www.gool-sport.com Open in urlscan Pro
2a00:1450:4001:812::2013  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://kooza.club/kp4cUWq HTTP 302
   https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 37

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 53

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 55

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 106

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 107

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=

Request Chain 108

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?addtl_consent=&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLpu4-I0kcBbm8NnaiPLlwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 110

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzOTg4NTUyMDkyMDc2NDYxMw%3D%3D

Request Chain 113

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 138

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 139

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=

Request Chain 140

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLpu4-I0kcBbm8NnaiPLlwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 142

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzOTg4NTUyMDkyMDc2NDYxMw%3D%3D

Request Chain 190

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 227

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 229

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 231

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 240

• https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2EwOWNjNDAtNGE2Ny0yOTExLWMxMGUtMGJlMjVmMDkxYjY2&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 242

• https://sync.teads.tv/um?eid=3&uid=&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Mjc2MjI0ZjktNjQ5OS00NWVmLTg0ZGMtMjI1Y2Q0MjJjNjEw&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 279

• https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=85bb12b9-c561-11eb-b328-14684a3a0506 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODViYjEyODUtYzU2MS0xMWViLWIzMjgtMTQ2ODRhM2EwNTA2

Request Chain 313

• https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&redir=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0xamJubjRKRTJ1SHNjb3lGck1rOGRkei5JQnBRSHNiZH5B&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 314

• https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= HTTP 302
• https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGFUMmAzV8Ryy64aA3rCQZc&google_cver=1&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=

Request Chain 315

• https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5YTE5ZDliYTcyYzdmMzE2NTJiYmQ4NmM3NDY3YQ==&gdpr=0&gdpr_consent=

Request Chain 369

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=

Request Chain 370

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?addtl_consent=&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLpu5RgckPAPzYFFtEJ8-gAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 372

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzNTM4MDQyNjI5MTMzNzI4Nw%3D%3D

Request Chain 480

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=

Request Chain 481

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLpu5RgckPAPzYFFtEJ8-gAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 483

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzNTM4MDQyNjI5MTMzNzI4Nw%3D%3D

Request Chain 499

• https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2M0ODFkODgtYjI0NS0yNzcxLWQ2YmUtZTJjOWE5M2I1ZTQz&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 501

• https://sync.teads.tv/um?eid=3&uid=&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmZlNTdlYmMtYzBiMC00Njg2LWFiYzYtZTZkMGMzZWRjNzIz&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA

Request Chain 506

• https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=1&gdpr_consent=CPHSFTuPHSFTuAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent=&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODViYjEyODUtYzU2MS0xMWViLWIzMjgtMTQ2ODRhM2EwNTA2

