmp2bjd0LWlDQVQ1UWZ3TlFUb0M4NVFiVzZlcW53czFLZXBhcVJnVnlCSGhSQ2NSQzBzZ0lUaG1OU1RWX0NFJmF3YmlkX2Q9QUtBbWYtQlpTa3V5bnlIdGUtRzl3dVZWLVNlbHRLQlBjN25qMWNKMnllOFRXLWl1dndmeG1sYTE3dFY2LVZ0eGZZUWdQWW1CLUtNRkpheDloU3hZdnRsZlhPNmZTYTI4QUVkTW9XcGlYT1VBZFJzUjI2ck9MTGlOeU1BVFhUdHRvRTlmODZ5dTU2Mk5Pcnh0bVdlZThWZFUwMThzRmNCZmtNekR2Umcxbm1FZU5sYUZPMjVqNW1UamZveHF0am1MYzBhMC1lQU5rUUt6d0tNZnVkWWtaNnRDektwSmtoLVZ0UG9xeGZETzQxVmViajV0QUR6Yks5cDFkMFRMLVkzaHBWam1yMFBkdU8yalhZT2x5ZjZGa3MydEloNk9VS0pwM0ZuQXdLNVhzYnJFcGxlMDV4Vkwxb2h0bG9QZVFDdzY3SmdwamRWUnFObGo5cUpYYWgwS3ZRbG84c2lDRlRvanZrYUhjWkJpT3VKamcxT19NRnUzQnVHYkgxcnRtUVhncHIyV0VzRVhHY2FsaHBiQWozeWpoZmhWNHVJQTZ5WW1IVG5udlJlOV9xSk5jRXJGZmxrTENLRUFDbGx2NDVkZWpsOTU3SFNHYnlwRHpKaGxZVUJuOV9oeVpXRVBidjFUV3FTeHNlNlZROWZITjNuQUNVOFU4cDFsWFdmazlKT0dPLTdpcmFUTUV2clNnTHRpTzNMTWpBT0tuMnFqdktiemxWY21SalhrWkkwRVF5ejJpd0htb3REeWhtU2pQaVoyMFkyUnp2dTlHeVNZOWZ5UURoQmw3RHF5Z2JsUnhUUmhfazdISkVSNkdVa3hFVk8zSjB1RnktRjBfY3o3Y3VUX0xGMnFTSnBXRlFjMkplR0VHUWhuVU53QmhGYW01VGpzS092SEE5NFl4Uk5PZHFveTFhRzRXbkdVLUhCdlc3ZXdmaXlpa2EwYm9GWk9lNWotam5RenhfaXlOOWg2clN3MDNPdlplMlNRWEdJa0FZakU1Ymxta3RyeTB6Q2NOa2ZqdjFNU0x0NHdNd3gweWZQZmZQeUliajZVQnlxczRCYWJVSnR4TFJ2UGxiUlV3dHQ2S2JrMEl3WnltVjNvMU9zZV9ES2tpQnZsRFJabzRhMUlIUTJtcVQtcU9MWEhWVTlsVkVfZzA0V0RVT0JEYmstaFlXendqNGhRaHVzVmtuUEEwank3ZURtdkVWcTNoMER5aTZOb0ZIUWxRTkdKbE44VFFxMDhBcXZEYWhwdFNrLWhFdmZEZkVpVVRUYllqYzZfUkxld1VDMDgtaFYzTlhOUGZrMHduYWxITmJjYW9kOUNTRXpoTG56bkhMTFdYdS13aEk4cFBYUUl2TTNqcmxVNHVTenNQXy1oZ3lSUlFwTmVDeVBVU0NhVjA2UUtoSC00Z2Fwd291SUlQTFU5Wm5ETU9WUHFLdHlkUTBzT3Uzc0NYb2VpOURWOHUxZFR6VGN5REFRekFvY0Y1RjlodmxrVGpYTzFrcGQ5RHVhaTBVRWpWdzNZQVlJLVdQd1BtckhtaG04TlJPM18wQ2RyUWpRY1ZJTVVfT21ad2VEcXdpRGhwNko3eEIyc1c4d2d4MGVMYUZjcFVmVVU1dTJJMms3cDhyRWN2Mkxjck1sSyZjaWQ9Q0FRU0tRQXZIaGZfRlVkUHk0Z1gwLWpKMW5GcW42OFlJY1NWaEtwbnByamplM3pBSG9HZ1d2VE9WM0s3R0FFJmFfY2lkPUFLQW1mLUFCREVXTGYzRTZ0VGJsZjRYUU5Jdk5rb1MyOTdiYzBlQnNhYU1MOEpEeVY3U01oT3lYQTV2TWpmaDFMTXBQdVplT0NvU2Fib3dueW5hSzNjbERyVmNWMTlXRlRngAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgDwYUv4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjEzMqgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAE8vS5IsgEANoEAggB4AQB8ASnossliAUBmAUAoAX1tqXlzdzV9yvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB6gUQCgxSb21lbHVMdWtha3USAOoFDwoLTidHb2xvS2FudGUSAOoFDgoKVG9kZEJvZWhseRIA6gURCg1CdXJzYXRyYW5zZmVyEgDqBQ8KC0hha2ltWml5ZWNoEgDqBRAKDE1hdGVvS292YWNpYxIA6gUOCgpLYWlIYXZlcnR6EgDqBQsKB0NoZWxzZWESAOoFDwoLTGlnYUluZ2dyaXMSAOoFEQoNQmVyaXRhQ2hlbHNlYRIA8AXavGD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG7o8B2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTU0OTc2OTE3NjE0yAf4yATSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8L8A4oIRwpDAAABjHVp7zBVG_S9wZ4XFsci2Rpt8zMSFhc2ZOE1J4h6-sAOTVuXij7KVZsTPSSQinEaDd_9PWLs2BNaUQCmmfkF-xABlQgAAIA_mAgBwAjqENIIBggAEAAYAA..&s=11ca8830cc42b5b2413027f3b42da5bb5722f054&bdref=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi,https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:28 GMT
an-x-request-uuid
460eb5d0-b52f-414f-b3bc-8bb9896eac21
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adfetch
googleads.g.doubleclick.net/pagead/ Frame A5F7 		172 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47c96f035a3804d2f34b097b83bc007ea25e533409be9cfef9f921b2cfb6af26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sun, 17 Dec 2023 01:35:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47836
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0E01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui81JCzcZ9xmghmD7mHi42Z8SyzLUYSCgdiSpk67GS9XPIEl0qNM07M-e2j4OcLN8n-NyUSwyyij0lc0q1_-2P8PBFYCHFCiaHn8WRWTG4YgWMQlDVRXGlrkBQ_m9SeYmZTMqcpxwwBoCQzFLj-pbp2v7dQ2RPj6EM2mMV-6Gp_A6_MLfkWPwyRDGAGpY16mXyCNeb2fDRErpBboAjg0i5FYmKPy8i_TOyE7QFXhW-eNxWMxXoRwumBY3_zttaYtyYMCNyawE06ETHFMhRNhnSo7qNfw4cI1jY2ETFAcjQOp9TDgZCzwOwrd0C6lKFwInzyoFahICHqshmgXn30kDkKlInXHhowPSUiRqWWYmHR__ofnKZTwZ1w2QMwW43&sai=AMfl-YTE9_jijTBfbW0xpz9vYBOkF3yRppTxWFlwTXG6u9nSbih8NYYhhCUfc0wTArmEt9Vw1RQZhRcKC-GihhpL8s_lj_RH0alo0mK0PMIdDQzBKx2Qk6KJx2VWVH1Sr9Q&sig=Cg0ArKJSzO-eVu4cqcH8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:28 GMT
truncated
/ Frame 0E01 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f4c37afccb4a042e93622218b1872bf9c2b1dd972a513900aea4ad49014994f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame CFB7 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=2725&pub_id=2192392&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:28 GMT
an-x-request-uuid
516b26a6-473f-4d2b-b2aa-ee34008cc75e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 0E01 		0
662 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&e=wqT_3QKaB_BMmgMAAAMA1gAFAQjeoPmrBhCWrviM3Jf9jVUYs-ymnIrJ9rgRKjYJ4xqfyf550j8RtnTXop2E0D8ZAAAAAClcA0AhtnTXop2E0D8p4xoJJNAxAAAAQOF6tD8w4_GcDTilFUDlHkhlUKeiyyVYrtChAWAAaLO3K3j4yASAAQGKAQNVU0SSAQEG9A0DmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAr6DXuoCX2h0dHBzOi8vYm9sYS50ZW1wby5jby9yZWFkLzE3NDAyMjgvZGktYmFsaWstZWtzb2R1cy1wZW1haW4tY2hlbHNlYS15YW5nLWJ1YXQtdG9kZC1ib2VobHktbWVydWdpgAMAiAMBkAMAmAMXoAMBqgPnAQq_AWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ_aWQ9YXdiaWQmYXdiaWRfYj1BS0FtZi1BeFRhTTNDbU1KTmozUWFURThMU0V1RzBpTkFXZDZZMGx1UTA3SVE3dnNpU0liZ0ptRm9kWU1jaXZwcnpLeWstQXBxMVc5b1h3bVI4Mkhzdzk4NFpBalF1a1BldyZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM2MTMyNzY0NDEzNDI5NDIxODQ2Igg3ODgyNzgxNSoEMzk0McAD2ATIAwDYA8GFL-ADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzKoBACyBA8IABABGNgFIFooADAAOAK4BADABPL0uSLIBADaBAIIAeAEAfAEp6LLJYgFAZgFAKAF9bal5c3c1fcrwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF2rxg-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDE1NDk3NjkxNzYxNMgH-MgE0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfC_AOKCEcKQwAAAYx1ae8wVRv0vcGeFxbHItkabfMzEhYXNmThNSeIevrADk1bl4o-ylWbEz0kkIpxGg3f_T1i7NgTWlEAppn5BfsQAZUIAACAP5gIAcAI6hDSCAkIsP__PxAAGAA.&s=1156739b3cd1bd744b60023b2cdae75f6a43ff8f&type=nv&nvt=5&jm=1003&px=270&py=2244&bw=728&bh=90&sid=4682805911186091052&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27736291&sw=1600&sh=1200&pw=1600&ph=14753&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:28 GMT
an-x-request-uuid
8917fdfa-d54b-40d0-8bd6-1851e3868022
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1636798576634750&bg=!7O-l76DNAAY3kmNgF5I7ADQBe5WfOKDDGK6uYEzqKvfP2ADmgwp1IUAXViKBcSt6Zl-4_t7FoqD8mgfn4-qX330bBUE5AgAAADdSAAAAAmgBBwoAQjWyfDpFWJ5uYm8j2Je2zdGZOOCydjHE8msMD0nGTLdwlkYVX0KtbOgHYp-TrQEbqqhvAOUI2tosVI9RdBSeRbQ3tJkC4NQBsh1geOkgjcXNm1mILHxKKWcK02VfU2KTYWyiVBr6W0Ss4uLdhC_X_Wsnze9SQltyXSgwxgQln2iE9MmfE66Bn5lx5WZNb02SzYDNv5ZFm7Mm6Ej1s3hp-zA6ZCptloVGYfkPtQtaCEBuqyWZfLcdw3Sm3ZGjTOnAOc43M-uj6bN7_rId17gH3W_egNzNaunwesYJpgwmjI6v4jvbB6VUIJcugagOg-IGpnwwtYS9zrI1pZQUwysojT4ucD1bAbb0HYcEc0Mj6tas5fXIKxVl5SmZnD6Wc27prpwlkldZ2RHS9AIqV-2dTqFAZwhTIinT-bsaZlcWd-jqV4VEI7RwqSbBje3j1r4y7AyjsNW-MXuMyLoMlxKUdXBPjSwlY0uUIBaHw81j363mbqrLurleAs54_7Lsq6lIzBgbYPPHzIodLTn3sCLPQeWNOljU9fm0-4n3mfheznY9elBnE2Wl7DrvJkJL_jFOT08X8_ceUEs6-f6EtBb2i5wGu6YfKU45sqczuVAtlZNikXQQoYglccW_vdB0ENbSqWoPkZ4MoZQxghX70tUOUgZruRSjbXkpa_p7nCiRkvBvsp0vuEJJhPS3btlJ_vEDmz360FuLWmjcCFTRPeXudqbtHlF94J7EHM5tnwIatHb7SWq46zGxf0MTt4tLuW9W32oSoHhlTjrnsuFGu2Ct-VkUnHnOM5B2vzWud6ieHpeOg2Fyxy1vETQcH3pDEGtO4vP7eWk4mYtgeUf35AXakZuvjM7tv2gMMhFRoATUT9SsxyPltIQH8eMaLjo5DWg5j_bji1hS5ZAfT825CDMXVPvZHflnpK20FKEpVtAE807qgnPrnY8RCR2VX4vVECAVDeaotIQJLZDCEiKVYR1_fcWERJq3XJZ31-7NPdXbxwmHdU4XIJrjEq_87EgO2w_UdCqctmQcwUwyXIyaOmMZHObFX9RmuNWKDpcKJcmCIh04BMbHV80
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
load_preloaded_resource.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A5F7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdbe9b84c30a00229826b0b1e354c94d36dd6bf16e6580bbef43877689c8f5bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 09:01:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
59644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1182
x-xss-protection
0
server
cafe
etag
16216481440669322801
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 09:01:24 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame A5F7 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 23:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
8121
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 23:20:07 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A5F7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:55:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
85190
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1307
x-xss-protection
0
server
cafe
etag
18393213423120915576
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:55:38 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A5F7 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 00:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
3422
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11807
x-xss-protection
0
server
cafe
etag
2895842962934950836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Dec 2023 00:38:26 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A5F7 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 01:35:28 GMT
54d1c22c3cbefc4e5c3655ead0d764a5.js
www.gstatic.com/mysidia/ Frame A5F7 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/54d1c22c3cbefc4e5c3655ead0d764a5.js?tag=mysidia_one_click_handler_one_afma
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b496fae0bf22e95b2ff8eb5477cb418c118245ac7e9a042dc5bac4a59e7ec249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:49:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
387972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20527
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 11 Mar 2024 13:49:16 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame A5F7 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTJR0RrmBioGcMwofDWx4XbN3D51i9wiSKAIT5Nlk0DNO2UHyiyAlOrMrkNcg&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98c424ff38dbedb9ff73604ba450074c96ff90b0257d80444a1c623f5d37a00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 21:25:15 GMT