654 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
22 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request blog-page_6.html Show response www.gool-sport.com/p/ Redirect Chain https://kooza.club/kp4cUWq https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq	156 KB 40 KB	279ms 242ms	Document text/html	2a00:1450:4001:812::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 755397920ced6d3650d7a830dff0ec2411569e9c47802dc65219e5ac6c5c5fb6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.gool-sport.com :scheme https :path /p/blog-page_6.html?&url=http://kooza.club/kp4cUWq pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type text/html; charset=UTF-8 expires Fri, 04 Jun 2021 18:20:17 GMT date Fri, 04 Jun 2021 18:20:17 GMT cache-control private, max-age=0 last-modified Fri, 04 Jun 2021 15:39:42 GMT etag W/"f5936853a875ef6ddef2909d71de0991d92562a8fac3a08daf3109ee92d4ad13" content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 41080 server GSE Redirect headers date Fri, 04 Jun 2021 18:20:17 GMT server Apache x-frame-options SAMEORIGIN SAMEORIGIN x-powered-by PHP/7.2.34 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache x-robots-tag noindex, nofollow set-cookie AppSession=baf3c5fe813601fbb1aceb5215b7188b; path=/; HttpOnly iwashere=yes; expires=Fri, 04-Jun-2021 18:22:47 GMT; Max-Age=150 csrfToken=887760af1a89c42a4f0586790bfb2980c534beb2a08c477312641e0bbd51bfeafcc39b13009d27c9a7407c442a2e22364f04e941f56d6055918114f7625a9ea0; path=/; HttpOnly location https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq content-length 264 content-type text/html; charset=iso-8859-1
GET H2	200	in-view.min.js Show response cdn.jsdelivr.net/npm/in-view@0.6.1/dist/	5 KB 2 KB	7ms 6ms	Script application/javascript	2a04:4e42:1b::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/in-view@0.6.1/dist/in-view.min.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 1361925 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 2129 etag W/"14be-WmlQIO/ElIG9SfA/X8UgGV8u+ls" x-served-by cache-fra19140-FRA, cache-hhn4081-HHN date Fri, 04 Jun 2021 18:20:17 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	js Show response www.googletagmanager.com/gtag/	119 KB 46 KB	28ms 27ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-S2E9JBMKHP Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bb599de72891722807b4db88b68cc424732b059d0c6591253f16d081da9a9c3e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:17 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46713 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:17 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	134 KB 48 KB	69ms 37ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bca58cb91d0442fbc4394a6675603165ecaa067a92f4f6e115e34dfa2833a37a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:17 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48419 x-xss-protection 0 server cafe etag 13744972075384101287 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 04 Jun 2021 18:20:17 GMT
POST H2	204	collect www.google-analytics.com/g/	0 84 B	26ms 25ms	Ping text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-S2E9JBMKHP&gtm=2oe621&_p=1502127620&sr=1600x1200&ul=en-us&cid=1904851795.1622830818&_s=1&dl=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&dt=%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D9%82%D9%8A%D8%AF%20%D8%A7%D9%84%D8%AA%D8%AC%D9%87%D9%8A%D8%B2&sid=1622830817&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-S2E9JBMKHP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:17 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.gool-sport.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	icon18_wrench_allbkg.png resources.blogblog.com/img/	475 B 833 B	41ms 6ms	Image image/png	2a00:1450:4001:813::2009 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://resources.blogblog.com/img/icon18_wrench_allbkg.png Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 31 May 2021 22:33:59 GMT x-content-type-options nosniff last-modified Mon, 31 May 2021 19:53:14 GMT server sffe age 330378 content-type image/png cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 475 x-xss-protection 0 expires Mon, 07 Jun 2021 22:33:59 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.2.1/	85 KB 30 KB	41ms 8ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 13:01:28 GMT content-encoding gzip x-content-type-options nosniff age 105529 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30306 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 03 Jun 2022 13:01:28 GMT
GET DATA	200 OK	truncated /	1008 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4d740d47e9001830347fc7db698eb52615142e160858c8d995dd7d3d8e1b8554 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	365 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1fb735586bde96666688242da255ea15d760baf571b7cb60c58042d59fa2d5df Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	687 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 781a3918d53f00188fac954dd8b5cfda6735ad1d25234f443ecfbac157e1b0d9 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ab1cb8a2184295464277a237679cbbe99415982ef7f72befd4c69286a4dd4039 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET H2	200	SLXGc1nY6HkvalIhTps.woff2 fonts.gstatic.com/s/cairo/v3/	20 KB 20 KB	8ms 8ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cairo/v3/SLXGc1nY6HkvalIhTps.woff2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87ad52f9b7ffdb6b14a3a8f1d319eadc0cc2db0fb1f6495d25576b2e20ba6008 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.gool-sport.com Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 02 Jun 2021 00:37:02 GMT x-content-type-options nosniff last-modified Tue, 20 Feb 2018 23:35:18 GMT server sffe age 236595 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20720 x-xss-protection 0 expires Thu, 02 Jun 2022 00:37:02 GMT
GET H3-29	200	SLXGc1nY6HkvalIkTpu0xg.woff2 fonts.gstatic.com/s/cairo/v3/	18 KB 18 KB	28ms 27ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cairo/v3/SLXGc1nY6HkvalIkTpu0xg.woff2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba36a11b5b293a0340e9e18719b981b6348b52c9c8c4bda4ea83b9e2c817ebf5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.gool-sport.com Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 13:27:32 GMT x-content-type-options nosniff last-modified Tue, 20 Feb 2018 23:35:08 GMT server sffe age 276765 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18100 x-xss-protection 0 expires Wed, 01 Jun 2022 13:27:32 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	62 KB 21 KB	170ms 65ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 01616fc830e66b65edc8dc5283b83f9435801ca17df7ae4a891f38a96b9ea673 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 864 of 1000 / last-modified: 1622804990" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21347 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H2	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	212ms 108ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_728x90_desktop_sticky_DFP&sz=728x90&t=Placement_type%3Dserving&1622830817864 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 1e028a971c5814cca22a485d852c4210e5b19fe6d814ad7341f7bbc117b5c45a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13065 x-xss-protection 0 google-lineitem-id 5665636522 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346491574 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	403	invoke.js tacticschangebabysitting.com/7fec93216ea8c05d939f39707f883bee/	0 0	379ms 132ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/7fec93216ea8c05d939f39707f883bee/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H3-29	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/	232 KB 86 KB	64ms 63ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9234038752480616&plah=www.gool-sport.com&amaexp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0d5f76008f1784b20b99d51741b2f8b8bbee28d5f2950ca2cf4226b6d61b1344 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:17 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87637 x-xss-protection 0 server cafe etag 15632250250964762239 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 04 Jun 2021 18:20:17 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/ Frame 6D2B	10 KB 5 KB	7ms 6ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210601/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210601/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Thu, 03 Jun 2021 23:22:09 GMT expires Thu, 17 Jun 2021 23:22:09 GMT content-type text/html; charset=UTF-8 etag 15349191498103243965 x-content-type-options nosniff content-encoding gzip server cafe content-length 4506 x-xss-protection 0 age 68288 cache-control public, max-age=1209600 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	403	invoke.js tacticschangebabysitting.com/620be74363f719a1983aad4691b637de/	0 0	341ms 135ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/620be74363f719a1983aad4691b637de/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	counter.js Show response www.statcounter.com/counter/	38 KB 12 KB	80ms 31ms	Script application/x-javascript	104.22.53.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.statcounter.com/counter/counter.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 410a0b1644ab7de97e4d8088844919e862487baef25ec58a2e410f12d27f1fbc Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:17 GMT content-encoding br cf-cache-status HIT last-modified Fri, 14 May 2021 09:30:46 GMT server cloudflare age 31308 etag W/"609e4346-98df" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript cache-control max-age=43200 cf-ray 65a32ca44a5d10eb-CPH cf-request-id 0a79da3aac000010ebca95a000000001 expires Fri, 04 Jun 2021 21:38:29 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	204 B 440 B	60ms 58ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.gool-sport.com&callback=_gfp_s_&client=ca-pub-9234038752480616 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9234038752480616&plah=www.gool-sport.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash ee9a10347cae17dea5d3daafa7590ad51caf4d555a3690404044541b85b2923d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 193 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 799 B	61ms 29ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9234038752480616&plah=www.gool-sport.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 553 B	60ms 27ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9234038752480616&plah=www.gool-sport.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame B6A5	11 KB 907 B	89ms 87ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-9234038752480616&output=html&adk=1812271804&adf=3025194257&lmt=1622821182&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622830817882&bpp=3&bdt=177&idt=119&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7423462688771&frm=20&pv=2&ga_vid=1904851795.1622830818&ga_sid=1622830818&ga_hid=1502127620&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=826664365822009&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=140 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9234038752480616&plah=www.gool-sport.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5fdb055260e1d09a65ddcf1945bfc34de6344475376fc75e2be60e70dcc00b21 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?npa=1&client=ca-pub-9234038752480616&output=html&adk=1812271804&adf=3025194257&lmt=1622821182&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1622830817882&bpp=3&bdt=177&idt=119&shv=r20210601&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7423462688771&frm=20&pv=2&ga_vid=1904851795.1622830818&ga_sid=1622830818&ga_hid=1502127620&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=826664365822009&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=140 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 04 Jun 2021 18:20:18 GMT server cafe content-length 884 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Fri, 04-Jun-2021 18:35:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 04 Jun 2021 18:20:18 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	63ms 26ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9234038752480616&plah=www.gool-sport.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656037121142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28114 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame BABA	668 KB 165 KB	60ms 37ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4753 cf-request-id 0a79da3b3f00004e31a9ae6000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F1hsHFzKICsWB0Dej8fGF96SS63RrKHTliZBrP1Iebn9L0gQDFrnb1nziAuCDeFqWtAEM%2FdLrouWqvq%2BEzluSjwpycrb7R59tUZb73ILgAOJ8LKfWPnC%2BQJRK8RhcMzh6Rqm"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32ca53fa84e31-FRA
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	39ms 39ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-9234038752480616&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=false&a=6%2C1%2C5%2C7&apv=20210602_113832&sat=1622794419037&afm=0&as_count=0&d_count=0&ng_count=0&am_count=0&atf_count=0&mdns=0&alldns=0&allp=34&fd=(0%2C3%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1200&su=www.gool-sport.com&r=0.1 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame BABA	62 KB 21 KB	55ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d3b1e91595e00d961f95eee4229b527cb8790f1e5718734ea0c85ffb69471cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 409 of 1000 / last-modified: 1622805049" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21373 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 7D9F Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	105ms 35ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:18 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:18 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H3-29	200	SLXLc1nY6Hkvalr-ao6L59Y.woff2 fonts.gstatic.com/s/cairo/v3/	21 KB 21 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cairo/v3/SLXLc1nY6Hkvalr-ao6L59Y.woff2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 527d429d6eaa790e35276cc2f97804847991623fdf17e1bc7d22c2858b9ca240 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.gool-sport.com Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 15:32:28 GMT x-content-type-options nosniff last-modified Tue, 20 Feb 2018 23:35:11 GMT server sffe age 269270 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21464 x-xss-protection 0 expires Wed, 01 Jun 2022 15:32:28 GMT
GET H3-29	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	163ms 101ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_728x90_DFP&sz=728x90&t=Placement_type%3Dserving&1622830818265 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash a13d7c65453de742e74c8822517115e6e7bcdee30619fab2ad2eaba859afee5c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13054 x-xss-protection 0 google-lineitem-id 5665633183 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346489777 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	SLXLc1nY6Hkvalr-ao6O59ZMaA.woff2 fonts.gstatic.com/s/cairo/v3/	19 KB 19 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cairo/v3/SLXLc1nY6Hkvalr-ao6O59ZMaA.woff2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c67c2b7e0a08b929a736180690a8c51c05f36d4fc8e26773fb47cedb23c0380b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.gool-sport.com Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 04:54:39 GMT x-content-type-options nosniff last-modified Tue, 20 Feb 2018 23:35:12 GMT server sffe age 307539 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19092 x-xss-protection 0 expires Wed, 01 Jun 2022 04:54:39 GMT
GET H2	403	invoke.js tacticschangebabysitting.com/7fec93216ea8c05d939f39707f883bee/	0 0	133ms 132ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/7fec93216ea8c05d939f39707f883bee/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H3-29	200	pubads_impl_2021060301.js Show response securepubads.g.doubleclick.net/gpt/ Frame BABA	312 KB 109 KB	144ms 72ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 03 Jun 2021 08:37:25 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112073 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H2	403	invoke.js tacticschangebabysitting.com/59fd9709e7a2469da3bdfe683fbcfa39/	0 0	136ms 135ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/59fd9709e7a2469da3bdfe683fbcfa39/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame A515	668 KB 165 KB	32ms 32ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4753 cf-request-id 0a79da3c8d00004e318da99000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BwBh4iB1iFx2cBx4CC9nD4TxdMKSSkcdrMUi55mpNpkmotMdX61E3bc%2Fo9LGvz5MgjSIkXT5EAMd5%2FrFts03r320N1UsCXiDrbdXov5oDzRLznBxppEA%2Fe6vCUqcN3nt02k0"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32ca74ea24e31-FRA
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 7D9F	31 KB 10 KB	37ms 37ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:18 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28821 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame A515	62 KB 21 KB	30ms 29ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 940 of 1000 / last-modified: 1622804990" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21347 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 87AC Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	39ms 39ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:18 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:18 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 7D9F	284 B 536 B	163ms 43ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H3-29	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	107ms 107ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_728x90_DFP&sz=728x90&t=Placement_type%3Dserving&1622830818570 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash a13d7c65453de742e74c8822517115e6e7bcdee30619fab2ad2eaba859afee5c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13054 x-xss-protection 0 google-lineitem-id 5665633183 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346489777 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	111ms 111ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_728x90_DFP&sz=728x90&t=Placement_type%3Dserving&1622830818571 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash a13d7c65453de742e74c8822517115e6e7bcdee30619fab2ad2eaba859afee5c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13054 x-xss-protection 0 google-lineitem-id 5665633183 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346489777 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	403	invoke.js tacticschangebabysitting.com/31de8c8e326c82533128514dd650bfab/	0 0	138ms 137ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/31de8c8e326c82533128514dd650bfab/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H3-29	200	pubads_impl_2021052601.js Show response securepubads.g.doubleclick.net/gpt/ Frame A515	311 KB 109 KB	76ms 75ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 26 May 2021 08:37:30 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111649 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 87AC	31 KB 10 KB	39ms 38ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:18 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28821 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame BABA	107 B 122 B	49ms 48ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame BABA	107 B 122 B	49ms 48ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame BABA	13 KB 8 KB	529ms 528ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3000484437559475&correlator=4184841418700611&output=ldjh&impl=fifs&eid=31061224%2C31061371%2C44744015&vrg=2021060301&ptt=17&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_728x90_desktop_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D3a395bc5b81a85d3-2265b252c1c800a9%3AT%3D1622830818%3ART%3D1622830818%3AS%3DALNI_Mb20n_8NtCsZITTGdG7x1HTIJ3FVQ&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830818&dt=1622830818655&dlt=1622830818087&idt=494&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=150&oid=3&adxs=872&adys=518&adks=781404011&ucis=dpc3l6fcfoiy&ifi=1&ifk=3286901705&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x150&msz=728x0&ga_vid=1904851795.1622830818&ga_sid=1622830819&ga_hid=936074236&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 9384ea8c1b0b043a8dd5e6434693fa1b278d40fa07ff93ec4a7e743ecff478cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7975 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BABA	0 0	100ms 26ms	Other text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 87AC	284 B 536 B	98ms 42ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame 1767	668 KB 165 KB	32ms 32ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4753 cf-request-id 0a79da3d7d00004e316717f000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sYHtdgj9WJ7KI28GL%2BigE4xD9SW%2F151BczGo%2FZzrmT%2Bt6VhmNPCa6P0BnIVmwdU1Awh8M2SiO2qnl4wb2G38BqzCmpseP0Kcs%2FQCNrb0nQSqSewS7P8MkwVQr12uFufyIivF"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32ca8cad54e31-FRA
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame 7B91	668 KB 165 KB	39ms 38ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:18 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4753 cf-request-id 0a79da3d8d00004e319f8df000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5e4%2FatQMhDA15mm%2BD226VzcARlVKSrkM%2BbEXQj11Ac0qpoSETP0MaRATjxO%2Fsrbqu3r29ncx188EJGWv4yvqPLhwTXi86Gdrcjw%2FXQe8JTL3EPcjhyrGLwhZd60XgLSwhu6h"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32ca8db294e31-FRA