x-content-type-options
nosniff
age
447013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21929
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 07:32:16 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 10 Dec 2024 21:25:15 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A5F7 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT6YZ9ygtfVoccExUotAFzKj7agDwdE19I9fuUGPCZ2oedbM0fPzrfGamH_viY&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35682b6d192865418ad4102e8be4970cfed03315f3f2b04a4d3f34904219a8c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:26:17 GMT
x-content-type-options
nosniff
age
158951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17768
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 06:06:21 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 14 Dec 2024 05:26:17 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame A5F7 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTrbZuExphnUN6dJ7_w4tMQro5-HLiUBkjuJV_9bQqAazG33S1yrHrjtUjYF4U&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc8a4b87394f1fbd068be27530b4c31b5f49c3c0f44bf6d801fd9edba99bc05f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:33:24 GMT
x-content-type-options
nosniff
age
421324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30624
x-xss-protection
0
last-modified
Tue, 06 Feb 2024 05:53:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 11 Dec 2024 04:33:24 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame A5F7 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRlG4MYlWYdsJkaJIVuCk5QKg_CwETJomZg5Ucph78VDFUHU3-1eu20tuEwAA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa07bc3c7ff32cc3cd3c9408989b15f7fda9cce3320e374037eabaaceb940bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 06:06:37 GMT
x-content-type-options
nosniff
age
415731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30064
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 05:28:37 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 11 Dec 2024 06:06:37 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame A5F7 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQgdDjgDEvitK85ZSiyuL897_RyDQ3IqLQck6Z46N61K2Lpr8QNtndYQOULtoE&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbae005794827772fd88ef853cd925bbbe33f25b10d9cc7eeac8d555ed18ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:37:31 GMT
x-content-type-options
nosniff
age
428277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25749
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 05:58:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 11 Dec 2024 02:37:31 GMT
3995853839924061625
tpc.googlesyndication.com/simgad/ Frame A5F7
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc
  • https://tpc.googlesyndication.com/simgad/3995853839924061625
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3995853839924061625
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 06:51:35 GMT
x-content-type-options
nosniff
age
413033
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 17:15:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 06:51:35 GMT

Redirect headers

date
Sat, 16 Dec 2023 16:08:52 GMT
x-content-type-options
nosniff
server
cafe
age
33996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3995853839924061625
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 15 Jan 2024 16:08:52 GMT
truncated
/ Frame A5F7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cbe2539d9cb125491bcc1110586cbd47a9e4f3da6bb46cbabd7eedbebee1603

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame A5F7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CUqCSXlB-ZerONo2unsEP8pOi0Abugp_rdN-z48OBEuHSg8-BChABIOaX1iVglYKAgJQHoAGhwJjxKMgBCagDAcgDywSqBMABT9Dnmh5hfr-v-2XuHzdU_jDCkzncvwkJVGVj1uvAp-lmrkb...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229866786893461902253%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%2225...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229866786893461902253%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215684186470133609345%22}&andc=true
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:28 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"9866786893461902253","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"15684186470133609345"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 17 Dec 2023 01:35:28 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 17 Dec 2023 01:35:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9866786893461902253","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"15684186470133609345"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 60FF 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: bola.tempo.co
URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:05:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
405001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 09:05:27 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229866786893461902253%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215684186470133609345%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 01:35:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TBVMQFZY8Y&gtm=45je3bt0v9106695579&_p=1702776922315&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=469069242.1702776923&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702776922&sct=1&seg=0&dl=https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&dt=Di%20Balik%20Eksodus%20Pemain%20Chelsea%20yang%20Buat%20Todd%20Boehly%20Merugi%20-%20Bola%20Tempo.co&_s=3&tfd=9050
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TBVMQFZY8Y&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bola.tempo.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CFB7 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=2725&pub_id=2192392&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:29 GMT
an-x-request-uuid
7fedd19b-bdea-4789-a838-51ffad4389dc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.132; 178.162.209.132; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
pebed.dm-event.net/ Frame 8B98 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pebed.dm-event.net/
Requested by
Host: static1.dmcdn.net
URL: https://static1.dmcdn.net/playerv5/dmp.photon_vendor.3ce7557f0c4e78d46b63.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.65.124.58 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ebed1.dm.gg
Software
edward-ed/2.2.1 /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Accept
application/json, text/plain, */*
Referer
https://geo.dailymotion.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sun, 17 Dec 2023 01:35:30 GMT
Server
edward-ed/2.2.1
Access-Control-Max-Age
604800
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Encoding, X-Dm-EventBus-Compression-Duration, X-Dm-EventBus-Worker-Duration
Content-Length
15
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 01:35:30 GMT
dt
dt.adsafeprotected.com/ Frame 761F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1700995&asId=1043f0b7-f735-7579-d383-c4d07b4827b4&tv=%7Bc:x196QR,pingTime:5,time:6159,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:16%7D,%7Bpiv:100,vs:i,r:,t:1159%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1158,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1154~0,0~100%5D,as:%5B1154~970.250%5D%7D%7D,%7Bsl:i,t:1158,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:109,fm:tYEKrIq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l11*.1700995-76574792%7C1l111%7C1l112%7C1m1%7C1m21%7C1n%7C1o%7C1p11%7C1q11%7C1r1%7C1s1%7C1s21%7C1t1%7C1t2%7C1u11%7C1v%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1y11%7C1z%7C110%7C111,idMap:1l11*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:16,sis:184%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:31 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 761F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1700995&asId=1043f0b7-f735-7579-d383-c4d07b4827b4&tv=%7Bc:x196QR,pingTime:5,time:6159,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:16%7D,%7Bpiv:100,vs:i,r:,t:1159%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1158,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1154~0,0~100%5D,as:%5B1154~970.250%5D%7D%7D,%7Bsl:i,t:1158,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:109,fm:tYEKrIq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l11*.1700995-76574792%7C1l111%7C1l112%7C1m1%7C1m21%7C1n%7C1o%7C1p11%7C1q11%7C1r1%7C1s1%7C1s21%7C1t1%7C1t2%7C1u11%7C1v%7C1w1%7C1w2%7C1w3%7C1w4%7C1x1%7C1y11%7C1z%7C110%7C111,idMap:1l11*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:16,sis:184%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:5c29:1117:1290:d127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:31 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
loaduser
traid.jixie.io/api/ 		2 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/loaduser?accountid=Te267Ckc0n
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; include Subdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:32 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; include Subdomains; preload
content-encoding
gzip
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin, Accept-Encoding
x-frame-options
Deny
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bola.tempo.co
access-control-allow-credentials
true
x-xss-protection
1
all