GET H2	403	invoke.js tacticschangebabysitting.com/7fec93216ea8c05d939f39707f883bee/	0 0	136ms 135ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/7fec93216ea8c05d939f39707f883bee/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 1767	62 KB 21 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 657 of 1000 / last-modified: 1622804990" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21347 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 60C7 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	35ms 34ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:18 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:18 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 7B91	62 KB 21 KB	29ms 29ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b1b210746f3af2466e7dfa40e9f0472ba8d6779131adf856792002d857cea0b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 268 of 1000 / last-modified: 1622805049" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21347 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame CD51 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	36ms 35ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:18 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:18 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H3-29	200	pubads_impl_2021052601.js Show response securepubads.g.doubleclick.net/gpt/	311 KB 109 KB	77ms 72ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 26 May 2021 08:37:30 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111649 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H2	403	invoke.js tacticschangebabysitting.com/59fd9709e7a2469da3bdfe683fbcfa39/	0 0	131ms 129ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/59fd9709e7a2469da3bdfe683fbcfa39/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H3-29	200	pubads_impl_2021052601.js Show response securepubads.g.doubleclick.net/gpt/ Frame 1767	311 KB 109 KB	78ms 78ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 26 May 2021 08:37:30 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111649 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 60C7	31 KB 10 KB	74ms 38ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:18 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28821 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H3-29	200	pubads_impl_2021052601.js Show response securepubads.g.doubleclick.net/gpt/ Frame 7B91	311 KB 109 KB	80ms 79ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 26 May 2021 08:37:30 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111649 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:18 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame CD51	31 KB 10 KB	67ms 37ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:18 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28821 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame A515	107 B 122 B	29ms 28ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame A515	107 B 122 B	28ms 28ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:18 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame A515	13 KB 8 KB	366ms 366ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2312845205890520&correlator=2361963547420172&output=ldjh&impl=fifs&eid=31060033%2C31061224&vrg=2021052601&ptt=17&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D3a395bc5b81a85d3-2265b252c1c800a9%3AT%3D1622830818%3ART%3D1622830818%3AS%3DALNI_Mb20n_8NtCsZITTGdG7x1HTIJ3FVQ&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830818&dt=1622830818965&dlt=1622830818442&idt=297&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=150&oid=3&adxs=601&adys=1141&adks=3319398020&ucis=a2hoc11owbxz&ifi=1&ifk=3286901705&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x150&msz=728x0&ga_vid=1904851795.1622830818&ga_sid=1622830819&ga_hid=205020530&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash d5360df44de7958c583d6324cb3d92ba2c572aff13954fff2aa89c4e271e9550 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7958 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A515	0 0	46ms 26ms	Other text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 60C7	284 B 536 B	46ms 45ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H2	403	invoke.js tacticschangebabysitting.com/7fec93216ea8c05d939f39707f883bee/	0 0	137ms 136ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/7fec93216ea8c05d939f39707f883bee/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame CD51	284 B 536 B	42ms 41ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H2	200	integrator.js Show response adservice.google.dk/adsid/	107 B 799 B	79ms 28ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.dk/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	27ms 27ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	99ms 98ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_160x600_DFP&sz=160x600&t=Placement_type%3Dserving&1622830819182 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 9fe4f7382c7afc30d98425529b371dd15f6e15b5fd8b21899374d50af6ee788c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13055 x-xss-protection 0 google-lineitem-id 5664710328 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346082673 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	101ms 100ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_728x90_DFP&sz=728x90&t=Placement_type%3Dserving&1622830819186 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash a13d7c65453de742e74c8822517115e6e7bcdee30619fab2ad2eaba859afee5c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13054 x-xss-protection 0 google-lineitem-id 5665633183 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346489777 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	403	invoke.js tacticschangebabysitting.com/4501b44ddc263aab35da3d995bfdddcc/	0 0	142ms 142ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/4501b44ddc263aab35da3d995bfdddcc/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H3-29	200	container.html Show response 77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD6B	6 KB 3 KB	33ms 7ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 04 Jun 2021 18:20:18 GMT expires Sat, 04 Jun 2022 18:20:18 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame BABA	73 KB 27 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656037121142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28114 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame BABA	10 KB 8 KB	57ms 56ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e6038a375c416a0f8549343f01dfc8922430a084cebb57ebc27ca4a51d8c7e5f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7675 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame 1767	107 B 122 B	28ms 28ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame 1767	107 B 122 B	27ms 27ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 1767	13 KB 8 KB	584ms 583ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3765649659820795&correlator=3060211659577315&output=ldjh&impl=fifs&eid=31061340%2C31061167&vrg=2021052601&ptt=17&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D3a395bc5b81a85d3%3AT%3D1622830818%3AS%3DALNI_MYD_d5gPGef1Gvsa64kLTzKXJoK1Q&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830819&dt=1622830819224&dlt=1622830818682&idt=375&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=150&oid=3&adxs=601&adys=1913&adks=3321405445&ucis=n43wxx35uyck&ifi=1&ifk=3286901705&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x150&msz=728x0&ga_vid=1904851795.1622830818&ga_sid=1622830819&ga_hid=648773853&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 6f507b694fd96410e9c784af5eb13bb11aafcfc3da115398095fd6f26ce67f66 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7981 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1767	0 0	79ms 26ms	Other text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame 7B91	107 B 122 B	28ms 28ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame 7B91	107 B 122 B	29ms 29ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 7B91	14 KB 8 KB	715ms 715ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438852225211&correlator=960502863141160&output=ldjh&impl=fifs&eid=31061368%2C31061296%2C31061167%2C44744016&vrg=2021052601&ptt=17&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D3a395bc5b81a85d3%3AT%3D1622830818%3AS%3DALNI_MYD_d5gPGef1Gvsa64kLTzKXJoK1Q&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830819&dt=1622830819266&dlt=1622830818695&idt=384&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=150&oid=3&adxs=601&adys=2167&adks=3321521124&ucis=z10l8bxxfwx&ifi=1&ifk=3286901705&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x150&msz=728x0&ga_vid=1904851795.1622830818&ga_sid=1622830819&ga_hid=2053494074&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 6410f40a8ef85adf77dabcdf7c0e3066eaa8424c8ebb008abaa97fffb471bdac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8054 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7B91	0 0	61ms 40ms	Other text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame BABA	17 KB 6 KB	81ms 26ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 9250	2 KB 591 B	39ms 38ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNW7My1iKYogw9kgJ69vQngnCx7GHuM6ihN1W1EBwNQWM8rxB5DWae_a4zIis-vzobmKrO7P7abtVCbgwT6crteKjLBk67EQnieABVTdHCGP4evhGmEPZX5hIvLfXY1BOOl-hHmtEZTqTEtvzV4zFeyAX5AY_rUoiy5q2GS4iqLuOd4nI7_1iCNTmwVxsMyEUZYzCXFnC9aX6DD1FxYdA73wYopfMXzWVkXAcCDCtZvoeWp1HES-NJOtmhJkC5D_KTHlHVoWelv9-nVju4JkqZdRzij8By6rkzC7GZ4-vEC7WCbVSRbB8jS7A0wwf29jq3cc3UUUWAR3aeTKvfDiwdmOZNHu51TZFhx23b5rSut6EgShth_gF5NVtLB_D6X_jx5hsNgS17qmCDtvIqEJezp4BA10O1JhvqcWjvQoysCh5rTaKaMY_ELPYt8hDq7kg1dLA9YuRl6XUt8K4xwtCDh6qOIp4cs72KfhHG3zefQCSi7JgmgxEOeclNUiAyRMrWCUxEuVIWoAyF9S7L3SdEuI7OgEOA8PolrChxOcupNndPklAiRsNUXROWIR5HlvmTTUiyfJEpvXsAUpBJczNeR38vETer-GcY0QbC6_pBHS-ceaVgI Requested by Host: 77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com URL: https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3953d9cde3f0fd8c25489a6949d582e305a9da89b7d3a162af060c126488942d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNW7My1iKYogw9kgJ69vQngnCx7GHuM6ihN1W1EBwNQWM8rxB5DWae_a4zIis-vzobmKrO7P7abtVCbgwT6crteKjLBk67EQnieABVTdHCGP4evhGmEPZX5hIvLfXY1BOOl-hHmtEZTqTEtvzV4zFeyAX5AY_rUoiy5q2GS4iqLuOd4nI7_1iCNTmwVxsMyEUZYzCXFnC9aX6DD1FxYdA73wYopfMXzWVkXAcCDCtZvoeWp1HES-NJOtmhJkC5D_KTHlHVoWelv9-nVju4JkqZdRzij8By6rkzC7GZ4-vEC7WCbVSRbB8jS7A0wwf29jq3cc3UUUWAR3aeTKvfDiwdmOZNHu51TZFhx23b5rSut6EgShth_gF5NVtLB_D6X_jx5hsNgS17qmCDtvIqEJezp4BA10O1JhvqcWjvQoysCh5rTaKaMY_ELPYt8hDq7kg1dLA9YuRl6XUt8K4xwtCDh6qOIp4cs72KfhHG3zefQCSi7JgmgxEOeclNUiAyRMrWCUxEuVIWoAyF9S7L3SdEuI7OgEOA8PolrChxOcupNndPklAiRsNUXROWIR5HlvmTTUiyfJEpvXsAUpBJczNeR38vETer-GcY0QbC6_pBHS-ceaVgI pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUlyezXEeRT8I9xAwl6abKV5Ft5T496wXfqG9CtTnOU5DLScTt2L5JYk1wWTc-8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 04 Jun 2021 18:20:19 GMT server cafe cache-control private content-length 570 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame DD6B	57 KB 23 KB	63ms 62ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOaYOmnkEUmTR9025z2AL3QrttXLCek0MYhvTKB3FRU0nMTAuNvZ5FDfixsOPpvqp_dgEuq19H23YUgq5VoxPmCXTg6Gw8Ncab9km12UlwQqRH3GHq-nqOY2F221g0Znwfv6_CAjJdj0TS9T8B85ybT3Zffw&dbm_d=AKAmf-Ap5bMiUqxC9XBRVA2x_Zi-D7XpDb25iEH6Fj1lk15lz4JoeO1gKrNpVC08B41vYtz1c4LaZWUGAmoxFal3iW-RLS0rnV7kck8oXowu8TUHb8lNxVDtnyX6TlgNcMVleFFQ2XK2L_DlsbbZlA3cp1aIKRdZAFnLWKVNmZFoZ9uKUoQsrVcAYbFa9IbWnptYfpy3InBpOuEPZrwhtar02DVlW6HEeNmHhqrwuW6vG9JN6rMX9bMOXBW1CbfHoljlSDAUceBuZDKhkZ2sYdkiJLyKlU0XOxQojFG6yFwZL2b3Yd1teZCBwD3J4qahtmuD-j1LfFl_yaLIKffNjiyaMqYUJGm1xqbzVIlVydMNSkfhfpl_YEV1mVE4TGhSUgptjR4tbKp7bGya5YfjERgIDtuRSpjnJSIIL3m40mOM15Xmln1NRkR_ngpDjPvSes7orXMcbQmg0IkPLOfgosvWTecB40GmWSrB-zQ_Sjv_QQNlvBnY9Quu1kU_ZHbLfhQ0YFwuax1a5TVTwec-KDeFo-kAke2oRXmyudLjAuEILA78_8wbySscd9WhwDZYpxxXc3wZwIPGqEdHBxLXDoQ4Fc42LAau5cN4EzIP39xZ8S23W0zgvdcn_GYZMqpy2zLqQBRkltTfRsb2FckBfYpFoeNm15JL8mqNhcQJo18tRkMngfFb_rwuMxQ_7uJxtbQB8PSKXcI08Vb73LgLsc0M4cJykFV-Qzgt3tWPJVlR48WXu89rWz9Tb58bshVRfsGT_mRujrnpbNH5yqsXOjlpgQj9tSpFlhTV4hmhKi_J9Ttf6j0fFiTHCbUVgC8dJi1JsW_DZwSYZA9orjT5diPHFwoEwackoOSwebwEfqSa9qc0kZcIPRdRrusvnNLlOOKugBDWschRhHOthM3zNR88OdHqcRdL9Cj7TMh0nRzIhH2LsvPgYWsPvYxL8_yYj2Jo7tYMqycgSpq5s0qXM017rX-3Xkcpwds6B5EPckinnbkATx89ayRLNV0YWsrjhqgDg-pMPCUTqFc15kA7g3yxKqykQkz7A9xLCw7r0Zu-MsZx48d88QNkYVkpqtMb-ibFf6T2fVjnVuykGBp4HqopBaATls__s4G7P_YrB6wsD-veOnPXbRehs9t3MtFcCUT8xNcw5LGIm35r16FY6ypp6PJdpPKCfWk_ADtERbiJIW53MW1ET5vtvRiY-1U8KdnkT_Nc__WQOcsiDhFw4W4Dklq0lmFVfxZCF3G4mo7l-_w7F-8tUeBlw3VdKlxbyLTVGlrVE3Baw0OXB-SzeErd1NPmeWeuRh0qpB7vB0qBcNxORFGPzEYw0wtW5WHDdqgLjWuL0Lk1wCLcdIn2LfHv5fWoPXhw4FLsHSFJPdsI_f3lDU-wYUir5C4y_fT69QLs7s1VojZqVxVKmZ-kGuoRZwo5aMtlnWqctlF6zjEaXd3asG63eXoKkSqf9DdtcCfHtCl9_jqO3jub-0LT0LwXO5d1WkM9mqqCO-2dzoko-CKqycu-EEQKPVevRqUVtSzrR7bY0UaDDt_M-AA2srw318O9EoNzFPfOcJypdOr527Nw0P4hHuOSfZ9V0zhYxt0e30V1srPHWMslyy1MSav6wwtsAGy_N0q16IQ128SljN4QCH43V8-ek4z3Ukmt-hg6V-NyOJJNe5Al4pACZ3APJ59XQJieB2A4MkixADJzRZH8fwFcBvEECnjARxXOwxrJTYxg_XyO9sLoBzjBPAw3fAaU_d31aOPloVvmX7tS9LtDJY_yMg-9jbR6acA6T8UCVLyrkBKLbX2ulWH1ScyXpE-T2lY7-b9oVPJK3edZBOvN4Tu3MrhpkL712LZP54Kc-JUvG3yFg-22Rj1Gw-hcSfHhp4QT90b3MeO7quwFRcNprPqywdv-OVQx5pzL5RxjHfZMVFnas_Tr6P9mo5bw6jSIVQiVrssHZosvkPXYyx7YwSwk5g6yoMEddPhH8E92q0tSxvzRnMxh-PBCguqF9EP3J5nL99B6KsJxJqi1eQ3Dwou_g0j3RZpju_LcFSVPfJ1lMW9NtvZIeaN0_hnII_m9ciGmxBJiTWs9_AlKWJqcMQ70BkP6XIYFM3GPOQCYc-RqiH7F9Wrc13-VyvfcudaiZZqFhAIPY8XGVRLcmgYCFlLkmfQ_h_4W4mJ4TQDvZNg4tQ1AeVIH8DocX9TOmiaZZC4db5e1wPm5lZcStKXzS8YIVSExXk7Uw7orP-rxPpO53-wbYzDKY6GxoNOIEZrmqxViqlyAHF2Jdlls9GWc5W9_aqpKcC_RS5pgiyAY7kd5usrTteytX9rIzPvAPkxFkm80oh2mqm_FZFYmIUtsRnTQ8yMgLzV1PoLBLZhWEGL_Kc1yrp73K9izR11uF8NSNb5aJQcbS8iDpPQIMUj4XCf41_wQ5E4A11YwRt3X6t9UhkyUL3CZ2iqLgSUDeZdmLz3uIKbEnQfwPsMEAlJ30GscGvPWXly4FVJ2117nIL-QGZB48Vl1g2nYcHQrHTFuc2i4on9RU9tTVsEPElCxWH1Fxy31gGNpGOkxYukCP0dGvKV1PcgJYt673EFW2op8fI-Q2oXSdtVt6RGSHa29J7lP8yc641wdm-sxHQjRDYcLM9dKPw619RxV_QnzXOL7LgD0v8nVAI0ZIQ34Umc-y9MVEAgzZhh6hB9hlDYqxgMi69EIjrT8LhgWkwIlvYkHLiAGBQ-Lej4CIaOXWPYp0o1CkyZy_vwPfX0D4pTbq-M0Fphfcof7Yuf4-NykhTxchqoSDWwGXQeR4X3LWaDKMfKh4cUUgUtNipzicj6uc5TSIjP62zbwBwt64xuQHeRIYJ9JfXGwZVlG4gIOP1vCKsbetwazBryEfWRz4vNujake8228Tx5A5huUOXu_N9ENseGCPTa0Rj20XD53bGCWSWxn7uCdLm4nb2UgywXLYQvuOeGhnMD4Urt9i8n0ZumqTYWL58Q8G9AKXejIaPINdf9uxf3P-QDpA_XJnN7ZeFzkIHLyEvaD8hLopuHZE_4K7Von7DIbm6SFcZ2OqV8BFsRpxxcvuWGTOREARW10Vpq3Ew82zVxJkRDch1Iz2J5_Tk8cO-Gpuobr-lB4F0ZbLgo6a0Px3kBQUdUoMh3V4p18anjq2CwgQwrTud6rK78SobLpm1ZC5nwls_GXwJpjCikrC5Z6BlUXAS8kmgFaZ7DVk0-DNYFxWTpnNlu9TwkVIxHkwoT47Ekpt1v_kTzxGm-cneHcHfpqMUJko5pf544YtAQU85K0T96WZx1TlLrQs46eiLvG3JwpCcutyVOujIDG7xBLXIdgfwJX7SEy69Ou7Wq_FmAUOXrhC-XrOzHB2Tk-X_c84DDnURs0hrfwOdzY-sWextpjbP57mMukT6QqnmG-LtXs7QBRlhcXYohDXSg41X3N3Z6QDrBAAMNFbs5mAyIYR-_S3kRcRr2c6S_M7dvAl4CQGXTR79TxC1_ij5XeZnWC8d5ovI7NqwZtSCtJZBx1vNfoBslNwP-wblK1a_YU&cid=CAASEuRoM3i-Z5Ov5eRLEIBJVi0C2A&rfl=2%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash afcdc70bf2e82ccc4ef139b81b3a34ca971b80ddcfdf3624073aa1770a36a1ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23650 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame DD6B	42 B 63 B	42ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLN-AN0YweHuK6gdIhk4HNyXkmP6zGkGeX1R2rfmxTDDotH7CiqCXUcXQFYlacMMsaYdogruhiwpkoGgg31Kx-KMjqUUMrW6PByBCTxQ9qMbcwXj8 Requested by Host: 77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com URL: https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame DD6B	2 KB 1 KB	48ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js Requested by Host: 77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com URL: https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:12 GMT content-encoding gzip x-content-type-options nosniff age 247 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:12 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame DD6B	121 KB 37 KB	36ms 35ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com URL: https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame DD6B	13 KB 6 KB	47ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com URL: https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:17:39 GMT content-encoding gzip x-content-type-options nosniff age 160 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5635 x-xss-protection 0 server cafe etag 1091097466425408374 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:17:39 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame DD6B	0 0	32ms 32ms	Image text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpdIzzyWQaigrq4qeIita0fI0uvNBZakdYGBz4qYbPcFJZLIPin2xstmWs4rSISvkyMHYDPNQK0yReAcUiU1MDBgA91g Requested by Host: 77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com URL: https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame F82E	668 KB 165 KB	53ms 41ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4754 cf-request-id 0a79da400b00004e319e2ac000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VFq29hewR6I%2FnNxVZlG4IxfUAmOBnV8YBudpsX1Tgf4e51nny5YgIJwFYE0aBKjTwnwN%2FCa4F0GPQYyRATSGhBBcCE7BD8Q0lMMiDMOvHZFyQ0kYxPZGahgAC9embSEV59Rx"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32cacdf0d4e31-FRA
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame 1A60	668 KB 165 KB	43ms 31ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4754 cf-request-id 0a79da400b00004e317e26e000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iiKJtldF6d1PiCCq69GRi3SN4%2FaIdk8DSbc5o4gMbyEfrcUKLFm4qYkvYyVADvqEbJ1oxHC%2F2cucpFDPpkTQAIvXLmAIFvndDV4MM%2BaIBym3BK1nbbomT4h7C12JDl1ydvZi"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32cacdf124e31-FRA
GET H3-29	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	102ms 100ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_728x90_DFP&sz=728x90&t=Placement_type%3Dserving&1622830819336 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash a13d7c65453de742e74c8822517115e6e7bcdee30619fab2ad2eaba859afee5c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13054 x-xss-protection 0 google-lineitem-id 5665633183 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346489777 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	403	invoke.js tacticschangebabysitting.com/4501b44ddc263aab35da3d995bfdddcc/	0 0	133ms 132ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/4501b44ddc263aab35da3d995bfdddcc/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H3-29	200	container.html Show response 20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB5A	6 KB 3 KB	6ms 6ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 04 Jun 2021 18:20:19 GMT expires Sat, 04 Jun 2022 18:20:19 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame A515	73 KB 27 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656037121142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28114 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame A515	11 KB 8 KB	34ms 34ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3573309233878a505d7ca37ee4c93bb78b13a1685b17c2d46c2b6a604f5a201 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8273 x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame DD6B	111 KB 39 KB	40ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 14:24:06 GMT content-encoding gzip x-content-type-options nosniff age 14173 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 05 Jun 2021 14:24:06 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame DD6B	8 KB 3 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOaYOmnkEUmTR9025z2AL3QrttXLCek0MYhvTKB3FRU0nMTAuNvZ5FDfixsOPpvqp_dgEuq19H23YUgq5VoxPmCXTg6Gw8Ncab9km12UlwQqRH3GHq-nqOY2F221g0Znwfv6_CAjJdj0TS9T8B85ybT3Zffw&dbm_d=AKAmf-Ap5bMiUqxC9XBRVA2x_Zi-D7XpDb25iEH6Fj1lk15lz4JoeO1gKrNpVC08B41vYtz1c4LaZWUGAmoxFal3iW-RLS0rnV7kck8oXowu8TUHb8lNxVDtnyX6TlgNcMVleFFQ2XK2L_DlsbbZlA3cp1aIKRdZAFnLWKVNmZFoZ9uKUoQsrVcAYbFa9IbWnptYfpy3InBpOuEPZrwhtar02DVlW6HEeNmHhqrwuW6vG9JN6rMX9bMOXBW1CbfHoljlSDAUceBuZDKhkZ2sYdkiJLyKlU0XOxQojFG6yFwZL2b3Yd1teZCBwD3J4qahtmuD-j1LfFl_yaLIKffNjiyaMqYUJGm1xqbzVIlVydMNSkfhfpl_YEV1mVE4TGhSUgptjR4tbKp7bGya5YfjERgIDtuRSpjnJSIIL3m40mOM15Xmln1NRkR_ngpDjPvSes7orXMcbQmg0IkPLOfgosvWTecB40GmWSrB-zQ_Sjv_QQNlvBnY9Quu1kU_ZHbLfhQ0YFwuax1a5TVTwec-KDeFo-kAke2oRXmyudLjAuEILA78_8wbySscd9WhwDZYpxxXc3wZwIPGqEdHBxLXDoQ4Fc42LAau5cN4EzIP39xZ8S23W0zgvdcn_GYZMqpy2zLqQBRkltTfRsb2FckBfYpFoeNm15JL8mqNhcQJo18tRkMngfFb_rwuMxQ_7uJxtbQB8PSKXcI08Vb73LgLsc0M4cJykFV-Qzgt3tWPJVlR48WXu89rWz9Tb58bshVRfsGT_mRujrnpbNH5yqsXOjlpgQj9tSpFlhTV4hmhKi_J9Ttf6j0fFiTHCbUVgC8dJi1JsW_DZwSYZA9orjT5diPHFwoEwackoOSwebwEfqSa9qc0kZcIPRdRrusvnNLlOOKugBDWschRhHOthM3zNR88OdHqcRdL9Cj7TMh0nRzIhH2LsvPgYWsPvYxL8_yYj2Jo7tYMqycgSpq5s0qXM017rX-3Xkcpwds6B5EPckinnbkATx89ayRLNV0YWsrjhqgDg-pMPCUTqFc15kA7g3yxKqykQkz7A9xLCw7r0Zu-MsZx48d88QNkYVkpqtMb-ibFf6T2fVjnVuykGBp4HqopBaATls__s4G7P_YrB6wsD-veOnPXbRehs9t3MtFcCUT8xNcw5LGIm35r16FY6ypp6PJdpPKCfWk_ADtERbiJIW53MW1ET5vtvRiY-1U8KdnkT_Nc__WQOcsiDhFw4W4Dklq0lmFVfxZCF3G4mo7l-_w7F-8tUeBlw3VdKlxbyLTVGlrVE3Baw0OXB-SzeErd1NPmeWeuRh0qpB7vB0qBcNxORFGPzEYw0wtW5WHDdqgLjWuL0Lk1wCLcdIn2LfHv5fWoPXhw4FLsHSFJPdsI_f3lDU-wYUir5C4y_fT69QLs7s1VojZqVxVKmZ-kGuoRZwo5aMtlnWqctlF6zjEaXd3asG63eXoKkSqf9DdtcCfHtCl9_jqO3jub-0LT0LwXO5d1WkM9mqqCO-2dzoko-CKqycu-EEQKPVevRqUVtSzrR7bY0UaDDt_M-AA2srw318O9EoNzFPfOcJypdOr527Nw0P4hHuOSfZ9V0zhYxt0e30V1srPHWMslyy1MSav6wwtsAGy_N0q16IQ128SljN4QCH43V8-ek4z3Ukmt-hg6V-NyOJJNe5Al4pACZ3APJ59XQJieB2A4MkixADJzRZH8fwFcBvEECnjARxXOwxrJTYxg_XyO9sLoBzjBPAw3fAaU_d31aOPloVvmX7tS9LtDJY_yMg-9jbR6acA6T8UCVLyrkBKLbX2ulWH1ScyXpE-T2lY7-b9oVPJK3edZBOvN4Tu3MrhpkL712LZP54Kc-JUvG3yFg-22Rj1Gw-hcSfHhp4QT90b3MeO7quwFRcNprPqywdv-OVQx5pzL5RxjHfZMVFnas_Tr6P9mo5bw6jSIVQiVrssHZosvkPXYyx7YwSwk5g6yoMEddPhH8E92q0tSxvzRnMxh-PBCguqF9EP3J5nL99B6KsJxJqi1eQ3Dwou_g0j3RZpju_LcFSVPfJ1lMW9NtvZIeaN0_hnII_m9ciGmxBJiTWs9_AlKWJqcMQ70BkP6XIYFM3GPOQCYc-RqiH7F9Wrc13-VyvfcudaiZZqFhAIPY8XGVRLcmgYCFlLkmfQ_h_4W4mJ4TQDvZNg4tQ1AeVIH8DocX9TOmiaZZC4db5e1wPm5lZcStKXzS8YIVSExXk7Uw7orP-rxPpO53-wbYzDKY6GxoNOIEZrmqxViqlyAHF2Jdlls9GWc5W9_aqpKcC_RS5pgiyAY7kd5usrTteytX9rIzPvAPkxFkm80oh2mqm_FZFYmIUtsRnTQ8yMgLzV1PoLBLZhWEGL_Kc1yrp73K9izR11uF8NSNb5aJQcbS8iDpPQIMUj4XCf41_wQ5E4A11YwRt3X6t9UhkyUL3CZ2iqLgSUDeZdmLz3uIKbEnQfwPsMEAlJ30GscGvPWXly4FVJ2117nIL-QGZB48Vl1g2nYcHQrHTFuc2i4on9RU9tTVsEPElCxWH1Fxy31gGNpGOkxYukCP0dGvKV1PcgJYt673EFW2op8fI-Q2oXSdtVt6RGSHa29J7lP8yc641wdm-sxHQjRDYcLM9dKPw619RxV_QnzXOL7LgD0v8nVAI0ZIQ34Umc-y9MVEAgzZhh6hB9hlDYqxgMi69EIjrT8LhgWkwIlvYkHLiAGBQ-Lej4CIaOXWPYp0o1CkyZy_vwPfX0D4pTbq-M0Fphfcof7Yuf4-NykhTxchqoSDWwGXQeR4X3LWaDKMfKh4cUUgUtNipzicj6uc5TSIjP62zbwBwt64xuQHeRIYJ9JfXGwZVlG4gIOP1vCKsbetwazBryEfWRz4vNujake8228Tx5A5huUOXu_N9ENseGCPTa0Rj20XD53bGCWSWxn7uCdLm4nb2UgywXLYQvuOeGhnMD4Urt9i8n0ZumqTYWL58Q8G9AKXejIaPINdf9uxf3P-QDpA_XJnN7ZeFzkIHLyEvaD8hLopuHZE_4K7Von7DIbm6SFcZ2OqV8BFsRpxxcvuWGTOREARW10Vpq3Ew82zVxJkRDch1Iz2J5_Tk8cO-Gpuobr-lB4F0ZbLgo6a0Px3kBQUdUoMh3V4p18anjq2CwgQwrTud6rK78SobLpm1ZC5nwls_GXwJpjCikrC5Z6BlUXAS8kmgFaZ7DVk0-DNYFxWTpnNlu9TwkVIxHkwoT47Ekpt1v_kTzxGm-cneHcHfpqMUJko5pf544YtAQU85K0T96WZx1TlLrQs46eiLvG3JwpCcutyVOujIDG7xBLXIdgfwJX7SEy69Ou7Wq_FmAUOXrhC-XrOzHB2Tk-X_c84DDnURs0hrfwOdzY-sWextpjbP57mMukT6QqnmG-LtXs7QBRlhcXYohDXSg41X3N3Z6QDrBAAMNFbs5mAyIYR-_S3kRcRr2c6S_M7dvAl4CQGXTR79TxC1_ij5XeZnWC8d5ovI7NqwZtSCtJZBx1vNfoBslNwP-wblK1a_YU&cid=CAASEuRoM3i-Z5Ov5eRLEIBJVi0C2A&rfl=2%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:43 GMT content-encoding gzip x-content-type-options nosniff age 336 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:14:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame DD6B	