csm.eu.criteo.net/ Frame CA3D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=agB4xkWrFZ6tp3IQw4ytbzw7taEBjJzbwtRrlBZIgdNd-Eif4is6F41sIqcalrlZj2hWwdRRfK8-OWczY0p5FctKLsrg2su7ABOQtHeO1EwuhXvDCGEnuAl2BwZG5ZrXQ6W3Fz4_jA6YvI06adkQmc70HElzg1zuUFXwjHKFZpP0vHyJJjVH3r07fEHHUO4GANhdHsbhYD-17LkA4KQQVd9SzBhhhCyWhefK6KCA22CEocFfZIvA1gRnwHsI_nQfsMXN0A&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmX4K4HcNAArHY9J2efgDk31nDRoBTg&u=%7ChiHgvtYhI01jopdU0bof4mWJlBOG2cc4Kt%2BzMeeQBkg%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEH0oFAG3h22Rv_182lTTzqsRFyTC41vabdYrN3wCULU04FYZSzogpYjaSVQ4tXjLvzoAt4N7_yUBy7Jv9l7AKSO2XhgsewE11Eozwnsh6pSgKo3gpJJ_ORIBnbNefniK19HU9-KI8_sYfEvxZsVQYddsIhaq4Rfbv-Bm_pAmByLINgd8FVwyfWZ1xg959Ou_yENduwokJ2m2R2yxQQxR2I8W688nmJgA7UyBgYfqcpqaXRZgs7RtndzSgybD4hOkq7ytcQ8y_s3xujTCnGKHHXPfN6iQx1c-NfinUe3W267Zuzw4lNXYt_SoeKf2njVzE9vX4V2yfnglaCctwkkaEQwVsmgjlv5LnybGFKhaXRiqrpQXHLvsSawuFGaLcelrSMwnAVh4eJbGfvXuHBs8CboSpgafCpt5kTm41C_qNVmFbxGPdCm_hPHARSlkJmRcibtgXM2vgOEae2OIRj4YtVJf7nl1jlaGHcAU8Jj-sTLYL2kiBXvXjXQebMLB5CMUmrnJO-Llrb8M1oYSzWg7PUcCd3xT5dczjEJeArHBktmQI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFnnTWlB-Zf6yOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOQCT9ApWJ9T1V_0BA6LGnP7vZoqoMWDCXCjRunz-vviLb_jEzLsr-WxdCiYlpQcDKtTGx72X8aiiNAj7rtFISW97yg-7eW2gN3URYA-k6bvMco6fbRHk3nnc4ekg2oOiI_vbv_8284Aeu4UyF2wKgA7nQzbRct2wvcnWy8sDwLbISSuWM0UfTYI29cAgiLgyKcOFhIAHTRg1v2vn1jTA916ogxs-P9K61duJL53fS7o3Cea3FDyodgasvHea-IDWcg311qVkYVTVoP16DqAaNrn3M4jHJnPcwJCNoM7rSgPGV7Qp1FeEu_TVZMxVVRI9CeP7qVcORfsV9YUn8mwv7uRsYHs0Hgezi8_QPQaG_BIYL37PQWkB7E8pvspnsi3WN6XYwzFcjCBOqdRgN08oF4P7S75eB5YZs5zJe5mxtUQ0NotAzxUqLGbZYJaqUgjBUbTjDkqNfolGaZi2MUuQYGgxrZYgubgBAGABo7t1NOVkMvQmAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY6cz8rKqVgwP6CwIIAYAMAeINEwintv2sqpWDAxUNd-AKHWPHCm3QFQGAFwE%26num%3D1%26sig%3DAOD64_3zN6e4bRe1TMk6RK_e-jH0iOxOGw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:31 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 8E79 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=TgWDfkWrFZ6tp3IQ7O5-F4AMH64g1Fl-N79FcX-N-tg14IukxZfg3g2z0cqdi68JIy_qwOUxgcX5AAJarsnXe6b_5u27J2MQnPkqNcmY5GqPqhoCF5lGz8DzPBKga-JZmViHi8fnUTV4TVr4WGqQa21amOwO11l0YY_ypzT5HGrf_t-8jfoq1LtEindS02WZo_2qYaWQRsbLrRmKDLMC1s9UjcW5MAlxMKKLNobQfraYDf67IU8hl3mXAhNhn6UcqGgKlQ&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmYIK4HcNAArHY2RX82Z3snqT8MgmrQ&u=%7ChiHgvtYhI03pum7AIw2NZLD%2BLvR2ZwUXX1F6Y0%2FZJY8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuB8I54B28R_G6pIc3Eo99WtlE0nPHHGzINRn3hvVnvE04pN3V68qFCINVIfIuy346Wy_tikt4JeNoKZbk-8vORegajBpkC9U9Ug1DhQ702BUsHZ0LKmyh-E-2gZbMapfggrakKBxwdRGtdk6-UDvcCm8A69w-Gynvco-ww4wlyRv4RgRN4wZV-HDYcIab2lD07pVv32QRuvTyIAc3hAGvGGvIpzLGSxXClhuqyShhxj_04PX-1svQse2C0grwJCo0pxeZVlk4CJzZ1eRSCr9xKAJNU8-bFhk2NfUQjSIXhzd9t3wQ2HkSwFeN0nR50ieaQDCZ_WzRxtTXGTRJx_W7R8iGHTUwAYKHwpgFkCb6sM_40-m7E7pcPJfMp4EElJNca3ulwZcXqx8zERt-WtB0kvwGGIDZp14nJgvUJRDm1x0WXINVKWQJbSiKMlA0xUQjjAxHuZVmYTsn3YdY-XlpVDXoqGwAVd2ZXaMfKvVBluHijOnA-uSqVdvrJHFjSSx9oCOE6FnMwefs-5VUETqYyPZf75eer8HJWeltipWmtMDdDhKcPzjMFeEytV_6D_Hxim_SN2Y152f6G2oWVyDucQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdIJKWlB-ZYKzOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOUCT9A5aSg7CLuZ9XvuIarrZIjBfVtLi1Py1WIYEuR7Cw15TB_s8jhpGsGlzX0GFIpnaX5rOlLxmT_crc54qNaKznKWEDFA7oFVWWVBawzPJQHYxRTDogO9BPDE5tdYpFEfnqEkAj3sFMzjc3luqNto_pjZYD4OlYCxEkYNTQCMxwhYn0NSROydvVPs-_RIGt5HoVTdrAUdDR-u8rIqkFQ67TyBVy8w8jY5W4YO4F70vJkT-MgS3jmLeo9HY63FpVymmvGMsv5NUOARa68AU5tGToPjgHwrz6zAD7PmzuBW-s3878mni9RHjwQUNkRNYhjPW-BGGM59h_l6aa9wfUUSyzhVuwVIbRwUWF71lgA_C_jXqosuKqgGFDCIhoCvnLkwjxweoVFlRHr5rAtpf7o8eClh0GqU4atvF5pqItTYnaYRFT_VSRmygkewvhaImgN-eQTTFYAIHjWQgbYrVq238qpjO_-z4AQBgAaO7dTTlZDL0JgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOnM_KyqlYMD-gsCCAGADAHiDRMIq7b9rKqVgwMVDXfgCh1jxwpt0BUBgBcB%26num%3D1%26sig%3DAOD64_0ExXC8C4LOKeyHF963ddNVHUwtAQ%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:31 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
syncframe
gum.criteo.com/ Frame 5940 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=bola.tempo.co&us_privacy=1---&gpp=&gpp_sid=-1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Dec 2023 01:35:31 GMT
server
Kestrel
server-processing-duration-in-ticks
631347
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 01:35:31 GMT
sid
mug.criteo.com/ Frame 5940
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=tempo.co&sn=ChromeSyncframe&so=3&topUrl=bola.tempo.co&bundle=568N5V9nT0V6UkxubHBGVDZxS0dXUEJCQ2pNdUUzUXU2UmElMkJUTDl4ZGxZRXklMkJ4cVV4NSUyQ...
  • https://mug.criteo.com/sid?cpp=Xttu33xFWWVvUUhFZG1nSHNIKzIwenNQcWt4RFdVMmg4UDcrZ0w4Yks3akIzKzBVdlVLdG1QVHBxeU1oc0gwS1Nqa1RCMGw1UEE1bllXTjc0YmgyaC9GSWIvQXpwbnVvS2VPNzRyZ1NoSVUxTmxPejJhbWl1WTF0bThpa0...
433 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Xttu33xFWWVvUUhFZG1nSHNIKzIwenNQcWt4RFdVMmg4UDcrZ0w4Yks3akIzKzBVdlVLdG1QVHBxeU1oc0gwS1Nqa1RCMGw1UEE1bllXTjc0YmgyaC9GSWIvQXpwbnVvS2VPNzRyZ1NoSVUxTmxPejJhbWl1WTF0bThpa0svVjFTWVJGWUMySElwTC8ydTdlbnl0V0pjWWlVdk9uRDdiYTdKWVFiQ2hmdU9PYVVUdTZ6WUNBZTNIOFdzeW53V3V4WXJsZHhlaFo1UnJ1OFdpL3ZMWWYyNmRRLzhlektscUdLU3lkcXZURG0ySm1xOHZtRkdVdDRlVzd2Vk9ueEZQV3dobFAzaldMeERaOGFCWXRsMThFVW85dHN6UHRrNThiTlBZKzZWMXQ2T2gvVWlpZz18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee9ef045df791fe81969dc01004131f84fc3ceb86e2c6f81bdcc4bb81ca319f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
841387
expires
0

Redirect headers

pragma
no-cache
date
Sun, 17 Dec 2023 01:35:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Xttu33xFWWVvUUhFZG1nSHNIKzIwenNQcWt4RFdVMmg4UDcrZ0w4Yks3akIzKzBVdlVLdG1QVHBxeU1oc0gwS1Nqa1RCMGw1UEE1bllXTjc0YmgyaC9GSWIvQXpwbnVvS2VPNzRyZ1NoSVUxTmxPejJhbWl1WTF0bThpa0svVjFTWVJGWUMySElwTC8ydTdlbnl0V0pjWWlVdk9uRDdiYTdKWVFiQ2hmdU9PYVVUdTZ6WUNBZTNIOFdzeW53V3V4WXJsZHhlaFo1UnJ1OFdpL3ZMWWYyNmRRLzhlektscUdLU3lkcXZURG0ySm1xOHZtRkdVdDRlVzd2Vk9ueEZQV3dobFAzaldMeERaOGFCWXRsMThFVW85dHN6UHRrNThiTlBZKzZWMXQ2T2gvVWlpZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
285015
content-length
0
expires
0
newid
traid.jixie.io/api/ 		52 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://traid.jixie.io/api/newid?accountid=Te267Ckc0n
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.129.34.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff81aca4cdd7d756175561f958c3a6424ba75eb94f347ed585ad6e0d21d08bad
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; include Subdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options Deny
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:33 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; include Subdomains; preload
content-encoding
gzip
etag
91c923a0-9c7c-11ee-bfe3-79a5f6d37d42
vary
Origin, Accept-Encoding
x-frame-options
Deny
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=31536000
access-control-allow-credentials
false
x-xss-protection
1
all
csm.eu.criteo.net/ Frame BB32 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=HyhanUWrFZ6tp3IQNDOyCZviab2twBC_j_UwzjJWW1Fay-Dth4OCNya_ZzJTL62ckJdhQIzkZXz-xfJvgs33iUozpu_OyTEyjSE-QnFnOMVGTWFK-ztyWGdznHg-4TcXYhWhVefgJRKlevRZ1askuVgpoDmEsz0zOqScntpguUDrgVF1fVJGMth5dtnqQ6FWj56v8Lv-QjY8pZsJ-uuI26O1P_rTH6IUvZ8dbmHfT-_PaDDRPBXuel6F26Or_zM792LVSA&sds=2&rev=89791&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZX5QWgAOmXgK4HcNAArHY9w_8h5S0ghQE46h4Q&u=%7ChiHgvtYhI02iyM8ghy4bTv2o%2FZ2mb%2BNrseDNV%2BRm4yw%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5DXMNFXP8JEHMXDOPb-ysyl93tK--qtNQdvtN5cnwUg8WAQZ9hIIY4xN1QFqyBwGGbo65f91gLFveb2uSgP1l-dP-xQQI0pW3vf3j8tw8m6leojGYdMoFICniIAhkaE1MCvi0YzN58wNOK22Ew7J2ka4vKvSiqumDyYCDukQq_T4h8GZRVIlcHECfxMHIowKla_Ys6zDHR4YApzAyCkay3rv8oxzKW4I3BJcW-5SCQu-XeANrUfP-GT2UsslPEyfIsroBTokTgOwSMZjjS383Dpx7oBUxrhiV4T-BJCgXeodFmXQbB2C1hteHFf_iURVR4feJ-YwXZFUCZ92sUZhaY6W8KgNp4XKokfHV4HjJUfeJx572RW7n0qroKUiUbPaCOyP0Z-60DNdyy9o6JZZCyoovDyEvdHgPXW1gLnTTs7Btdn88RkQYjZAP2_nyXMO8q9u_xW_BTTtdCZWXjMNwqGBN_K75X6SUyaBGp177v_dWatfaEd9Wo3_aUKe8-naaG13kT3URVhKYhwgkLP8nFGeog1XgadT6dI2CdWAsQ0kTHEZBARpX28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0ET_WlB-ZfiyOo3ugQfjjqvoBsme0rFc1Z2R93DAjbcBEAEgAGCV2oiCmAeCARdjYS1wdWItMjU3ODMwMTU0NjA1Mzg5N8gBCakCDqjL0mBHsj7gAgCoAwHIAwKqBOECT9BxxHIgIsWouNFH2H9W2nsZ6h1_91rCF4WKjw81W3CSLK8fC05mbWzlSCgxIA6L7hAHL2GcAPbTS_yTJ-jttmQ0FWqRAQLk4UXzC3aMU2brv49tBQgh1YuPi3-fuLR2UEOJ349tvhYsPbWpiXaPc9I5OvB9nWen9qM0_NdWUytc44jQmZzZ4jtNk6dXbnAERqNpuAN5c17c9319c7WjKkNbkFdEvAwnhB5nSjHkK6zzTF1cjyz82z3BuBpM4_32E5c7LX0gfjnSp1Uu4ezaQwvvfeUBVQ57T5Gd0MqqN3ozLEyKAIgJCXaBoCwtOXQm1nqtpDd0AlNc_doMliUDQ9SAplWZ2ZXWF1hamWD14fgFW8dWZT2bgBVLSA8Y5YpABIV00S3m0KHRWc7A0w_lOm9Fua2Sszgv7PNJUKjuzYLQJOeTOdQU2To8h5bvAmcXbecriNmV1uxFrNj1h8j1OvLgBAGABoyo5eX3p-_kHKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljpzPysqpWDA_oLAggBgAwB4g0TCKG2_ayqlYMDFQ134AodY8cKbdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2EzYML-J_9Mml3p7PpCuxRdL47Mw%26client%3Dca-pub-2578301546053897%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 17 Dec 2023 01:35:32 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
/
id.a-mx.com/sync/ 		66 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&tl=https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi&nf=0&rt=true&v=8.27.0&av=2.0&vg=rtbpbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.158.209 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
19c62d38766ab6fbe67cd6ae571e76aeefc4895770bd0ef91dd65388e52a5358

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bola.tempo.co
date
Sun, 17 Dec 2023 01:35:33 GMT
access-control-allow-credentials
true
content-length
66
content-type
application/json
prebid
id5-sync.com/api/config/ 		135 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bola.tempo.co
date
Sun, 17 Dec 2023 01:35:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
71e51290013cac0a4a8093baf03b88a872ecf250530c9da2a754abc0e5ad82cb

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 17 Dec 2023 01:35:33 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bola.tempo.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 16 Jan 2024 01:35:33 GMT
sync-all.html