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DOaYOmnkEUmTR9025z2AL3QrttXLCek0MYhvTKB3FRU0nMTAuNvZ5FDfixsOPpvqp_dgEuq19H23YUgq5VoxPmCXTg6Gw8Ncab9km12UlwQqRH3GHq-nqOY2F221g0Znwfv6_CAjJdj0TS9T8B85ybT3Zffw&dbm_d=AKAmf-Ap5bMiUqxC9XBRVA2x_Zi-D7XpDb25iEH6Fj1lk15lz4JoeO1gKrNpVC08B41vYtz1c4LaZWUGAmoxFal3iW-RLS0rnV7kck8oXowu8TUHb8lNxVDtnyX6TlgNcMVleFFQ2XK2L_DlsbbZlA3cp1aIKRdZAFnLWKVNmZFoZ9uKUoQsrVcAYbFa9IbWnptYfpy3InBpOuEPZrwhtar02DVlW6HEeNmHhqrwuW6vG9JN6rMX9bMOXBW1CbfHoljlSDAUceBuZDKhkZ2sYdkiJLyKlU0XOxQojFG6yFwZL2b3Yd1teZCBwD3J4qahtmuD-j1LfFl_yaLIKffNjiyaMqYUJGm1xqbzVIlVydMNSkfhfpl_YEV1mVE4TGhSUgptjR4tbKp7bGya5YfjERgIDtuRSpjnJSIIL3m40mOM15Xmln1NRkR_ngpDjPvSes7orXMcbQmg0IkPLOfgosvWTecB40GmWSrB-zQ_Sjv_QQNlvBnY9Quu1kU_ZHbLfhQ0YFwuax1a5TVTwec-KDeFo-kAke2oRXmyudLjAuEILA78_8wbySscd9WhwDZYpxxXc3wZwIPGqEdHBxLXDoQ4Fc42LAau5cN4EzIP39xZ8S23W0zgvdcn_GYZMqpy2zLqQBRkltTfRsb2FckBfYpFoeNm15JL8mqNhcQJo18tRkMngfFb_rwuMxQ_7uJxtbQB8PSKXcI08Vb73LgLsc0M4cJykFV-Qzgt3tWPJVlR48WXu89rWz9Tb58bshVRfsGT_mRujrnpbNH5yqsXOjlpgQj9tSpFlhTV4hmhKi_J9Ttf6j0fFiTHCbUVgC8dJi1JsW_DZwSYZA9orjT5diPHFwoEwackoOSwebwEfqSa9qc0kZcIPRdRrusvnNLlOOKugBDWschRhHOthM3zNR88OdHqcRdL9Cj7TMh0nRzIhH2LsvPgYWsPvYxL8_yYj2Jo7tYMqycgSpq5s0qXM017rX-3Xkcpwds6B5EPckinnbkATx89ayRLNV0YWsrjhqgDg-pMPCUTqFc15kA7g3yxKqykQkz7A9xLCw7r0Zu-MsZx48d88QNkYVkpqtMb-ibFf6T2fVjnVuykGBp4HqopBaATls__s4G7P_YrB6wsD-veOnPXbRehs9t3MtFcCUT8xNcw5LGIm35r16FY6ypp6PJdpPKCfWk_ADtERbiJIW53MW1ET5vtvRiY-1U8KdnkT_Nc__WQOcsiDhFw4W4Dklq0lmFVfxZCF3G4mo7l-_w7F-8tUeBlw3VdKlxbyLTVGlrVE3Baw0OXB-SzeErd1NPmeWeuRh0qpB7vB0qBcNxORFGPzEYw0wtW5WHDdqgLjWuL0Lk1wCLcdIn2LfHv5fWoPXhw4FLsHSFJPdsI_f3lDU-wYUir5C4y_fT69QLs7s1VojZqVxVKmZ-kGuoRZwo5aMtlnWqctlF6zjEaXd3asG63eXoKkSqf9DdtcCfHtCl9_jqO3jub-0LT0LwXO5d1WkM9mqqCO-2dzoko-CKqycu-EEQKPVevRqUVtSzrR7bY0UaDDt_M-AA2srw318O9EoNzFPfOcJypdOr527Nw0P4hHuOSfZ9V0zhYxt0e30V1srPHWMslyy1MSav6wwtsAGy_N0q16IQ128SljN4QCH43V8-ek4z3Ukmt-hg6V-NyOJJNe5Al4pACZ3APJ59XQJieB2A4MkixADJzRZH8fwFcBvEECnjARxXOwxrJTYxg_XyO9sLoBzjBPAw3fAaU_d31aOPloVvmX7tS9LtDJY_yMg-9jbR6acA6T8UCVLyrkBKLbX2ulWH1ScyXpE-T2lY7-b9oVPJK3edZBOvN4Tu3MrhpkL712LZP54Kc-JUvG3yFg-22Rj1Gw-hcSfHhp4QT90b3MeO7quwFRcNprPqywdv-OVQx5pzL5RxjHfZMVFnas_Tr6P9mo5bw6jSIVQiVrssHZosvkPXYyx7YwSwk5g6yoMEddPhH8E92q0tSxvzRnMxh-PBCguqF9EP3J5nL99B6KsJxJqi1eQ3Dwou_g0j3RZpju_LcFSVPfJ1lMW9NtvZIeaN0_hnII_m9ciGmxBJiTWs9_AlKWJqcMQ70BkP6XIYFM3GPOQCYc-RqiH7F9Wrc13-VyvfcudaiZZqFhAIPY8XGVRLcmgYCFlLkmfQ_h_4W4mJ4TQDvZNg4tQ1AeVIH8DocX9TOmiaZZC4db5e1wPm5lZcStKXzS8YIVSExXk7Uw7orP-rxPpO53-wbYzDKY6GxoNOIEZrmqxViqlyAHF2Jdlls9GWc5W9_aqpKcC_RS5pgiyAY7kd5usrTteytX9rIzPvAPkxFkm80oh2mqm_FZFYmIUtsRnTQ8yMgLzV1PoLBLZhWEGL_Kc1yrp73K9izR11uF8NSNb5aJQcbS8iDpPQIMUj4XCf41_wQ5E4A11YwRt3X6t9UhkyUL3CZ2iqLgSUDeZdmLz3uIKbEnQfwPsMEAlJ30GscGvPWXly4FVJ2117nIL-QGZB48Vl1g2nYcHQrHTFuc2i4on9RU9tTVsEPElCxWH1Fxy31gGNpGOkxYukCP0dGvKV1PcgJYt673EFW2op8fI-Q2oXSdtVt6RGSHa29J7lP8yc641wdm-sxHQjRDYcLM9dKPw619RxV_QnzXOL7LgD0v8nVAI0ZIQ34Umc-y9MVEAgzZhh6hB9hlDYqxgMi69EIjrT8LhgWkwIlvYkHLiAGBQ-Lej4CIaOXWPYp0o1CkyZy_vwPfX0D4pTbq-M0Fphfcof7Yuf4-NykhTxchqoSDWwGXQeR4X3LWaDKMfKh4cUUgUtNipzicj6uc5TSIjP62zbwBwt64xuQHeRIYJ9JfXGwZVlG4gIOP1vCKsbetwazBryEfWRz4vNujake8228Tx5A5huUOXu_N9ENseGCPTa0Rj20XD53bGCWSWxn7uCdLm4nb2UgywXLYQvuOeGhnMD4Urt9i8n0ZumqTYWL58Q8G9AKXejIaPINdf9uxf3P-QDpA_XJnN7ZeFzkIHLyEvaD8hLopuHZE_4K7Von7DIbm6SFcZ2OqV8BFsRpxxcvuWGTOREARW10Vpq3Ew82zVxJkRDch1Iz2J5_Tk8cO-Gpuobr-lB4F0ZbLgo6a0Px3kBQUdUoMh3V4p18anjq2CwgQwrTud6rK78SobLpm1ZC5nwls_GXwJpjCikrC5Z6BlUXAS8kmgFaZ7DVk0-DNYFxWTpnNlu9TwkVIxHkwoT47Ekpt1v_kTzxGm-cneHcHfpqMUJko5pf544YtAQU85K0T96WZx1TlLrQs46eiLvG3JwpCcutyVOujIDG7xBLXIdgfwJX7SEy69Ou7Wq_FmAUOXrhC-XrOzHB2Tk-X_c84DDnURs0hrfwOdzY-sWextpjbP57mMukT6QqnmG-LtXs7QBRlhcXYohDXSg41X3N3Z6QDrBAAMNFbs5mAyIYR-_S3kRcRr2c6S_M7dvAl4CQGXTR79TxC1_ij5XeZnWC8d5ovI7NqwZtSCtJZBx1vNfoBslNwP-wblK1a_YU&cid=CAASEuRoM3i-Z5Ov5eRLEIBJVi0C2A&rfl=2%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:51 GMT content-encoding gzip x-content-type-options nosniff age 208 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8594 x-xss-protection 0 server cafe etag 7958287194716579593 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:51 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2E2C	12 KB 5 KB	28ms 27ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4634 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame B053	783 B 532 B	49ms 49ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ccd7b1b759919408068cfc5a1594807a17461d364dc176513f74835380924103 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9FJ+f709zDcTf2u+HAE7Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:19 GMT date Fri, 04 Jun 2021 18:20:19 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-9FJ+f709zDcTf2u+HAE7Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 1A60	62 KB 21 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 42a5951e469ce1504019000f2230dd873e6ebb7aa0bf3ce48987c22f05363b31 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 42 of 1000 / last-modified: 1622804990" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21341 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame FBBA Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	35ms 35ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:19 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:19 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 9250 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wj...	43 B 1012 B	117ms 47ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNW7My1iKYogw9kgJ69vQngnCx7GHuM6ihN1W1EBwNQWM8rxB5DWae_a4zIis-vzobmKrO7P7abtVCbgwT6crteKjLBk67EQnieABVTdHCGP4evhGmEPZX5hIvLfXY1BOOl-hHmtEZTqTEtvzV4zFeyAX5AY_rUoiy5q2GS4iqLuOd4nI7_1iCNTmwVxsMyEUZYzCXFnC9aX6DD1FxYdA73wYopfMXzWVkXAcCDCtZvoeWp1HES-NJOtmhJkC5D_KTHlHVoWelv9-nVju4JkqZdRzij8By6rkzC7GZ4-vEC7WCbVSRbB8jS7A0wwf29jq3cc3UUUWAR3aeTKvfDiwdmOZNHu51TZFhx23b5rSut6EgShth_gF5NVtLB_D6X_jx5hsNgS17qmCDtvIqEJezp4BA10O1JhvqcWjvQoysCh5rTaKaMY_ELPYt8hDq7kg1dLA9YuRl6XUt8K4xwtCDh6qOIp4cs72KfhHG3zefQCSi7JgmgxEOeclNUiAyRMrWCUxEuVIWoAyF9S7L3SdEuI7OgEOA8PolrChxOcupNndPklAiRsNUXROWIR5HlvmTTUiyfJEpvXsAUpBJczNeR38vETer-GcY0QbC6_pBHS-ceaVgI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:19 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 04 Jun 2021 18:20:19 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 686 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 9250 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkF... https://dsum-sec.casalemedia.com/rrum?addtl_consent=&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhg... https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wj...	43 B 1012 B	54ms 53ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNW7My1iKYogw9kgJ69vQngnCx7GHuM6ihN1W1EBwNQWM8rxB5DWae_a4zIis-vzobmKrO7P7abtVCbgwT6crteKjLBk67EQnieABVTdHCGP4evhGmEPZX5hIvLfXY1BOOl-hHmtEZTqTEtvzV4zFeyAX5AY_rUoiy5q2GS4iqLuOd4nI7_1iCNTmwVxsMyEUZYzCXFnC9aX6DD1FxYdA73wYopfMXzWVkXAcCDCtZvoeWp1HES-NJOtmhJkC5D_KTHlHVoWelv9-nVju4JkqZdRzij8By6rkzC7GZ4-vEC7WCbVSRbB8jS7A0wwf29jq3cc3UUUWAR3aeTKvfDiwdmOZNHu51TZFhx23b5rSut6EgShth_gF5NVtLB_D6X_jx5hsNgS17qmCDtvIqEJezp4BA10O1JhvqcWjvQoysCh5rTaKaMY_ELPYt8hDq7kg1dLA9YuRl6XUt8K4xwtCDh6qOIp4cs72KfhHG3zefQCSi7JgmgxEOeclNUiAyRMrWCUxEuVIWoAyF9S7L3SdEuI7OgEOA8PolrChxOcupNndPklAiRsNUXROWIR5HlvmTTUiyfJEpvXsAUpBJczNeR38vETer-GcY0QbC6_pBHS-ceaVgI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:20 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 04 Jun 2021 18:20:20 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 667 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9250	170 B 506 B	167ms 68ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTWPHSFTWAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNW7My1iKYogw9kgJ69vQngnCx7GHuM6ihN1W1EBwNQWM8rxB5DWae_a4zIis-vzobmKrO7P7abtVCbgwT6crteKjLBk67EQnieABVTdHCGP4evhGmEPZX5hIvLfXY1BOOl-hHmtEZTqTEtvzV4zFeyAX5AY_rUoiy5q2GS4iqLuOd4nI7_1iCNTmwVxsMyEUZYzCXFnC9aX6DD1FxYdA73wYopfMXzWVkXAcCDCtZvoeWp1HES-NJOtmhJkC5D_KTHlHVoWelv9-nVju4JkqZdRzij8By6rkzC7GZ4-vEC7WCbVSRbB8jS7A0wwf29jq3cc3UUUWAR3aeTKvfDiwdmOZNHu51TZFhx23b5rSut6EgShth_gF5NVtLB_D6X_jx5hsNgS17qmCDtvIqEJezp4BA10O1JhvqcWjvQoysCh5rTaKaMY_ELPYt8hDq7kg1dLA9YuRl6XUt8K4xwtCDh6qOIp4cs72KfhHG3zefQCSi7JgmgxEOeclNUiAyRMrWCUxEuVIWoAyF9S7L3SdEuI7OgEOA8PolrChxOcupNndPklAiRsNUXROWIR5HlvmTTUiyfJEpvXsAUpBJczNeR38vETer-GcY0QbC6_pBHS-ceaVgI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 9250 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzOTg4NTUyMDkyMDc2NDYxMw%3D%3D	170 B 188 B	124ms 62ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzOTg4NTUyMDkyMDc2NDYxMw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNW7My1iKYogw9kgJ69vQngnCx7GHuM6ihN1W1EBwNQWM8rxB5DWae_a4zIis-vzobmKrO7P7abtVCbgwT6crteKjLBk67EQnieABVTdHCGP4evhGmEPZX5hIvLfXY1BOOl-hHmtEZTqTEtvzV4zFeyAX5AY_rUoiy5q2GS4iqLuOd4nI7_1iCNTmwVxsMyEUZYzCXFnC9aX6DD1FxYdA73wYopfMXzWVkXAcCDCtZvoeWp1HES-NJOtmhJkC5D_KTHlHVoWelv9-nVju4JkqZdRzij8By6rkzC7GZ4-vEC7WCbVSRbB8jS7A0wwf29jq3cc3UUUWAR3aeTKvfDiwdmOZNHu51TZFhx23b5rSut6EgShth_gF5NVtLB_D6X_jx5hsNgS17qmCDtvIqEJezp4BA10O1JhvqcWjvQoysCh5rTaKaMY_ELPYt8hDq7kg1dLA9YuRl6XUt8K4xwtCDh6qOIp4cs72KfhHG3zefQCSi7JgmgxEOeclNUiAyRMrWCUxEuVIWoAyF9S7L3SdEuI7OgEOA8PolrChxOcupNndPklAiRsNUXROWIR5HlvmTTUiyfJEpvXsAUpBJczNeR38vETer-GcY0QbC6_pBHS-ceaVgI Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:19 GMT X-Proxy-Origin 82.102.20.244; 82.102.20.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.48:80 AN-X-Request-Uuid dc03e511-85be-454a-bd6a-7478231129c7 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzOTg4NTUyMDkyMDc2NDYxMw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame A515	17 KB 6 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame F82E	62 KB 21 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 56 of 1000 / last-modified: 1622804990" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21347 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 49C4 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	35ms 35ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:19 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:19 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame FA89	2 KB 591 B	31ms 31ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNWvYfE59Y60Kp5CsWCBnXHF16ztVKHgKpFgDuvF_mK_G9Y0VVB8sCPnDEiyfTY0kkHGn4GrGrf8NAaiF1xCbmGFAHqTa49ywFRrQZ-XZonCJpyJawg2MW9ScTd94oPWM7BkYddID1jIor__4RekrOd7xjQ8BksPxh9aF--2tIqC8DpkrAyaqkKFScO14f4b-_zBwlnooI-T6gpvaoheQas6B-MO6Cz2JfX5nWdxtlZgXIGVGe-ibRNumHPQXTyv2MUPwNK6qsX6-iiXcFzDKbJowsqqXiDBj5_0LbemjV6O_z88-YGa8sw5NAahhWgAvCB4V7EIpRPFM-Ll3r5Mte4V9HU0HDLmYHlFQ6mN_QGgtHf32bOkfCL_JBnuBgDubNPtWkcyidDzDDOE2g6WiKwxax9hFNjbTgWIYGZapBEztdACWnUlmSRWxjEVGkEpDvN4DnfU5noKGv37YSn70FjhfdkQqSOjHSZryojSU_7R63WIb4L_oK5ipDijXwJlB9MMu3OAHf3SJYdpgTLSqHT1IYrukVKb-CzSlGo3y1NwVAts3CwyLDQq3XNU_gBZodicZjCqKE_yS4s_tIXfGenzqQJFDNw7Vd3mLiDd8ULTVCbgHxU Requested by Host: 20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com URL: https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 43a39a7e857cc8ae978346b2dda6d9028949411cf37d68b2127de169d6ad01be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNWvYfE59Y60Kp5CsWCBnXHF16ztVKHgKpFgDuvF_mK_G9Y0VVB8sCPnDEiyfTY0kkHGn4GrGrf8NAaiF1xCbmGFAHqTa49ywFRrQZ-XZonCJpyJawg2MW9ScTd94oPWM7BkYddID1jIor__4RekrOd7xjQ8BksPxh9aF--2tIqC8DpkrAyaqkKFScO14f4b-_zBwlnooI-T6gpvaoheQas6B-MO6Cz2JfX5nWdxtlZgXIGVGe-ibRNumHPQXTyv2MUPwNK6qsX6-iiXcFzDKbJowsqqXiDBj5_0LbemjV6O_z88-YGa8sw5NAahhWgAvCB4V7EIpRPFM-Ll3r5Mte4V9HU0HDLmYHlFQ6mN_QGgtHf32bOkfCL_JBnuBgDubNPtWkcyidDzDDOE2g6WiKwxax9hFNjbTgWIYGZapBEztdACWnUlmSRWxjEVGkEpDvN4DnfU5noKGv37YSn70FjhfdkQqSOjHSZryojSU_7R63WIb4L_oK5ipDijXwJlB9MMu3OAHf3SJYdpgTLSqHT1IYrukVKb-CzSlGo3y1NwVAts3CwyLDQq3XNU_gBZodicZjCqKE_yS4s_tIXfGenzqQJFDNw7Vd3mLiDd8ULTVCbgHxU pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUmmGTrH9HAdupfiwyjqcOUHH-zdTjbVhTZEuB4r04nYkw-Cnc8VE77jYdRnuTQ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 04 Jun 2021 18:20:19 GMT server cafe cache-control private content-length 570 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame CB5A	57 KB 23 KB	65ms 65ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1cCsjWmrlM73h8Ud7wWS3DalcqFbK5BfQsCYBbC-P5VYQ3n7DdN1vJfDyqTlNy2Iq-kPZwDrO5dJPkAtOg6xz9VyoGymYapam4nA3LTYRaGq0AVrUFWUUm97RFUt1qhfSWuNYnt_EF3azseQBhaCUX7dUUw&dbm_d=AKAmf-CEuVbJlvWh5uDnlTYh2MkryA5_df7jHed-E2vay7jxE4cmUbBj5NJ9Gq21EbG_IWm25VgVmzVpqYaj8ro_BQ9VmNaS9IgAe_9nEC833IyvDu79YxuJhEYGg-ET8CD0SG7YFai06F_qZdW28RTrngmjR53iZCp6Up3imlE8andTqGYw5kkSM_szpkXgBUA7tauyLD1rxOHo6bnkCngHCDKRwzlAnOXVdiDnen0gWBP_iJh8qQUYAUtvSfCBC0ZhQfje2BWVrxTGUWfVh12yXbBObKLXVhtlxZbhNEscNOYkg9DkEtxKCZD4UynPylpWY8MOwSbOFP9twKF3sLP8E8M13iMK5aNQfpdG5AoPdNywEiMSxgIB-xaA-FrOTwVoh7hVg7ycMU4jzTODnOnxY06C59r55VVfEpt88IQoxCGmkSPU5YH2T0qsbLOefYbVcc92arrwd65sy9PpC16zcR6XeYL89e-VLR1KwAWxkr9rpkHAmiwh6J1wKHtjKKKkqPNZVuxI8YrSnIdHBS-De_p2CL0kng2_xrq-uNHqDoTbuhBFZZjIKNEwLZFMLo9pz26wl7qOJKxoEuddnV6FBfkYxIsVOKQoEIqqAG2smM8fnk_jybPoJcM4IZakosQG19-U7Ok_XDFVqdadyUTBeSuz5lZmw7X53F_5Knvx66Mrz7lC4BIWZapR4-CMt5-LHeBSwPKB-XOKcsCfbpPN1i205BttLEAs7RzTU0SqbHc9IV9TEoTXxxHSxFLjgnEoMcc7nrZ-_JmOyHhzlTTANrRlvRltXF-1tW6nf9k4GrLR4V6fOeSXsFdYyoSL4-AdYZZwWGcTUR-jGzJWZMmcfQWgKLyCn8mfDZIh2MTS1NAmkLM8CYoTk8JghjkMWZ8S81LeU_GTGcA92A1RR1pSyObBI3PQ3qy9b9ivGROWTYQ4rN-2iFj5KqS2e1_xSSJJRyLS2vjMbasiV2bQ9HhObIvS49tthQP97wsFY3MfDrNLVCXZhSy3BjcVbhXbJgeHZ97sagGAcOCUZb31_cX20j8pq0GSShxuUpwfX24IjDVrfuOh84Zls6zOoNq4no7BtB3LJyixMR8aYTzqxNLjoUVThd_Nr73Q0d4Z9nU-6tEw3ftMoHpFQMPxTukKuKpBhJHG4RLQP4Wfh3BQWligdO5NzxTyRJ4W8wdnwyh72SQ5u308By3mvDK_jtP7ieyKl-oUCJxa9O5_q-naHMsXsBHfIolZSNIlp9CUuIp_fqWqfKN8Cuv1IEirzwBEk-0HNZQ99pIuGxdivDS_cC6mlWidbg80BVV57XUe_9IFbAl16uu9sH45lsiB_4S7I_1uD37id_CWk6KTwS5NDYHMP9ryVTz2JgBebQzVP7rs_aUcBTjmrYPjPJzXU3fN6zw99IWZDqb9-pzJMnXSKtGcGY0FRV7KRw_ARcntpeDrYM8cFTmnPndmHtgujYMCGh79XhsPmyHcEhthAVJTaj5yDbhNXJax1KckOZXkKuBmzZLajsxIyUeHgzLi5pMFbGYTio-VqV6NcRggdTOePUHc-09H-iiiQrR8FKbuAVb4kLbgxAEj9Tycm--Pr1Q2eAoS4fJcvloj6V2F7OlipC4j_yiNgibf3C1xhv2endggdXrXV-sRRTNp3qDnevOeHub4mH4YaPZ70EmOQkAz4s-DJLsaa3RND9S9EtGUxCKRZIcwqibEhEDrdaXh57WKO7Q82AGJFgqGKA5O5wDLN4sRciMv7UbnFvULg4ZYlk-oDvExqvHzV0qwSEO_RPyS9NLVQYXjA8ymNWFbzUYRkJP6C7wDnq7W6CurEHAlmzODw6gaODegMKP9EfeKmJJEYSAchZFIHwQl3UTURFtOmTGYKLqUDDuNMjGI1JGrlz99KvppADMoTCFWNwsRolq19LYCub42uyLljUU03s1VI3r09v6PDoV9cGw6WOwP66lqg67_j2p7L2US7tw0tQbLmxvxmYbLEmma9tggwMud_1A3f2kaz0yjB-apTCCWP3rZEOk14pzWYXAye1SvInSmHnhyGPx5uEk6eaeDnMcoxpevEE9VriIB8spvAS15roe44OjTMXMiU5DiaO01UF0RfvWopYHj1eYLJtaNHLS-dQkyRpWPYrMLuaBxLkcYeRcGFE2RmiEXPUVgLSBsS9e9UxL2RIvjH5w7Ae58QyYkDdj9DRrlCs9-MbyMAXEMWSi5Pmkcuw_Anv9sb0K9I8wVKEWR3sK2w-zwyxBbo2wp2KTd7-7xILhr1hP57mEFrYJG8joeBKvf1ECQt-OEwehdsq22slFjX8ehTI1idmNurlP4WBUsQlKeW-qvdAN1dgZ4QkM6tLfCHQ5sG9t-QnkiVfAZX73f-lwDOu2puCx1Nvt6NocbCUSYraplLaR_YExb7GIJ7o70n8_LhgvNZH8EwbI7J2mnR4VO8RYr9dxvGBx8WldpMGwSdjfTydetDNNPyaFIfr-b3XY4_CqG58bn3N-jRUhgD8UUKdHZhK43N9qPfGKXMiU5gSv0uIhWdKwlVgfr_99WoGUH58nY9gUesddREcWo7Sb0IZuG92wwxM8Z28AjXf0IDf04QptnLVOAr5a-eJgqFggNrjbSTD0Jix3_h2F4o46maaDEvNfLA-HYyH6zUJyD1SVZEp2TRQiQl1ir5UnxWz3so3MgzRU8NKLyIV_xPbbTXwnyUhcpWai5MqHgo-eyAuXDbnPTRZVCmzyXKUYrZ4POop230yLiwjlt6DWZ317sqhrdyyb45Ck5RPWmlyoIyJ1LXw4wRBajgS838SS2GKmtX4qRCr_cxEizXtkpVem1zskEUl3_-NEc7jlqa7A82F3tk8ceoEAlFpWLSOFB93yDwZ2J-D9LrKx0M7eTtAvzN41sZOwwimw8R2ouI1ux0pZx9TJii-2goj4X1dUqx8N7jOkk7so3WAWNFgXiK65d1rv41xZck9LDDb-eztTYQeDnymWBSllZeD6ozPgNxIGhZBGqjwLCnqt9MbRu7d3jdjjWuBTP5VABOVdkarFRB5A6xqZ6Sh4V4sEHuGXzyuH89GLQsxLSsiBFV9OQqX0GjAJfg1f67_AhC-UJ_25iAMqReEGiVT5lLFEIbAhep2a0z4IDpyAxJpOqNpLSoeb9fBbOe6a_VjGxaYdWAhkCcMcu-c5ZIM3GcNPbMWbyAWmO8mOLjXLpY7RYt91TZxfpWePUJ64XJFjVGlEJMCiSzLbnhJyEfsgleRJuzELZ7GImJ9rJYb_tF9wgjhmiPlr8RNHeTM5MMOcHi_s-V7W0qfr5RO9soxNvPbxZmE_IQn-4VIYXb69G4DULTO-CeVPlA6BEHCNHyAojwUyIbr4xYs5I7WncbU2w1iiolPKI0kZBjkN2ohyVkWImj3nJ5lQ5jTeHc9-zBUEqNuCaCCi1k9ERnc5WA1xUZ5mSxX26QyB2V0riSJYPtNcz7QP6OCJIR75GXEnFt4lP9BAf0-98AGu9aAT0gLk1mKi3sCeoCLWxRtI4AoOffGN62yDp67xs&cid=CAASEuRoMWwWLVjEqRVIT6zGzjAlPA&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c3d0d4408cb29dd1ef88d5a4eadaad019320fe24339d34aa8f2b3431c6941bbd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23807 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame CB5A	42 B 63 B	40ms 39ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DkGNzzbbyGgFzlnElfJPyfGjvBlyzTcgLAkHXYrVHO6qqnTcP2aCEiXjCMVyVsWOmdTI7lFmIP2bTvD7-vZ2lYE0EGsury2J7JcSnm_BVZPubsNd0 Requested by Host: 20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com URL: https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame CB5A	2 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js Requested by Host: 20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com URL: https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:12 GMT content-encoding gzip x-content-type-options nosniff age 247 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:12 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame CB5A	121 KB 37 KB	30ms 30ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com URL: https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame CB5A	13 KB 6 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com URL: https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:19:37 GMT content-encoding gzip x-content-type-options nosniff age 42 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5635 x-xss-protection 0 server cafe etag 1091097466425408374 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:19:37 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame CB5A	0 0	20ms 20ms	Image text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnp-tGFqAm0zuSF7bFudM72Zoffg9uAZedETeYGMVzj-8yra4Wgz_X6zuPgIM3hfIRGjwavyQQShlraO7PQvem6neIYg Requested by Host: 20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com URL: https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	403	invoke.js tacticschangebabysitting.com/620be74363f719a1983aad4691b637de/	0 0	689ms 689ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/620be74363f719a1983aad4691b637de/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:20 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	403	invoke.js tacticschangebabysitting.com/31de8c8e326c82533128514dd650bfab/	0 0	141ms 140ms	Script application/javascript	192.243.59.13 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tacticschangebabysitting.com/31de8c8e326c82533128514dd650bfab/invoke.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT server nginx/1.17.6 content-type application/javascript content-length 0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame F02E	668 KB 165 KB	34ms 32ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4754 cf-request-id 0a79da410600004e31cd8b9000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N6xmfBWN35K6xf2osRvnzI1zV0bccm07j36a8pc9FQQLrzqRX%2FSTr4Yf1GB9pcLj6I9XS4dKVChorGCiy45PbjT91t%2FX9229PuNg%2B9nM4WObtyZx474%2B%2BwXg81DeAVjw2M%2Bi"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32cae6b3c4e31-FRA
GET H3-29	200	index.html Show response s0.2mdn.net/8945087/1608572807667/ Frame 5ACD	19 KB 4 KB	33ms 6ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/8945087/1608572807667/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47acae7bbab97fa27ae26152567d74c72952ec6696eadbd01ee71b2f3b4a9426 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /8945087/1608572807667/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 4418 date Fri, 04 Jun 2021 09:27:20 GMT expires Sat, 05 Jun 2021 09:27:20 GMT last-modified Mon, 21 Dec 2020 17:46:47 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 31979 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame DD6B	0 333 B	87ms 85ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjwLBVSFCUc6Jv334csuRaYaYbyhjbTftBmqsBlPL5ETG8ek67jHPQo4Dl8cD7Tpm6XBxvfn5cBZdrvJ6uspGWiRZ31Pe2CB2Yo_0lc1ZevmkUqcxwQebmBvYhB25B6fYfR-iLfJkXP8LPLAkyHe5h_-yu74F1UrqT2CcFjARLCmhZUBntSbX5fjKyyhK8K-x05MEWStUoszJzCE13FjoFFvST7zKdCVcwm0wSvs6bah6PLHJa0TYt_nQLR7O4HUQcEeU8WFNcB8hGOYHKSLJd9h54NQaZ9UjAZbLd25nQ7rLJB205AD0L8yaSFfrSKc8lq__9d0mBguysgLo-Ku7_iu4Ev-fX34DxP4aA6DcwqHPXZ6exAu23sQ9EXM6uBGataYWZinCUsbr2SkbKouhIL3Gzi3mvlrPHeogfVoZRwTYPAW0sgFQy4mLo11tUNP46xa9nxjccmA0gbX_5RtlrAvrKp9CHkdkHAwFWhTCrubzTFPP0Vv31yF71JP_h9-nV4-76IrWT2Wu-tpwILy-iS3o1CYa4RVe41e3nlttCzT5tdh1hv0KzP8o64bBmsPEhtKhwCBOWn3Iu9OgKXUh5RFKuCB2McUa4Kme9_Oiig-iVPclDuFJSjf8AM9ezaCcbPMKuI70myK9ZIjLkyqSGdBWFwX2wRsQ1ZJ1IJdulp915tevTnv13a1wpOGkBj0LqSigRkZckXTKGoeUnbJrJhBk5FPCgy2w074EUuZ3_3ctoAtA2nwD1zEh9lAvFGz5DzB7Q3gRznF1t0rUuCl7XxA2EAYFY96XJbj8lg4-EpjtTenFs30x5TLaXchHN2Ob4I2NaaLXB1lZmR1B2qK4QXgRmgFMlUr-niSrI1TeArPWVN6rO505AkIqoDgpwiPLAp57PkLrrhGzzD9XOBuy8nSZ9ZfBjGi3zlr_PK5wiHli70RQIu0E0QVMWbWoDNoRXfcJnVvOYWtdzPe4n2rAj8LY9aB529CrXhZ-jH1aBTJpHtjvkQaWh_4wJmjMSlVulWnBgOJwASBIhxPDp1C0_Enm5BSc_zUqxM7_wtTvRjlKy_qk1irzdvpKjMtglMCvveMiY0QSh2-mrEs7zZSMSLGXCxpEcBBvwGvctsOWZikSlw7mWYYPjEmVidIeojLO8yt6QXFyUlE_7blykWcHprMt8OtuwRoIfJGE&sai=AMfl-YQnJ8rbnDwyVFsN1n4__9_chZxVuPOUY-SjtMhA7HfmLnAWfUOzsH6tWxk8nvmcwpm5YL68SGFFR9hLGpTAm6EjPoZGeAx1BjxCcEi_r3_d4MsnpcahGnenvcr7xUmx94TZ7Hy3wh-tIy34em3U7H5u0O23sw&sig=Cg0ArKJSzOEvm8EFk1w6EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=212&cbvp=1&cstd=208&cisv=r20210601.14936&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 04 Jun 2021 18:20:19 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame DD6B	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com URL: https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41202 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET DATA	200 OK	truncated / Frame DD6B	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3f1d2e56c487e4aba30622d030339bd7d713474d9fb8e459520dd9a5d1aea5bd Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 25B8	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4634 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame AE29	783 B 530 B	30ms 30ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e6faaf959a224c7f81046759a4fcabf389432c5056387bf8a08c1cea20f05678 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-cUogHwHSEIX+BtSkDldRNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:19 GMT date Fri, 04 Jun 2021 18:20:19 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-cUogHwHSEIX+BtSkDldRNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 511 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	pubads_impl_2021052601.js Show response securepubads.g.doubleclick.net/gpt/ Frame 1A60	311 KB 109 KB	75ms 74ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 26 May 2021 08:37:30 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111649 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H3-29	200	pubads_impl_2021052601.js Show response securepubads.g.doubleclick.net/gpt/ Frame F82E	311 KB 109 KB	77ms 76ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 26 May 2021 08:37:30 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111649 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame FBBA	31 KB 10 KB	49ms 48ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:19 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28820 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H3-29	200	express_html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame CB5A	111 KB 38 KB	38ms 8ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 14:24:06 GMT content-encoding gzip x-content-type-options nosniff age 14173 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39287 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:50 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 05 Jun 2021 14:24:06 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame CB5A	8 KB 3 