adxbid.info/ Frame 8ACD 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:30d7 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
836b6e180b4e700b-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 17 Dec 2023 01:35:33 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4HnbtxJLkHSzd%2FpzS2%2B419rFPTZ%2BD4jo2l6%2FK1l%2BoyREzc%2F1b2E1ax%2BhTSomRGe32DH9CQTGCdT6Uy6HFWAOiKGp%2Fzqxs5fM56B2R8aRtXGT8vrxEsyCmx642HzrwXg7Vi4u7woa2QOYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 0328 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
11678
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
836b6e17dd105d76-FRA
content-encoding
br
content-type
text/html
date
Sun, 17 Dec 2023 01:35:33 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldkDnnUovu8ABJeDSujgxKbuSV5oSbRAAAeFGYpqNhwQH%2BsATRP0IhXB6GdZBuqAOW3NyCZjN%2BkRufIBFv9nyJ8mhcDe7Mu%2BYNnJi1uV2x6RH%2BB8gx1eksuatyrMYuOLQe7xPMtKHUW0trxxFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 17C4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
21efeee061732bdc5b146eb03af5996b3d1d8f1452bf86468ff0badfb63e4f62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8075
content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 01:35:33 GMT
expires
Tue, 19 Dec 2023 01:35:33 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame C2F3 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 17 Dec 2023 01:35:33 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
rtbdemand-d.openx.net/w/1.0/ Frame 7100 		0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 17 Dec 2023 01:35:33 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame D380 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 17 Dec 2023 01:35:33 GMT
/
onetag-sys.com/usync/ Frame EB18 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1702776926875
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 692A 		61 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4978796979
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.8.249 -, , ASN (),
Reverse DNS
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 17 Dec 2023 01:35:18 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 24FB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-105-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://bola.tempo.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76165
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sun, 17 Dec 2023 01:35:33 GMT
expires
Sun, 17 Dec 2023 22:44:58 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.73.176 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bola.tempo.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 24FB 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29727238&p=156181&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:32 GMT
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c43dbd339fa29c64002ce5d60b9b52ea3df1a9019fa9d514d1b862ffaa0ef83
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bola.tempo.co
date
Sun, 17 Dec 2023 01:35:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
idsync
sync.aralego.com/ Frame 0328 		0
0
984.json
id5-sync.com/g/v2/ 		251 B
530 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebidtempo3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
cf5688d5e8f7630950e3075b6fedb9b1245e298aefd90fb4ebb772ce6e5c2155
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://bola.tempo.co
date
Sun, 17 Dec 2023 01:35:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
getuid
eb2.3lift.com/ Frame 8ACD 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 17 Dec 2023 01:35:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
prebid.gif
as.ck-ie.com/ Frame 8ACD 		0
0
usync.js
eus.rubiconproject.com/ Frame C2F3 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5c6efe611f89a3032ad4fb270e4f389029c4d4a42e309664a28e1e8650fd4dc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sun, 17 Dec 2023 01:35:33 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Dec 2023 07:16:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=20416
Connection
keep-alive
Content-Length
13201
Expires
Sun, 17 Dec 2023 07:15:49 GMT
rid
match.adsrvr.org/track/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://bola.tempo.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
access-control-allow-origin
https://bola.tempo.co
content-length
25
date
Sun, 17 Dec 2023 01:35:33 GMT
server
Kestrel
vary
Origin
rid
match.adsrvr.org/track/ 		63 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=xuz42kb&fmt=json
Requested by
Host: scripts.jixie.media
URL: https://scripts.jixie.media/jxpublisher_3_1.nb.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
71e51290013cac0a4a8093baf03b88a872ecf250530c9da2a754abc0e5ad82cb

Request headers

Referer
https://bola.tempo.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 17 Dec 2023 01:35:33 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://bola.tempo.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Tue, 16 Jan 2024 01:35:33 GMT
upkiejson
accounts.tokopedia.com/ 		0
0
khaos.json
token.rubiconproject.com/ Frame C2F3 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f2725c115d816cae2dce6044d9cf3fcf
Expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKJ9ddkVtLPWmWi-JAfLF5zki26IJa7D_c8Ce9qapv21fBNqDpOtO6Vbw4ervXM_8AZh72OzqWs0tAbxDWrtFUBBYSS5eXBJwJlQIzIwOpOWoIfqyXUJPkBS-hNk-Bb-H-eOdtNgMnHiXIt800-eGjQA&sig=Cg0ArKJSzAIZlWs5OfH6EAE&id=lidartos&mcvt=0&p=13984,799,13984,799&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=4219639192&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1702776923673&rpt=798&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuR_dmWTrWpMf6QdSDZA8j9GYZdMnfXpZo6-JiFBe6vI8tvKr4xpD181VWFBTby_YWDuuKVevCrfpyQ4O87-pIsL29sj-sqV6rgEJJh44Oe4ZpsmAK62ByomP0ATuvK6NyLIArp6y3j9pVwAxRQ7aElDQ&sig=Cg0ArKJSzD3rWntW3SPKEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=2423418268&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1702776924754&rpt=112&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbola.tempo.co&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?
Domain
as.ck-ie.com
URL
https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
Domain
accounts.tokopedia.com
URL
https://accounts.tokopedia.com/upkiejson

Verdicts & Comments Add Verdict or Comment

612 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| documentPictureInPicture string| TiktokAnalyticsObject object| ttq object| dataLayer function| fbq function| _fbq object| _sf_async_config object| _cbq object| PWT boolean| gptRan function| loadGPT object| googletag object| _izq function| hj object| _hjSettings object| izConfig object| _cb_shared object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _izooto function| a0_0x19a8 object| defaultConfig object| prodConfig object| cosmosePixel function| a0_0x5dd7 object| ggeac object| google_tag_data object| google_js_reporting_queue object| _cbm object| pSUPERFLY_mab object| pSUPERFLY object| webpackChunk_dmvs_apac_dm_custom_embed_v2 function| dmceRender object| dmce object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks undefined| google_measure_js_timing object| google_reactive_ads_global_state object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager string| GoogleAnalyticsObject function| ga object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| twq object| owpbjsChunk object| owpbjs object| mnet object| ucTag object| OWT string| partnerName string| key object| _dmpesplayer function| _dmDynamicImportPolyfill object| dailymotion object| recaptcha function| onYouTubeIframeAPIReady object| gaGlobal function| lintrk object| ORIBILI object| gaplugins object| gaData object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Njc2NzVlMjIzNWZkZjg2OGxvYWRlcl9qcw== string| Njc2NzVlMjIzNWZkZjg2OGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady number| google_unique_id function| ttd_dom_ready function| TTDUniversalPixelApi object| regeneratorRuntime object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| pbjs object| block16436 string| text16436 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| twttr function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| $ function| jQuery function| CaptchaCallback function| switchTheme object| closure_lm_277207 function| scroll_it function| scroll_it_wobble object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| msgData function| __gnSendWrapperJSBeacon object| __gn_config object| gnpb object| gnshbrequest string| gn_pvid string| gn_native_template boolean| gnslibincluded number| gn_aladdin_vendor_id number| gn_beacon_rate boolean| gn_beacon_enabled function| izootoEmailSubcriptionCallBack function| izootoEmailEventsCallback number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 0c68b226-20f8-4832-b9a7-f90cbea61a3e number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| hijackabm number| unfilledabm object| andbeyondnewarray number| residual number| residual2 number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new string| sitemainurlandbyeond undefined| andbeyondhttp function| getQueryString_val object| andbeyondrefresh object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| netacuitycpde object| block_url undefined| width undefined| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size1601status number| size1602status number| size1603status number| size1604status number| size1201status number| size1202status number| size1203status number| size1204status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size4681status number| size4682status number| size4683status number| size4684status number| size4685status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size3204801status number| size3204802status number| size3204803status number| size3204804status number| size3204805status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots object| and_geo_block function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| refreshBid3rtb function| refreshBid1rtb function| callback0 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| YJ_YADS object| _aps boolean| apstagLOADED object| apscustom string| timezonename object| adloox_pubint object| ignore function| getGnshbrequestSlots number| current_time number| refreshval number| number5 number| j number| custome_axt string| temp number| sizeunfill300px number| sizeunfill336px number| sizeunfill250px number| sizeunfill0px number| sizeunfill600px number| sizeunfill728px number| sizeunfill90px number| sizeunfill970px number| sizeunfill320px number| sizeunfill50px number| sizeunfill120px number| sizeunfill160px number| sizeunfill240px number| sizeunfill468px number| sizeunfillleader number| sizeunfillleader2 number| sizeunfillgoogle number| sizeunfilliframeoogle number| flag number| success number| timeflag string| idnew2 number| knew number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passivedivgptadskinleft number| activedivgptadskinleft number| time_refreshunitdivgptadskinleft number| nextnumberdivgptadskinleft number| newflag number| diff number| flagnewone number| passivedivgptadbillboard number| activedivgptadbillboard number| time_refreshunitdivgptadbillboard number| nextnumberdivgptadbillboard number| passivedivgptadleaderboard1 number| activedivgptadleaderboard1 number| time_refreshunitdivgptadleaderboard1 number| nextnumberdivgptadleaderboard1 number| passivedivgptadparallax number| activedivgptadparallax number| time_refreshunitdivgptadparallax number| nextnumberdivgptadparallax number| passivedivgptadskinads number| activedivgptadskinads number| time_refreshunitdivgptadskinads number| nextnumberdivgptadskinads number| passivedivgptadmr1 number| activedivgptadmr1 number| time_refreshunitdivgptadmr1 number| nextnumberdivgptadmr1 number| passivedivgptadmr2 number| activedivgptadmr2 number| time_refreshunitdivgptadmr2 number| nextnumberdivgptadmr2 number| passivedivgptadnative1 number| activedivgptadnative1 number| time_refreshunitdivgptadnative1 number| nextnumberdivgptadnative1 number| passivedivgptadmr3 number| activedivgptadmr3 number| time_refreshunitdivgptadmr3 number| nextnumberdivgptadmr3 number| passivedivgptadmr4 number| activedivgptadmr4 number| time_refreshunitdivgptadmr4 number| nextnumberdivgptadmr4 number| passivedivgptadskinright number| activedivgptadskinright number| time_refreshunitdivgptadskinright number| nextnumberdivgptadskinright number| passivedivgptadsticky number| activedivgptadsticky number| time_refreshunitdivgptadsticky number| nextnumberdivgptadsticky number| passivedivgptadoop number| activedivgptadoop number| time_refreshunitdivgptadoop number| nextnumberdivgptadoop number| passivedivgptadoutstream number| activedivgptadoutstream number| time_refreshunitdivgptadoutstream number| nextnumberdivgptadoutstream number| passivedivgptadpartner number| activedivgptadpartner number| time_refreshunitdivgptadpartner number| nextnumberdivgptadpartner number| d string| timezone number| current_hour2 number| hoursssss number| flag444 object| andbeyond72820 number| flag_active number| visible string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar object| temp_ar_new object| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp number| m string| temp_val object| id1 object| sas object| apntag object| _ADAGIO function| jxloadJS object| jxpbjs object| _jxbidsq object| jixie_o string| mediaType object| jxtrkr object| jixie_p number| passiveandbeyond72820 number| activeandbeyond72820 number| time_refreshunitandbeyond72820 number| nextnumberandbeyond72820 object| GoogleGcLKhOms string| context object| videocode string| idnew12 number| videounit string| contextvideounit number| lnt_z object| google_image_requests object| criteo_pubtag_prebid_144 object| Criteo_prebid_144

75 Cookies

Domain/Path Name / Value
.izooto.com/ Name: IZCID
Value: 9c162008-215b-48b0-8a12-c02c8f6435f8
.tiktok.com/ Name: _ttp
Value: 2ZeK5ch26goh8dxOO3e5y1GZxuj
.tempo.co/ Name: _tt_enable_cookie
Value: 1
.tempo.co/ Name: _ttp
Value: YRc2EjN-PNfwIRGfaMrgm3YAuYS
.tempo.co/ Name: _fbp
Value: fb.1.1702776922677.842602357
bola.tempo.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.dailymotion.com/ Name: dmvk
Value: 657e505aa83d4
.dailymotion.com/ Name: ts
Value: 467607
.dailymotion.com/ Name: v1st
Value: 68a7d5da-f629-47a6-94bc-102e2c799cc9
.go.rcvlink.com/ Name: cache
Value: t5rY6dbduWj4
.tempo.co/ Name: _ga
Value: GA1.2.469069242.1702776923
.tempo.co/ Name: _gid
Value: GA1.2.1254602567.1702776923
.tempo.co/ Name: _dc_gtm_UA-23817453-1
Value: 1
.linkedin.com/ Name: li_sugr
Value: d317e446-15f8-4d0d-a77c-cbfd76382f39
.tempo.co/ Name: lotame_domain_check
Value: tempo.co
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2916:u=1:x=1:i=1702776922:t=1702863322:v=2:sig=AQFL3y8hHehcHOVTs6lHhl6XbDZ77YCq"
.openx.net/ Name: i
Value: faa5846e-ff89-43d2-82d4-f26f6403a4b6|1702776923
.linkedin.com/ Name: UserMatchHistory
Value: AQLIwrCe0N3aTwAAAYx1aePAxyU7BgngBEVN7LfsQ2UiYnTkzzKFLk9fY-l74jLBSkhezEABrNCzfQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJsZkpOHA8UvgAAAYx1aePA6RKv6iVgVc_5nyURlEERTU9Ibxt6QAutJHeY8gN4ml6Vt3YO4-IJp45bhYzpIg
.linkedin.com/ Name: bcookie
Value: "v=2&bc3df1e8-5b6f-4078-8ffd-b99a09891aa5"
.twitter.com/ Name: guest_id_marketing
Value: v1%3A170277692315926754
.twitter.com/ Name: guest_id_ads
Value: v1%3A170277692315926754
.twitter.com/ Name: personalization_id
Value: "v1_TarM+sE15WxGhYBD83Y9cw=="
.twitter.com/ Name: guest_id
Value: v1%3A170277692315926754
.tempo.co/ Name: _cb
Value: B6a8ZBKM7DiBwzFmE
.tempo.co/ Name: _chartbeat2
Value: .1702776923283.1702776923283.1.BXZdSWCi7dOcrMqAACEuSHK467v-.1
.tempo.co/ Name: _cb_svref
Value: external
.tempo.co/ Name: _hjSessionUser_3206663
Value: eyJpZCI6IjhlNmYxNzIyLTYzNTMtNWVkNS1iZmQ2LTI4NGI1Y2FmZjQ5OCIsImNyZWF0ZWQiOjE3MDI3NzY5MjMyOTAsImV4aXN0aW5nIjpmYWxzZX0=
.tempo.co/ Name: _hjFirstSeen
Value: 1
.tempo.co/ Name: _hjIncludedInSessionSample_3206663
Value: 0
.tempo.co/ Name: _hjSession_3206663
Value: eyJpZCI6IjFkYzkzMjFiLTg2OWMtNDk4OC05ZjA4LTc4Y2Y3Mjg3MDEwZSIsImMiOjE3MDI3NzY5MjMyOTIsInMiOjAsInIiOjAsInNiIjoxfQ==
.tempo.co/ Name: _hjAbsoluteSessionInProgress
Value: 0
.t.co/ Name: muc_ads
Value: 8fd29d89-6b7f-4c86-94b8-531c6c47ee66
.www.linkedin.com/ Name: bscookie
Value: "v=1&202312170135236eeb59a8-1b7d-475b-82f3-4bed64c90002AQE3RQhUJbEM-46VuWTcakl3myBnBXK6"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDI3NzY5MjM7MjswMjHCIbG8wILaJ4nASVbqsRb6PXtrj+GiBjGSHOLtRcKIBA==
.tempo.co/ Name: cosmoseUserId
Value: 1ec98bd0-fb30-496b-b8a7-dc8b6d0d62fe
.tempo.co/ Name: __gads
Value: ID=bd735c4aae7f2be5:T=1702776922:RT=1702776922:S=ALNI_MYJ71uy_x4OpeuCL3C8Bf23kQqGEg
.tempo.co/ Name: __gpi
Value: UID=00000d1de8fde0e4:T=1702776922:RT=1702776922:S=ALNI_MaeibB1GfToxI4Z_ofwnYJB1gHjKA
.doubleclick.net/ Name: IDE
Value: AHWqTUmgX_XTikXsOCzG0ViP6SIc03-D12wT9qDDUX_I44i7xHqFWkwXVZcJHKum4nk
.tempo.co/ Name: _ga_TBVMQFZY8Y
Value: GS1.1.1702776922.1.0.1702776923.59.0.0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 52a33412-027c-4a4b-b595-eac05d23640a
.casalemedia.com/ Name: CMPS
Value: 5143
.casalemedia.com/ Name: CMID
Value: ZX5QXN9nhWViryBAQysDCQAA
.casalemedia.com/ Name: CMPRO
Value: 5143
.adnxs.com/ Name: uuid2
Value: 1257025776529290803
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVJn5Br)!]tbPl1M>e)ZlrFUfJ+tGXxo]FmAH*Pu-j:OoiL8F4/4:Ri$vn`dWJ?8CK3d3If)y3KL9D3I?+h.[!LJ
.doubleclick.net/ Name: APC
Value: AfxxVi4LjN6j_2a5y6qy3kAEIqWC9RiDDR8ssw8rdA5oH_9yNP8fgw
.doubleclick.net/ Name: ar_debug
Value: 1
.tempo.co/ Name: cto_bundle
Value: 568N5V9nT0V6UkxubHBGVDZxS0dXUEJCQ2pNdUUzUXU2UmElMkJUTDl4ZGxZRXklMkJ4cVV4NSUyQkozJTJCZ3VwaloyQzB1UkIwY0NvQTRpaDJHNnh5VHRhT1JzWHNTUkZGeSUyRkNWdHdCalV2bERJZ0U0bVVmZjdTNVdzeHpVbEdCbTljajFhekR5WVIzang3NjB3M0czZnE0bWhwQ2JXOVp3JTNEJTNE
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 9e849c9fd22ac33b
.googleadservices.com/ Name: ar_debug
Value: 1
compass.adop.cc/ Name: ADOP_P_U
Value: https%3A%2F%2Fbola.tempo.co%2Fread%2F1740228%2Fdi-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
compass.adop.cc/ Name: ADOP_CID
Value: DE-231217013524-7c8fcc7e8cf24acd
.tempo.co/ Name: FCNEC
Value: %5B%5B%22AKsRol9rwrza3lSvPQhIhlTa0pWNDv5Mj0lfzcTmhzXzx2JNjHCPFgP3i_8d32lF2hQuIEinWKEu4gK2WZRPoC_D-oU3zFM7woPoMJ_pmDgtVoyDBVI1b1yKTT8T3Zz7e-UULljGavAwAyjAq1MyLfPE5pqiL_v3qA%3D%3D%22%5D%5D
.tempo.co/ Name: _sharedID
Value: b0a309c8-884a-4dd6-939f-ba1b2a84aa77
.tempo.co/ Name: _sharedID_cst
Value: zix7LPQsHA%3D%3D
.dailymotion.com/ Name: usprivacy
Value: 1---
.quantserve.com/ Name: d
Value: EGUBCQHXKoEA
.quantserve.com/ Name: mc
Value: 657e505e-101c9-57ff8-cb311
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a2b73a26-d189-409c-82eb-06f171304430-003%22%7D
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7703992872470747590
.yahoo.com/ Name: A3
Value: d=AQABBF5QfmUCEFnSi33FV-g-R_v4yJIAYjMFEgEBAQGhf2WIZQAAAAAA_eMAAA&S=AQAAAkpO-21qCkZrheUr_WBgaTA
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a2b73a26-d189-409c-82eb-06f171304430-003%22%7D
bola.tempo.co/ Name: ucf_uid
Value: 473301b6-5530-4673-ba03-caac0205395a
.rubiconproject.com/ Name: khaos
Value: LQ8TF1KH-14-8FWA
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoKieTm9DTP6i+IXqvPVzt4X6LBWwGzep2k2NKlEueGiOrGLAbkwIJpvywZgVDamJKqh5j/wXfvQ8xuhZpbWKLttRo/fwxDyKC+xUA9sgf/4eNEKcfJxgEB
.yandex.ru/ Name: yandexuid
Value: 8512772271702776926
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 58aa3a9e-289d-525f-a7a6-6b44c2d83b1b
.betweendigital.com/ Name: ut
Value: ZX5QXwABBbgHCU8FaAlc94GQ8iC5Pn0V97zdXQ==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.adnxs.com/ Name: icu
Value: ChkIiOiFARAKGAEgASgBMN-g-asGOAFAAUgBEN-g-asGGAA.

9 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1216222032391240?v=2.9.138&r=stable&domain=bola.tempo.co(Line 132)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://geo.dailymotion.com/libs/player/xbqdn.js(Line 57)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
javascript error URL: https://bola.tempo.co/read/1740228/di-balik-eksodus-pemain-chelsea-yang-buat-todd-boehly-merugi
Message:
Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbola.tempo.co&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772' from origin 'https://bola.tempo.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fbola.tempo.co&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://yads.c.yimg.jp/js/yads-async.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://geo.dailymotion.com/player/xbqdn.html?video=x8fl3x0&actionInfo=false&mute=true&dmPubtool=new-cdn-ce-v2
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=4978796979
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0f16effc2cc80b56bce3d7cd7a2a7196.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
8389997bf8787f82820e691018cfb2e5.safeframe.googlesyndication.com
87dc6a7e1bfdce1605ecb15dc49bb6f3.safeframe.googlesyndication.com
87e221c1dabb468bc443309c456b8d25.safeframe.googlesyndication.com
a.teads.tv
accounts.tokopedia.com
acdn.adnxs.com
ad.doubleclick.net
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
advertnative.com
adxbid.info
ajax.googleapis.com
analytics.tiktok.com
analytics.twitter.com
ap.lijit.com
api.dailymotion.com
as.ck-ie.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bidder.criteo.com
bola.tempo.co
bs.yandex.ru
c.amazon-adsystem.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.adnxs.com
cdn.ampproject.org
cdn.aralego.net
cdn.id5-sync.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
click.advertnative.com
cm.g.doubleclick.net
cms.quantserve.com
compass.adop.cc
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cpt.geniee.jp
csm.eu.criteo.net
data.adop.cc
dis.criteo.com
dmxleo.dailymotion.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e5914f7e7310376f93d54505df63b4f2.safeframe.googlesyndication.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
geo.dailymotion.com
ghb.adtelligent.com
go.rcvlink.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900027.redintelligence.net
hb.aralego.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.a-mx.com
id5-sync.com
image6.pubmatic.com
images-tm.tempo.co
imasdk.googleapis.com
insight.adsrvr.org
invstatic101.creativecdn.com
js.adsrvr.org
js.genieessp.com
kaikai-now.sg.cosmose.co
lb.eu-1-id5-sync.com
mab.chartbeat.com
match.adsrvr.org
medialead.de
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.adlooxtracking.com
pagead2.googlesyndication.com
pebed.dm-event.net
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.cosmose.co
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg-apac.smartadserver.com
pv.medialead.de
px.ads.linkedin.com
px4.ads.linkedin.com
rec.izooto.com
region1.analytics.google.com
rtb.adxpremium.services
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
rtb.openx.net
rtbdemand-d.openx.net
rtbdemand.apiip.net
rtbpass-us.andbeyond.media
s0.2mdn.net
s2.dmcdn.net
script.4dex.io
script.hotjar.com
scripts.jixie.media
securepubads.g.doubleclick.net
servedby.flashtalking.com
shb.richaudience.com
snap.licdn.com
speedtest.dailymotion.com
st11.rcvlink.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.hotjar.com
static1.dmcdn.net
statics.dmcdn.net
statik.tempo.co
stats.g.doubleclick.net
sync.1rx.io
sync.aralego.com
sync.richaudience.com
sync.targeting.unrulymedia.com
t.co
tag.adbro.me
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
traid.jixie.io
ut.pubmatic.com
vendorlist.dmcdn.net
www.dailymotion.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.tempo.co
x.bidswitch.net
yads.c.yimg.jp
accounts.tokopedia.com
as.ck-ie.com
c.amazon-adsystem.com
pagead2.googlesyndication.com
sync.aralego.com
104.244.42.5
104.244.42.67
13.107.42.14
13.248.245.213
13.32.27.19
131.153.158.209
133.186.12.50
133.186.12.51
136.243.84.75
138.201.220.30
138.201.8.249
139.99.126.163
139.99.126.164
141.95.98.65
142.250.184.198
142.250.185.162
142.250.185.226
146.75.120.157
147.75.84.158
151.101.67.52
162.19.138.119
162.210.196.208
172.64.151.101
178.250.1.6
178.250.1.9
18.66.97.37
18.66.97.99
183.79.248.252
184.30.16.183
185.106.140.18
185.64.189.112
185.64.189.226
185.86.138.32
188.42.34.65
188.65.124.58
188.65.124.66
188.65.124.90
188.65.124.91
198.47.127.19
2.16.164.25
2.19.105.180
2.19.122.48
2.19.217.60
2001:4860:4802:34::36
216.52.2.16
216.58.206.34
216.58.206.38
223.119.20.21
23.197.128.137
23.35.228.23
23.88.17.186
2406:da12:fbe:4202:41d:1858:3645:ec6
2600:1f18:1aca:4281:5c29:1117:1290:d127
2600:9000:2127:2c00:1:3676:a640:93a1
2600:9000:2127:bc00:8:50ba:2500:93a1
2600:9000:223f:fc00:8:48e:53c0:93a1
2600:9000:2250:7400:a:e047:753:a221
2600:9000:2646:c00:18:1fcd:353:c61
2602:803:c003:200::41
2606:4700:10::6816:30fd
2606:4700:10::ac43:266a
2606:4700:20::681a:467
2606:4700:20::681a:8a9
2606:4700:3035::6815:30d7
2606:4700:4400::ac40:994e
2606:4700::6810:5814
2606:4700::6811:180e
2606:4700::6812:d841
2606:4700::6812:d941
2607:4f00:944:0:3eec:efff:fed0:86a2
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2006
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::c
2a02:26f0:480:f::213:7edd
2a02:6b8::90
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::714
2a05:d018:d29:3601:7018:7dc3:a4e8:e820
2a06:98c1:3121::3
3.120.213.234
3.75.37.27
34.102.146.192
34.107.231.31
34.120.135.53
34.120.63.153
34.199.59.187
34.96.70.87
34.98.64.218
35.157.73.176
35.186.253.211
37.157.6.233
37.252.173.215
41.63.96.2
43.129.34.52
46.228.174.117
51.89.9.251
52.18.63.104
52.220.193.46
52.223.40.198
54.220.142.223
54.237.176.146
65.9.90.93
65.9.95.100
65.9.95.38
65.9.95.6
65.9.95.84
65.9.99.119
69.173.144.165
74.125.133.157
78.46.111.106
88.221.125.39
91.121.248.44
94.23.99.218
99.86.4.39
00b3daadad1897ac8c0691e6352ef5b6fad9ca0305d65837ec06b9bcf4a85ae1
010444ffb3c3f06a8b172ee90398d29bec521e55f19c1c80c5c8d3dec460f4e5
01498bf99b51d64677d0db3955212f5adbdb56a1d5156eb4e251907b2f92518a
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02662fae26a7590b79e3cb843a3fa32230e3993f657aafcb6deb32c72f840f31
02ae634650bd6f5d159bd3dc1106a964b1533c484e2bf5fe226d1dd422cd2837
02c7b000978c1d9c0a56b7984b112ac90699cea9015e67edc0ab288d841440de
0326f8649e060d956d88a71a1100723625e2d8e57dadcd53f8a4a8b2b341a380
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
04d549a4f168546afdc3608bc6ef4ad67a16a2bf2baf8c6770f88f524c924d11
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05866c5b04aecd7a2a18557020ef31b2c15b5a1ff157688ebe828c50117a42a3
0691a294bcd3c27b3303b4d2582631da45860159ea3beeb927e165031d216dec
06a92ad9413d4d22e50bb98e71dd503948311b789088d931366cb5bdc5f5f7ec
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0789e063fefc043f54c77e7b56cffcbc6473177e7639e77537c03a43ece0919d
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ae1ede93790ad347d74526480c0d05822530c9bd451370527362bbfe1ae31ab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d357169d710af38512ceef8154ab5ab7dba70bf9df61b329800074c8cc233a9
0db8bcca1db954cb820cb1306bd7cb4d267fb9a379c4821fadcb14898265a357
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fd7670f875a893003e1b31ea9d17216b7ee322f17cd45d496fdf7b4e30cfe0d
102ee957cf0c0d568f95bc86ba63719e752b942f97f1f07b486f1e981277ba2f
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
114f872abf6cae70383b09ca2168821991fde718702d79cdc457a49b03560cb0
1161debb479dfd0b3d63a4515bd922830e877c8ab17a22a5db14ae495283e2b2
119c0b07119f9e4b8991f91c53cb2648262e7746760d2249135051d08edc59f6
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
12728a18e7204afb22e1a8217e4cec5fc93f1dbe7e6bfd3990ca3cf7cf86f8dd
13654660816755ed701cb64b789457e591d7358229dbc2596f9169be6d0824e8
1444e461c740a9fc86a0801c70510c0a120d33bd76459921a4889500f330a842
14532612f856bcc41a39c19b377f374c1c2e6f710b223cf59097fc365def89f3
15b6a83056d39a5c1da5223406be638d868611ac4df7b0760c98c9007a1bf999
15d925d7e1c40fe9d138444034310fbdd5fa0778a9a15f1fd155ecea18b2a9af
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
17ed6fc59317912e64cf54c8cdab9d07a366a3926956f77830d2b70776d6e500
180dc12a73d75f837b0d86ce0eff5c6cc762eb1b1fbda654a12f61c7b3097667
18655862ada4d166c8c267d49bbfa12cd0e2555bb0ac7e8bd4111f7a7406296e
18ac79ee051f0d9626c71ee5c05499e0fa57103eba8db1b2fe57de60db6a05df
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19a6a9aa3a98a6bac02ac8f435a9f48bfd7ed554ba9159abac33b17ee7a6f172
19c62d38766ab6fbe67cd6ae571e76aeefc4895770bd0ef91dd65388e52a5358
19d44854a4b979ec52fc326e1ba83ee2d8a3882dcbdf4c9ad74470eefce4e5f1
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
1a94f7d0ea46c644a1064b4c1fd2bf8acd1e366ef5e21c5ee5c3b2ae2d6a7cd6
1b986d700646d7482d4d2d507c49ac8cbceb1850cd0a7e2c6d06decfde74b927
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1db2a90e6e3782834b6f20c298acd4ea7bac24eafe07b457c0f58e2130f442ad
1f450bb09a1773cc46b1bea9c46813982f15fae0b876f09fb7d0f0183bc1fc5b
212b10417cedbb5fc1a2067dfef9a7f53d04fc354900ac1344a45f6c35bc783c
21efeee061732bdc5b146eb03af5996b3d1d8f1452bf86468ff0badfb63e4f62
228103231438ddeb998fb47c021cc9d117a7ca0ee343bde2d80e14ba6009fa33
2291063995f62baed1232d05327bc1d5e268bda96d1a6879e32d8c60ae1617cf
23a7a772f258be3aec21ea1617a951c1f8a8867c69f446740826d0f6709b2129
24beb835505cc293b2e592cf705f2c4455798643dbbec9f7dec667f2d2d817b8
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
251e9b67408005183aefc63f5b2cdf136bddb8eec9a8080cdc072c6ebc16044f
259076184aac5805ce3fe09914e62d8a1368a7d23c289af5c17a11cc1e7a2cc3
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
26c814f5aa11f127f42207b37223073db641200845ca173a139f63866d5def16
271883b056b2ab839ebfb605d5f2d81e0dc6da1ebc5d8e89b32416124f234983
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
276eb2c36bf38b6f30867b8f8d0c107fbfa1b85a8cd6d14188f7e9cdb9e5d733
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2814503a85e4285b01eb861a657fecaf90df0f256adcce141d84d2ab2d30f557
284d7cae45e0e92faef37236ec477d843e3f4efbf9084c1d38696d465cb9b3bc
28a69aa7de4958abd6007a56cc367e9b166d1c7dd88a51c0e806899a45dddf0c
2acd1f8d72047b9a25420dbfe99059a9ff6f4c4c1a31ef33b5bea8e6e393a718
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d7e04f93797dca868560733bfe7342aabd013ae8bba52073a35bc5fd99e830b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee84bc512355829570f6c126372e4f4d4c71f2f3b7296fdbdbdd0002b127968
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3108e15dfc911f1a730106ee1e44c941639e0b7add838d095680425e86d086c3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
33be66f63aca50629829ad77a1b1def4d69887f267ec408420286cd0138dd587
33ff2ab75b50399cf7512b3c5a1b57d57ddd986f9e4ab6b4c71a53825d248384
34d1169609e6cacfaa2ae25548e5ba810396cd63fd8b527308be126040a92ca6
34e4265b5db14e03a4cf1e751805684c0294f52361f435951b1f827ec09ca75b
35080d9d3187be4cd798124da6ca85832780f1c9c4ccb97b24142f821a5548d5
35682b6d192865418ad4102e8be4970cfed03315f3f2b04a4d3f34904219a8c6
35d1f62a8388e4f2aa50a863b522d265a002e83dc94db6e192734a1c05f0cbe9
360f3bddff85b96344885fae3e6bde3fc33d7fff0fa2eb718da558d643ceb6aa
3610ab58586e4ac937af60fe2e086cd4d6385568d85a4c94bdbe086df6a261fa
3626738adede4be7d61eeabff0dc08cfded773f1a05e74fa154bc268758170ac
3643df25dbdb18f7d8b496114075d3fc2f05ddd3287ed96783b4a60ed2acff8c
36463b150d35014b92b223b4b62488c71c369b52f7b0bd1cd19dfb1ef9f2f38d
3670bb76971d4b17679ebd321b72b3edcb0c53e36966d957a0d322eb47788a08
37102439456373cf920c4466d2d122d857ca0d542db3d57157d1f00012950560
37af6403d9a17ea856744f99074b4c7c8b2c35df9c06bf4632112eeaf9434d9b
37d945e5d75ac62f4c585bc8bd044be59837ac5b0c3acf94f7b5eeb7076ae4b3
3822377f93c7c7475b7d0ba8173084d59707926b21b643af861ae2a806da7d7f
386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39327437bb4c3f219c9f380c662fbf70ddb546553eea35d91aa6a4130f813b41
39cef54102ef7d79c3e5dbe45b39807c45551c9fa12ca95b8c25c8020ea81520
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
3cb14e9c8a2d4d3e521fb97ce0d55514724737937967b9ee8f37ce1d78bcb083
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f72a34aeb6be15aebad3d119d6d92bfe2119aaf0d1e60b037b56416a7b37e60
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407c0ea74212ba3a966ae1d7cf3c8ecf68e6071c8b6194fa830e4560ec13635b
41aa81489480a7b032df8f8e5b2054248ce84de0a5c7cbe8587d49481b195062
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43bd361447317b7c915bafef98f4ea7de91cc83774f4b78cb011fbbd8a0ca293
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4452bc4d16309455982365fbe44c9294333c29dc89a7d69d6e7ac9ea92ffafb8
4515500856d80d9c0b3f0aea484f05d9c57babf619882c8341e03ed3b461f6bd
4524b123c36e2220bbd8062b1a33f111235ff03dec0bdab0d46f8f6ebc531cad
4534b7e2aaa49193df6fcadc77a7e7d57f8a968384cae5bb5b6c94834921e626
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45986891113c4ae3780f4974cd3facaf0146bf46605c1b9ef525896d75fa6aaa
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47c96f035a3804d2f34b097b83bc007ea25e533409be9cfef9f921b2cfb6af26
486f953b427755752bc1d64c2c9a832669d8095f624d51dcfac732a0d6e5036a
48dcc69d44e904faf032c2a3397268031c5cd9093b5e31d8a235acd142d91f5f
490ac3032dda1bf4e46c7bc273c0ef605e1ebe8fee0a782c017cd308709be28f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e42c44039f32056f1688d26ce8c2ebac6ab1c2eb9f647acd709038b14413f87
4ebdaf8c14e061acf2086dcf8848748d44eb586ac17a330c0c5d7b135c56672e
4f212f7c7d5ffe3238c26b9a44ece5ee0993f409f424ed362108828961e7cdaa
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f7ae41cd76cb58766edbd9689dd84915dceb6296fd824ed92cb2de976531f1b
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
5254156f55d4c30b386fd444cab5028a464a711fff86b9c206e1b941439ff5e1
525da9eaf9ea30d5d7c23d92162cc9a042c9888206fe180e8a1bd174fe95d81d
535c948a3fb70f61e32d7ee2bc9a4a56b651d05cdad873cdfc2b34fa1d770243
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
545a841bb3108d13c769e791e856dea8c330f876124c2c37da2c6cb2ea66f80e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5520e4443eeb79bcf4c7517ba02d872d58d27b8417df42747f6bfd7a33e27750
5598f272f3841f00397e03c90ddf40d755c3cfe3b2a6b30201afbbd102cb8ee9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55fa66b123b660503aea407f27701b22f60a877eec3fb4df71f2d6a3a1b485b0
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
56b6ecbd5269f04a438b612962a19c3c276862b9f80d690349fbc1866a61fda6
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
57b52f5da0136159be2f98cce04e43cbb19866c3e6d1d02662b2ee9f64622036
590c61257f84208acd5a0092ac8c965aad9837588bf758b42affd90e5af7ed59
5a0ac3cab44d05de4129b26e2e01862db4b4aa49c742c51b200feb0eb1b287b6
5bf6238ed413258a480a2a4550255220a959f007e3a08550934c2cd7ca425fc5
5bf63d561a37b665d42b820df38e11f97aa80b59af0ebba05ccfc118d4ac94f1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c6efe611f89a3032ad4fb270e4f389029c4d4a42e309664a28e1e8650fd4dc0
5e24b61f7ae7a4e552208ab7eb54601da5fd5af5a24a5cf542839398a33a9630
5f4c37afccb4a042e93622218b1872bf9c2b1dd972a513900aea4ad49014994f
600b932d00e9797d73cd25f25ea5ebc90e4566e64bdfd41014133873c2b4a227
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c3f279c024c4b28081fb6bda43f4e25dd8e7d9efbe3ade1d4ee0b188f88e79
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
641d1230f5557859984cdb8251c36144b81d44ea2d2abda56fdb5fb99ba9357f
642e0c55f52b2a291e47f5ab2d322e35f6776d8ce73b9cc0bd86c65bd4a26620
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
675676869d79d706a9672461e76c91308e81b494aa0fae261f81b0ca01e378e2
676bbd47c55112eb35926a090d340984946f1eda3a389aaf7af9f56c30d1cb1d
67eb7d7c944fc29587f7ccf530166d95a51ee3b667db6816c902ecadab9f0bb6
68382728eb42ec56a2c0305a103990281436b043588c196cb988bdf809cdf27a
687933e10052a9da8edc7cdf59c43bd3dec1a43dcadd93966739d20798ce0adf
68822610d911b6240b2e1d5e9f18d01205d8e165089e671b31b398d972b2839d
68d1e86a16816c3a536a7119e0cf95ca4ee9aeb95845fadf514d3f4a12f45f91
693c37a3c44d3478f575cc9bd65d9481e18f822d3e7d2162f69f1a1c534f8e9a
69aa44ad6883f039652f58e34508268cf970fc5320107e869b2c56514c68df59
6a072fbaa532ad687c9a8bc5c4031c7a5e013044e78754e18435499df53dd8bb
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ad7e4da4be1099fdb20371b3ef7654f4b5e977d03d17beb5e0339eb96c17a64
6ae583e72a811856f0b1e1ca97d84bb10400b8e3f2c9466533b9c53872e25aee
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6cbd2a1a56a3eda0da5fcd7da1e74f7cd34952a66da644827babd555a90301c6
6cbe2539d9cb125491bcc1110586cbd47a9e4f3da6bb46cbabd7eedbebee1603
6ce5caed30fa91c080e1f57d8debc7e2fea32a998c5f75342ff0dc2e9ae68b6f
6df196eaadf97f4ab3433774822bd27bef6bf243eb49567c0de5f15312e54380
6e0d6102e4a1c6d6e60742db4e6703473705cc365f0858223a763120642af4a6
6eab9c5940faf4875ba74f76ea909581bc577fad943041e12196621445175fd3
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7105374cd16978ae5a63302a709863123e61a5e91ee8dd05873b7c45921edaaf
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7187b9022bf0f2e39df2d8c8b6cddd91dff6e627c6a858b99b63e76a3bd92f67
71e51290013cac0a4a8093baf03b88a872ecf250530c9da2a754abc0e5ad82cb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72b2181e58d5c45800d66d36702794ca5ae5bf1fbc20f106442b7eac3191a623
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73c48a750a107c5809e5b332e74b0f1b32ddd1c24b98f1d9e8febf73322fbb84
74b6743617c31c5a1450cf1eebd939dbc2b0b9b4ab66b8b680c729bf1334b37f
75f29e0007825f2e358f0664b7c7d985d8cc665e8edce4b3d5ee8394f7641c7e
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a3367c54b10a6081c6b372186cff8a622b50c94c3d28aea915fb73afeedd344
7ac935e49b3fdd4c54a5af78ebeec59daa0111fcce5c4868f76e67fe06a2a24c
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ba59bdfa5df7ac0f5efd3d15e24f89455c8f30e3b8260586c0429b2219c2887
7c43dbd339fa29c64002ce5d60b9b52ea3df1a9019fa9d514d1b862ffaa0ef83
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7ce4b7adc0239e44e8f39f82dd54f9706e7d53ba0125ad3ed74b6ead94b8a1fa
7d767d65fb31085a29beb3d81f92b4fe04651fbade7bc8fedf537f48736999ac
7de5e3166a6732bf7dc503acc79d4b5ccd467339d287ef7c91a27422350d245d
7df07e55237808abf24296870e797ad4d6f05014defaf114812b04e0aae75dda
7f7fcda5f37c18def2314b911b02417b773c4f459df0d25931ffa7389b872b89
814c7235a0166d46981ff053ab51e284d1dd78abd81bcfa52ff35c9669436ecf
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
820f38e57524c4710d09238d042924b03a656393d1790c6151aba39ac9fa2b9f
82399d3e48f94a997bed9ed46c41561b5fa756db256b86cfbeb2879a0d43c6b5
826967cd2543a24ea167ebd3b7bcb09f8c90fc78fa5977b4866db453fdcdd492
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852f404e0e185cfa6f04fb6561c3fc9d570a7a2e3cba57b96196c9b26d937ddd
85f6a70cd115a11bdbd52bc7691a568fcb2251db4d4a4c78c1aed52e8931f3b6
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
88004917adbd7b6b060b06f46d6b7cffb33406df9e017f5d52a506de5dc7ab1d
8832e239195d3cfa866c0f9ac241f708ee7e76188b4ce59a39592cd7751dd9b2
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
88e60a962f7bf14532ad0db3e8ed5bff348f984360ce48371d11c3e6b1639b9f
89393790164cebc76682a7762a947160626322df0a0590e43f41c7374bef522c
89562c2eba6b7da720920bf42e6d586e231d1269fde01f897bd709df00919462
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
8a7539fb8fe5a46a2f78875feae0cf07ca418a9e30176fd785df923adda8e662
8a815f5ecb626476d0cc437566d8d7015da56886e46baba61d1bb89466533e5d
8c3a4f4caf2d0f2fad2998de43431e10093a661bc188c61fa5171f4d9ceea1b0
8cbd3790c1f0cd699fe319ffef8827e322d4d36e0e3e6c8d852a9a8011b5ebe7
8ced8ae4949739bd02c40d378e888a13292c8a42a3ead40829981d45b130cce4
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
921c1cf200e9b84acceddf7d1829fbf9a43383b8f221a596abafc40db465d503
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
939b0035ecb124377ea1fca65c703ca0a166ce80b95a9bca41ed8a2a61788251
95a63f4c0b1c6071120c8fb60c6432bbe8f2602031ff9abb54c8853e9f7bfe9a
95b212a9a68def2134eca4002fd9f3fdc1c2d19154929bfed758bd9018f1d6b6
95bbbb9ecce7860df9b823a0175fd9f3fc748c3dc0bc1576b0d30f40a7627f81
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96989ceac2e006ee2a8ad94227a94349547785614b2dac151b66cedff689903c
97005dd25cf70a636dc3cbbdf6b292ce3a83275dc375c313125aa845695a06d2
9749ae253745e6c2a525a8c92af57837198913f40418fc567d8c1d24404df70b
98127fba71c2c6ee5d4d3f08aadef4f649a713ef038fc5b66b473b6e90a76e2a
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98c424ff38dbedb9ff73604ba450074c96ff90b0257d80444a1c623f5d37a00e
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
9923f8e699a30ebd2212a198e6654b0b5481993bcf5b269ba14be62b74bfcacd
99d6b9fedb43ef9e8d9aaedf555f1e2e34f61eb602c00394f5ca490ea9b19adf
9a13c4b52110f3c884368f1b4588ebcc8af8f4be421e9b449f3903362c816996
9a384c6753357adc4b3a47cd0c1eaaa718839a35eb89543f65b850f59f1d2407
9a8b758fdf5cc8a6ddc72409227339b0c2a2aec1ef8502a8531f86fa067a17b6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b08669972de14ad0913b5a323ab1397f6bbfb0b8dedd0aa93252796c3d966e4
9bacc96ca3d001af3f36b0a953ba4a03890b82431e645c278d399085374d1456
9bf4cdd47a3940bb8f152e1e6ff5f8cc358fc41a95a296c2a557f476cf15dac3
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
9cdf42703d450b4732ad5bbbe519c05c911805449d3200ce42f716ce037b4114
9d5fdcf647f9e0947f3650f57ccfa9a6f9e4e6a24c09dd0b9f5502fedcd8c2a8
9d869186247098da9bcf0f4f468895d21ad37a3055078bf3be5ab7650c4deba0
9dfb44cffee99d525301745d95b278a473069c8b1ff1779ad56876aa48e4a8f5
9e147190bf2b71bcded8043a01ff102103adfded90a8c7e5f05b0271780d67ab
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e6f4d4e8369d766e3d9936f1f7b5695a19e251c7250e3f04f6ed9058a81cadd
9e78ab5e659ac5e747433db43f469fe3e905d96b2b3cd2719f6c31780fd96c6b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a12518c83cabec9c7b990821d4bbfa4eb98781945bde943f9af23ffa70315369
a1802c9f83bf793355aa23754a509beff4e7f233be36cc99bfb3668668b14105
a1815a1ca7d0c448de8bc1832def4e23914314313fdaeeaa49cee687a8d7b5fe
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a4c1a3b609b216f99061d9b36dce5915c8ca8e196efbd1c5b366e232846514e6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5255a056a139d8a7fd775688d53106792e2932b1d768d95ed726785529e2048
a657a42d3b974d65d2f57bb039b8a18c302b623cef36006a6fd59ccad1c1024b
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a835bf978eae51de1c210c53368a520812db4ed6bb51268551e2fc6ec9d3a9ab
a9037060df03210c6d886329dcacd8db520db1e15b956addd9e54a173f94aeb2
a94a44b482df7c3b5318e0104abb66233a16abe9e5f5b315d9974ff7302b5e6b
a9db5a8ce92e9d1e64b4dc648fcb2a7988850ed5205ef2f7cc1621680ccb8542
aa07bc3c7ff32cc3cd3c9408989b15f7fda9cce3320e374037eabaaceb940bec
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab9bfb58bbdd2119e7e0dcc23321653d73fc432dc5cb2a37b44f887000731feb
ac081b8bedfa7ace9ad61f7ef0a71bd8ede25d4537f848a3ab86de6b4d192a56
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad81969756b8c732d4719d2e1cf608265400652a6f58b3d290171b8290a140e0
ae0915a8616c799af8d5a13c68e2b18e7f6c9839219ee434d088448955e7f3ab
af3155184c74f0de2f2df274d08cd3ce8052d5d5c9160765d1512d8567381584
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b08d33cd7873ffaea37f335bf073075677e23ee4d6abc2208f7d84e0d07d7490
b0978fb0412437ad74f3482f09b3c0084254e06ca8a3956467c7a388746ab840
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bacd6249a8dacb352a69cd6fd65939f0eb3bea9aafb2fbef0b7039ccf173cc
b496fae0bf22e95b2ff8eb5477cb418c118245ac7e9a042dc5bac4a59e7ec249
b4bf33148b300484bf21f154d0507d8e82b60906523fb0f0b636d28aa8deb2cc
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5cd606e67876d3e7deb409da3c66b4f559b3f0a1d5afc303b6ccd06ac77416c
b60147a8f0031549e3ae8ed51ba9ef88a47820ddb812226ed845d28df4b79005
b9d104c0f7e0f0e958e1027e31ca53638eab96a0c3199d54f0af956051f9a784
babad227d4befc005db917f76547905d259662c630535b99b089457460d9147d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc546ab5163162ebc57a0927d3802c70a07cc91163b12b6701c7c198e3221128
bc8a4b87394f1fbd068be27530b4c31b5f49c3c0f44bf6d801fd9edba99bc05f
bc978c9056bf82bcdc7f8a2a71c0b26f1537aad1b09b049ffd0d62552b28f56a
bdcf5080b018eda5be1a663f1aa43cfba4d1ba58e6cab61cf18ae5749495f02c
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c0481712fe5bae84f1b02cc375afad77dc9e141437602c3a0717739654e9a003
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c816a3d5d84cc0d37fad879b5642c5bc957d38ff6a3ab739d7421c1e6eeb4222
c93513fa2d430c90381289c68b31ea59c43cdf667526db8d539e440e2d27de6f
ca3cef4c87055aab569108bbbc9d1cb2f9eaff0726e4850b52a3f508466a9302
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cae765e89c38588186de4b36811acb8e873a674a2ca9223dca8fb391a012082b
cc2f0364f5ff283bedc9513972c654373f04556786a035f287cbcd79bd21216a
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cd3445583e2026e415c87b4c14bb98ee5d25a3b9a00702f4de2e9014e01b947c
cdbe9b84c30a00229826b0b1e354c94d36dd6bf16e6580bbef43877689c8f5bb
cdd8a972033df4f9becca5594932932c61fe3606f96c040fa9d86a66a05f5ad0
ced57816e9beb2f16dc1ac6c34ed5bf3b96215a233bc8341eb1916a7199b1fe0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5688d5e8f7630950e3075b6fedb9b1245e298aefd90fb4ebb772ce6e5c2155
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d101011093afbc522b37727297c7aa26138d5e6609e0317242977b4d4351436f
d192ff006ee3cd44950e3556d10b3590a004d10330faa871d042844273244da9
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339
d318952cbcab65ad0c8cec65a85989db5499acf46372de02cf434fd7c0b4750c
d7b2384f0711ce8a87cd7d8452a10c4b6e64ab1f4d326135d9f9c33f8a6d1a8a
d80935360fca46968bdc6d751c7178e8f224eb12537892e0c9b0a7bd16eef73c
da1665b9495b4fe21d8850e4269ebb94b45f01f6272098af30d9a8c383b37e96
da2c208d0ee49eee1e3d4767afdcce47e0abcf38118831e449b29896ac0137b0
da6d24883397ebc7c5f74110e0b8473a68110e2a54deede635cc5214598a706e
da7972bf2aad9d8532613551bdd32c4254540fa271f348e4143c0fd16652dbc6
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dbb9a3e6234a056a1ccc1dc213d65ff68f4584ae40922b510195ab6b84e2e96a
dbfe15775f20218076b63172bdaa2972f7c25fd0a375d2b056b36ce0ed5f0b94
dc8e270a6c4089b306a6058d541e71d584db80c236f99875470008a97c8303c5
dd1b2af4052b5d98a0d9ffd597d9e974fad7b4e8023f7634a32e06bc0bf30322
ddbae005794827772fd88ef853cd925bbbe33f25b10d9cc7eeac8d555ed18ef3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedc140980acf11856cf47e3cb3e5babbc7812ae9a8deafec03dd451aefa0590
df08c6aabddf64f4e2bbd30c5628af0883842d74e4d30121cada5b086acbf3e7
df1f1074341c857373f70ba7053b8f4728256d5a57fd246daad04ccaa2d8cd0b
e05cd4f9280ff152f6b2db846ec76fe218a2a13fdfd7fc8d4b3d89d8e8fd14d3
e0f1f1e674b15396f20a6abf24c0fc41bbff12f53260be85631609f094f64dd4
e21f4e7e88783b14a82c666b81649a49dace8b1fd9a1ec27a8e17b2ae26bbc94
e26ad74097535b49041544a27f03e9f2af0de5cabb449dd6b98f45618808ca34
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447bdacc4737f4d6e541428b9565ba7e290ebba261dba6def30bd1498a4980
e447900ce1050ab6f9ac3519a30836eee1100fe0d7e862d547aeacdcaf4317c6
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
e517c9063aa53dd23a8d7b0b3c592886e8e55610b5c93068d778d7d5c9cc5077
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e815b8dff2deea57dac496bdaf8e4a6dc8deb14bc1f9d48712605bc616363402
e84314e900800effb0c80ba1b8db4a3c7baec04aa708bb886e5d2e4546063a40
e8487ee44a3dea8e8c2d32bd7ceededa2da8831e5e6d3602aee635c990890b4b
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e954c3c49561c9b19c862ed57a65800d0cbc99a0c85457bb74318bc9b3d33976
ea61f5852605a8fe943e2ffd25651f24c9571665ab9fa392a55d5486d4750679
ea8c384c37fe468cc90de8e2fe4dbedef455d3553bab14495a72ecd70eeca8bf
eae9534858fc319b8284aa51ca14a0f467c291e0b83c39e67b8665c8515d4a0d
eb19c27f8bd0902abd6606440d4de8f4d8bd54700e6a04112401f155e2947acc
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec746b24a0894a03727f95c601be70f83b6aae8af9c8040fb3fa1436cf186d18
ecf8baffa0d5e17b1547391eb563d7a5e653d1914425051e57db126c4fd6ac2f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee66edd462c5f20df5b98f22ad04aa863ffa010077279136badb892faf4869ae
ee9ef045df791fe81969dc01004131f84fc3ceb86e2c6f81bdcc4bb81ca319f6
eec3c6cd7c24a702b4498c9564dd6749186ba1ee870dd620b8984b7f7264d687
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effe23a6aac297dba95a5f87d7bafd4d887d7d2ddd09e333bde8b3e4b43a0cb0
f02f3e282819c32b45a25ee7ad921262af59f271e66325ba941ce7f1ed742f0f
f2008c0dd9a2c75bf47b19520b14edb568ec1c9cb0cb2b591415f2f992cd76a3
f23701dbca02ddee63af2038ab151baa72c7936c1473769c2f868221653c3475
f2964006fc9c5c1bd1ceeb4353b7dba57f1f569d71e2de32653e909d28ad7cc9
f2b99e0ac804013dc7370410a8653c4f42082e990c1000809eb9a9aea52d2c97
f2ce7f23196d64fd502723f1b26b34ac19131faaf771ee3b1f03ef25e045f547
f3aaf5d3c05ef25bdb66dcc560a009f0728d172a44294eb2ec7852fb13ffc2e7
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f40a7eafcb8d0cc02a4cdbb7a6081d05972b4a0cc2f490e75178e4ff901de1ab
f4a48a95c074e305e6381f269b8697228027d2e1d2f5947a2c3e32abf59d9236
f4b9f54fbd130146b91e6f5514def1789e36dd608550a3469d7790b145b057df
f4ccee8d8068a3b3379e47f428773dbb070498dc38508caa023c4642a0502149
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f4f0ee27a2bd689131c91420625c7f28583cc5c7c282da7bd29a7f4628c0e51e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5b8cd3769f1ab6a0c54634b026bc0226b5328c9fc75d4f7066464605e892daa
f6c673fc8a68cccb3da624320185b0534bce08bede2bb716f2a73d814714df06
f6dcd30de84f794e035e8b2a5897f2a1b230a86d652fe29ec28bbb6e96224e88
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
f775ca6edf7ce1bab2754b33aaac62509687c01f92282753a78cae627f5ee537
f8303ee1d962318209a80ebf5168af2407ac4c76a9fcd0fe8526d33ab678d4a6
f873d2bf0ce5272bae13f93b0e5c193d03f8b3b46fb0d7114cbfe4b9bee1a8ec
f918cd9b815871fd79a1651e509629573fef2d3329a0f2b5c76c44fb05eede44
fad578fcd979d0e474d9c0c706f30fde4dc10ae218f5f324b4e7c6a8e00bbee9
fc1f36d89ddb377187edd50e7e1cbb9511baa256f6c57711f02601edab716361
fc673379edc0efeacadf14415576ec54dea2e4236a993d255cce6ff238521db5
fc8bb0f3fa3fdcefa4d882cacf3ed5d37983197d17b8badf931f859d3050c6f6
fd8c1cf4274cae5e1e5a37133cc23b80392ef88c43b798d3748f43948dbb53f0
fe5a5f3469030993701e2cb0c63a1a66b1a3d59f87d35a5fc0fb0503fb534cd4
feae59cf001ba4020a52a3d90cdc62d2112a7a8147f54e4a533e14a7a52eec3e
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff4e0ee9e862b14abf5a9e272145ef0d2796d6c99dd47ba3c0c49ca00aed287e
ff81aca4cdd7d756175561f958c3a6424ba75eb94f347ed585ad6e0d21d08bad
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995