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1cCsjWmrlM73h8Ud7wWS3DalcqFbK5BfQsCYBbC-P5VYQ3n7DdN1vJfDyqTlNy2Iq-kPZwDrO5dJPkAtOg6xz9VyoGymYapam4nA3LTYRaGq0AVrUFWUUm97RFUt1qhfSWuNYnt_EF3azseQBhaCUX7dUUw&dbm_d=AKAmf-CEuVbJlvWh5uDnlTYh2MkryA5_df7jHed-E2vay7jxE4cmUbBj5NJ9Gq21EbG_IWm25VgVmzVpqYaj8ro_BQ9VmNaS9IgAe_9nEC833IyvDu79YxuJhEYGg-ET8CD0SG7YFai06F_qZdW28RTrngmjR53iZCp6Up3imlE8andTqGYw5kkSM_szpkXgBUA7tauyLD1rxOHo6bnkCngHCDKRwzlAnOXVdiDnen0gWBP_iJh8qQUYAUtvSfCBC0ZhQfje2BWVrxTGUWfVh12yXbBObKLXVhtlxZbhNEscNOYkg9DkEtxKCZD4UynPylpWY8MOwSbOFP9twKF3sLP8E8M13iMK5aNQfpdG5AoPdNywEiMSxgIB-xaA-FrOTwVoh7hVg7ycMU4jzTODnOnxY06C59r55VVfEpt88IQoxCGmkSPU5YH2T0qsbLOefYbVcc92arrwd65sy9PpC16zcR6XeYL89e-VLR1KwAWxkr9rpkHAmiwh6J1wKHtjKKKkqPNZVuxI8YrSnIdHBS-De_p2CL0kng2_xrq-uNHqDoTbuhBFZZjIKNEwLZFMLo9pz26wl7qOJKxoEuddnV6FBfkYxIsVOKQoEIqqAG2smM8fnk_jybPoJcM4IZakosQG19-U7Ok_XDFVqdadyUTBeSuz5lZmw7X53F_5Knvx66Mrz7lC4BIWZapR4-CMt5-LHeBSwPKB-XOKcsCfbpPN1i205BttLEAs7RzTU0SqbHc9IV9TEoTXxxHSxFLjgnEoMcc7nrZ-_JmOyHhzlTTANrRlvRltXF-1tW6nf9k4GrLR4V6fOeSXsFdYyoSL4-AdYZZwWGcTUR-jGzJWZMmcfQWgKLyCn8mfDZIh2MTS1NAmkLM8CYoTk8JghjkMWZ8S81LeU_GTGcA92A1RR1pSyObBI3PQ3qy9b9ivGROWTYQ4rN-2iFj5KqS2e1_xSSJJRyLS2vjMbasiV2bQ9HhObIvS49tthQP97wsFY3MfDrNLVCXZhSy3BjcVbhXbJgeHZ97sagGAcOCUZb31_cX20j8pq0GSShxuUpwfX24IjDVrfuOh84Zls6zOoNq4no7BtB3LJyixMR8aYTzqxNLjoUVThd_Nr73Q0d4Z9nU-6tEw3ftMoHpFQMPxTukKuKpBhJHG4RLQP4Wfh3BQWligdO5NzxTyRJ4W8wdnwyh72SQ5u308By3mvDK_jtP7ieyKl-oUCJxa9O5_q-naHMsXsBHfIolZSNIlp9CUuIp_fqWqfKN8Cuv1IEirzwBEk-0HNZQ99pIuGxdivDS_cC6mlWidbg80BVV57XUe_9IFbAl16uu9sH45lsiB_4S7I_1uD37id_CWk6KTwS5NDYHMP9ryVTz2JgBebQzVP7rs_aUcBTjmrYPjPJzXU3fN6zw99IWZDqb9-pzJMnXSKtGcGY0FRV7KRw_ARcntpeDrYM8cFTmnPndmHtgujYMCGh79XhsPmyHcEhthAVJTaj5yDbhNXJax1KckOZXkKuBmzZLajsxIyUeHgzLi5pMFbGYTio-VqV6NcRggdTOePUHc-09H-iiiQrR8FKbuAVb4kLbgxAEj9Tycm--Pr1Q2eAoS4fJcvloj6V2F7OlipC4j_yiNgibf3C1xhv2endggdXrXV-sRRTNp3qDnevOeHub4mH4YaPZ70EmOQkAz4s-DJLsaa3RND9S9EtGUxCKRZIcwqibEhEDrdaXh57WKO7Q82AGJFgqGKA5O5wDLN4sRciMv7UbnFvULg4ZYlk-oDvExqvHzV0qwSEO_RPyS9NLVQYXjA8ymNWFbzUYRkJP6C7wDnq7W6CurEHAlmzODw6gaODegMKP9EfeKmJJEYSAchZFIHwQl3UTURFtOmTGYKLqUDDuNMjGI1JGrlz99KvppADMoTCFWNwsRolq19LYCub42uyLljUU03s1VI3r09v6PDoV9cGw6WOwP66lqg67_j2p7L2US7tw0tQbLmxvxmYbLEmma9tggwMud_1A3f2kaz0yjB-apTCCWP3rZEOk14pzWYXAye1SvInSmHnhyGPx5uEk6eaeDnMcoxpevEE9VriIB8spvAS15roe44OjTMXMiU5DiaO01UF0RfvWopYHj1eYLJtaNHLS-dQkyRpWPYrMLuaBxLkcYeRcGFE2RmiEXPUVgLSBsS9e9UxL2RIvjH5w7Ae58QyYkDdj9DRrlCs9-MbyMAXEMWSi5Pmkcuw_Anv9sb0K9I8wVKEWR3sK2w-zwyxBbo2wp2KTd7-7xILhr1hP57mEFrYJG8joeBKvf1ECQt-OEwehdsq22slFjX8ehTI1idmNurlP4WBUsQlKeW-qvdAN1dgZ4QkM6tLfCHQ5sG9t-QnkiVfAZX73f-lwDOu2puCx1Nvt6NocbCUSYraplLaR_YExb7GIJ7o70n8_LhgvNZH8EwbI7J2mnR4VO8RYr9dxvGBx8WldpMGwSdjfTydetDNNPyaFIfr-b3XY4_CqG58bn3N-jRUhgD8UUKdHZhK43N9qPfGKXMiU5gSv0uIhWdKwlVgfr_99WoGUH58nY9gUesddREcWo7Sb0IZuG92wwxM8Z28AjXf0IDf04QptnLVOAr5a-eJgqFggNrjbSTD0Jix3_h2F4o46maaDEvNfLA-HYyH6zUJyD1SVZEp2TRQiQl1ir5UnxWz3so3MgzRU8NKLyIV_xPbbTXwnyUhcpWai5MqHgo-eyAuXDbnPTRZVCmzyXKUYrZ4POop230yLiwjlt6DWZ317sqhrdyyb45Ck5RPWmlyoIyJ1LXw4wRBajgS838SS2GKmtX4qRCr_cxEizXtkpVem1zskEUl3_-NEc7jlqa7A82F3tk8ceoEAlFpWLSOFB93yDwZ2J-D9LrKx0M7eTtAvzN41sZOwwimw8R2ouI1ux0pZx9TJii-2goj4X1dUqx8N7jOkk7so3WAWNFgXiK65d1rv41xZck9LDDb-eztTYQeDnymWBSllZeD6ozPgNxIGhZBGqjwLCnqt9MbRu7d3jdjjWuBTP5VABOVdkarFRB5A6xqZ6Sh4V4sEHuGXzyuH89GLQsxLSsiBFV9OQqX0GjAJfg1f67_AhC-UJ_25iAMqReEGiVT5lLFEIbAhep2a0z4IDpyAxJpOqNpLSoeb9fBbOe6a_VjGxaYdWAhkCcMcu-c5ZIM3GcNPbMWbyAWmO8mOLjXLpY7RYt91TZxfpWePUJ64XJFjVGlEJMCiSzLbnhJyEfsgleRJuzELZ7GImJ9rJYb_tF9wgjhmiPlr8RNHeTM5MMOcHi_s-V7W0qfr5RO9soxNvPbxZmE_IQn-4VIYXb69G4DULTO-CeVPlA6BEHCNHyAojwUyIbr4xYs5I7WncbU2w1iiolPKI0kZBjkN2ohyVkWImj3nJ5lQ5jTeHc9-zBUEqNuCaCCi1k9ERnc5WA1xUZ5mSxX26QyB2V0riSJYPtNcz7QP6OCJIR75GXEnFt4lP9BAf0-98AGu9aAT0gLk1mKi3sCeoCLWxRtI4AoOffGN62yDp67xs&cid=CAASEuRoMWwWLVjEqRVIT6zGzjAlPA&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:43 GMT content-encoding gzip x-content-type-options nosniff age 336 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:14:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame CB5A	22 KB 8 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1cCsjWmrlM73h8Ud7wWS3DalcqFbK5BfQsCYBbC-P5VYQ3n7DdN1vJfDyqTlNy2Iq-kPZwDrO5dJPkAtOg6xz9VyoGymYapam4nA3LTYRaGq0AVrUFWUUm97RFUt1qhfSWuNYnt_EF3azseQBhaCUX7dUUw&dbm_d=AKAmf-CEuVbJlvWh5uDnlTYh2MkryA5_df7jHed-E2vay7jxE4cmUbBj5NJ9Gq21EbG_IWm25VgVmzVpqYaj8ro_BQ9VmNaS9IgAe_9nEC833IyvDu79YxuJhEYGg-ET8CD0SG7YFai06F_qZdW28RTrngmjR53iZCp6Up3imlE8andTqGYw5kkSM_szpkXgBUA7tauyLD1rxOHo6bnkCngHCDKRwzlAnOXVdiDnen0gWBP_iJh8qQUYAUtvSfCBC0ZhQfje2BWVrxTGUWfVh12yXbBObKLXVhtlxZbhNEscNOYkg9DkEtxKCZD4UynPylpWY8MOwSbOFP9twKF3sLP8E8M13iMK5aNQfpdG5AoPdNywEiMSxgIB-xaA-FrOTwVoh7hVg7ycMU4jzTODnOnxY06C59r55VVfEpt88IQoxCGmkSPU5YH2T0qsbLOefYbVcc92arrwd65sy9PpC16zcR6XeYL89e-VLR1KwAWxkr9rpkHAmiwh6J1wKHtjKKKkqPNZVuxI8YrSnIdHBS-De_p2CL0kng2_xrq-uNHqDoTbuhBFZZjIKNEwLZFMLo9pz26wl7qOJKxoEuddnV6FBfkYxIsVOKQoEIqqAG2smM8fnk_jybPoJcM4IZakosQG19-U7Ok_XDFVqdadyUTBeSuz5lZmw7X53F_5Knvx66Mrz7lC4BIWZapR4-CMt5-LHeBSwPKB-XOKcsCfbpPN1i205BttLEAs7RzTU0SqbHc9IV9TEoTXxxHSxFLjgnEoMcc7nrZ-_JmOyHhzlTTANrRlvRltXF-1tW6nf9k4GrLR4V6fOeSXsFdYyoSL4-AdYZZwWGcTUR-jGzJWZMmcfQWgKLyCn8mfDZIh2MTS1NAmkLM8CYoTk8JghjkMWZ8S81LeU_GTGcA92A1RR1pSyObBI3PQ3qy9b9ivGROWTYQ4rN-2iFj5KqS2e1_xSSJJRyLS2vjMbasiV2bQ9HhObIvS49tthQP97wsFY3MfDrNLVCXZhSy3BjcVbhXbJgeHZ97sagGAcOCUZb31_cX20j8pq0GSShxuUpwfX24IjDVrfuOh84Zls6zOoNq4no7BtB3LJyixMR8aYTzqxNLjoUVThd_Nr73Q0d4Z9nU-6tEw3ftMoHpFQMPxTukKuKpBhJHG4RLQP4Wfh3BQWligdO5NzxTyRJ4W8wdnwyh72SQ5u308By3mvDK_jtP7ieyKl-oUCJxa9O5_q-naHMsXsBHfIolZSNIlp9CUuIp_fqWqfKN8Cuv1IEirzwBEk-0HNZQ99pIuGxdivDS_cC6mlWidbg80BVV57XUe_9IFbAl16uu9sH45lsiB_4S7I_1uD37id_CWk6KTwS5NDYHMP9ryVTz2JgBebQzVP7rs_aUcBTjmrYPjPJzXU3fN6zw99IWZDqb9-pzJMnXSKtGcGY0FRV7KRw_ARcntpeDrYM8cFTmnPndmHtgujYMCGh79XhsPmyHcEhthAVJTaj5yDbhNXJax1KckOZXkKuBmzZLajsxIyUeHgzLi5pMFbGYTio-VqV6NcRggdTOePUHc-09H-iiiQrR8FKbuAVb4kLbgxAEj9Tycm--Pr1Q2eAoS4fJcvloj6V2F7OlipC4j_yiNgibf3C1xhv2endggdXrXV-sRRTNp3qDnevOeHub4mH4YaPZ70EmOQkAz4s-DJLsaa3RND9S9EtGUxCKRZIcwqibEhEDrdaXh57WKO7Q82AGJFgqGKA5O5wDLN4sRciMv7UbnFvULg4ZYlk-oDvExqvHzV0qwSEO_RPyS9NLVQYXjA8ymNWFbzUYRkJP6C7wDnq7W6CurEHAlmzODw6gaODegMKP9EfeKmJJEYSAchZFIHwQl3UTURFtOmTGYKLqUDDuNMjGI1JGrlz99KvppADMoTCFWNwsRolq19LYCub42uyLljUU03s1VI3r09v6PDoV9cGw6WOwP66lqg67_j2p7L2US7tw0tQbLmxvxmYbLEmma9tggwMud_1A3f2kaz0yjB-apTCCWP3rZEOk14pzWYXAye1SvInSmHnhyGPx5uEk6eaeDnMcoxpevEE9VriIB8spvAS15roe44OjTMXMiU5DiaO01UF0RfvWopYHj1eYLJtaNHLS-dQkyRpWPYrMLuaBxLkcYeRcGFE2RmiEXPUVgLSBsS9e9UxL2RIvjH5w7Ae58QyYkDdj9DRrlCs9-MbyMAXEMWSi5Pmkcuw_Anv9sb0K9I8wVKEWR3sK2w-zwyxBbo2wp2KTd7-7xILhr1hP57mEFrYJG8joeBKvf1ECQt-OEwehdsq22slFjX8ehTI1idmNurlP4WBUsQlKeW-qvdAN1dgZ4QkM6tLfCHQ5sG9t-QnkiVfAZX73f-lwDOu2puCx1Nvt6NocbCUSYraplLaR_YExb7GIJ7o70n8_LhgvNZH8EwbI7J2mnR4VO8RYr9dxvGBx8WldpMGwSdjfTydetDNNPyaFIfr-b3XY4_CqG58bn3N-jRUhgD8UUKdHZhK43N9qPfGKXMiU5gSv0uIhWdKwlVgfr_99WoGUH58nY9gUesddREcWo7Sb0IZuG92wwxM8Z28AjXf0IDf04QptnLVOAr5a-eJgqFggNrjbSTD0Jix3_h2F4o46maaDEvNfLA-HYyH6zUJyD1SVZEp2TRQiQl1ir5UnxWz3so3MgzRU8NKLyIV_xPbbTXwnyUhcpWai5MqHgo-eyAuXDbnPTRZVCmzyXKUYrZ4POop230yLiwjlt6DWZ317sqhrdyyb45Ck5RPWmlyoIyJ1LXw4wRBajgS838SS2GKmtX4qRCr_cxEizXtkpVem1zskEUl3_-NEc7jlqa7A82F3tk8ceoEAlFpWLSOFB93yDwZ2J-D9LrKx0M7eTtAvzN41sZOwwimw8R2ouI1ux0pZx9TJii-2goj4X1dUqx8N7jOkk7so3WAWNFgXiK65d1rv41xZck9LDDb-eztTYQeDnymWBSllZeD6ozPgNxIGhZBGqjwLCnqt9MbRu7d3jdjjWuBTP5VABOVdkarFRB5A6xqZ6Sh4V4sEHuGXzyuH89GLQsxLSsiBFV9OQqX0GjAJfg1f67_AhC-UJ_25iAMqReEGiVT5lLFEIbAhep2a0z4IDpyAxJpOqNpLSoeb9fBbOe6a_VjGxaYdWAhkCcMcu-c5ZIM3GcNPbMWbyAWmO8mOLjXLpY7RYt91TZxfpWePUJ64XJFjVGlEJMCiSzLbnhJyEfsgleRJuzELZ7GImJ9rJYb_tF9wgjhmiPlr8RNHeTM5MMOcHi_s-V7W0qfr5RO9soxNvPbxZmE_IQn-4VIYXb69G4DULTO-CeVPlA6BEHCNHyAojwUyIbr4xYs5I7WncbU2w1iiolPKI0kZBjkN2ohyVkWImj3nJ5lQ5jTeHc9-zBUEqNuCaCCi1k9ERnc5WA1xUZ5mSxX26QyB2V0riSJYPtNcz7QP6OCJIR75GXEnFt4lP9BAf0-98AGu9aAT0gLk1mKi3sCeoCLWxRtI4AoOffGN62yDp67xs&cid=CAASEuRoMWwWLVjEqRVIT6zGzjAlPA&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:51 GMT content-encoding gzip x-content-type-options nosniff age 208 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8594 x-xss-protection 0 server cafe etag 7958287194716579593 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:51 GMT
GET H3-29	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	105ms 105ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_728x90_desktop_sticky_DFP&sz=728x90&t=Placement_type%3Dserving&1622830819736 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 1e028a971c5814cca22a485d852c4210e5b19fe6d814ad7341f7bbc117b5c45a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13065 x-xss-protection 0 google-lineitem-id 5665636522 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346491574 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame F02E	62 KB 21 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 992 of 1000 / last-modified: 1622804990" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21347 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 378D Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	35ms 35ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:19 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:19 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame FA89 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wj...	43 B 892 B	54ms 53ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNWvYfE59Y60Kp5CsWCBnXHF16ztVKHgKpFgDuvF_mK_G9Y0VVB8sCPnDEiyfTY0kkHGn4GrGrf8NAaiF1xCbmGFAHqTa49ywFRrQZ-XZonCJpyJawg2MW9ScTd94oPWM7BkYddID1jIor__4RekrOd7xjQ8BksPxh9aF--2tIqC8DpkrAyaqkKFScO14f4b-_zBwlnooI-T6gpvaoheQas6B-MO6Cz2JfX5nWdxtlZgXIGVGe-ibRNumHPQXTyv2MUPwNK6qsX6-iiXcFzDKbJowsqqXiDBj5_0LbemjV6O_z88-YGa8sw5NAahhWgAvCB4V7EIpRPFM-Ll3r5Mte4V9HU0HDLmYHlFQ6mN_QGgtHf32bOkfCL_JBnuBgDubNPtWkcyidDzDDOE2g6WiKwxax9hFNjbTgWIYGZapBEztdACWnUlmSRWxjEVGkEpDvN4DnfU5noKGv37YSn70FjhfdkQqSOjHSZryojSU_7R63WIb4L_oK5ipDijXwJlB9MMu3OAHf3SJYdpgTLSqHT1IYrukVKb-CzSlGo3y1NwVAts3CwyLDQq3XNU_gBZodicZjCqKE_yS4s_tIXfGenzqQJFDNw7Vd3mLiDd8ULTVCbgHxU Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:19 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 04 Jun 2021 18:20:19 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 686 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame FA89 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkF... https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wj...	43 B 1012 B	51ms 51ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNWvYfE59Y60Kp5CsWCBnXHF16ztVKHgKpFgDuvF_mK_G9Y0VVB8sCPnDEiyfTY0kkHGn4GrGrf8NAaiF1xCbmGFAHqTa49ywFRrQZ-XZonCJpyJawg2MW9ScTd94oPWM7BkYddID1jIor__4RekrOd7xjQ8BksPxh9aF--2tIqC8DpkrAyaqkKFScO14f4b-_zBwlnooI-T6gpvaoheQas6B-MO6Cz2JfX5nWdxtlZgXIGVGe-ibRNumHPQXTyv2MUPwNK6qsX6-iiXcFzDKbJowsqqXiDBj5_0LbemjV6O_z88-YGa8sw5NAahhWgAvCB4V7EIpRPFM-Ll3r5Mte4V9HU0HDLmYHlFQ6mN_QGgtHf32bOkfCL_JBnuBgDubNPtWkcyidDzDDOE2g6WiKwxax9hFNjbTgWIYGZapBEztdACWnUlmSRWxjEVGkEpDvN4DnfU5noKGv37YSn70FjhfdkQqSOjHSZryojSU_7R63WIb4L_oK5ipDijXwJlB9MMu3OAHf3SJYdpgTLSqHT1IYrukVKb-CzSlGo3y1NwVAts3CwyLDQq3XNU_gBZodicZjCqKE_yS4s_tIXfGenzqQJFDNw7Vd3mLiDd8ULTVCbgHxU Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:20 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 04 Jun 2021 18:20:20 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENhMnNa3yhje8dX6BR3FkJQ&google_cver=1&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 667 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FA89	170 B 188 B	67ms 66ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTZPHSFTZAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNWvYfE59Y60Kp5CsWCBnXHF16ztVKHgKpFgDuvF_mK_G9Y0VVB8sCPnDEiyfTY0kkHGn4GrGrf8NAaiF1xCbmGFAHqTa49ywFRrQZ-XZonCJpyJawg2MW9ScTd94oPWM7BkYddID1jIor__4RekrOd7xjQ8BksPxh9aF--2tIqC8DpkrAyaqkKFScO14f4b-_zBwlnooI-T6gpvaoheQas6B-MO6Cz2JfX5nWdxtlZgXIGVGe-ibRNumHPQXTyv2MUPwNK6qsX6-iiXcFzDKbJowsqqXiDBj5_0LbemjV6O_z88-YGa8sw5NAahhWgAvCB4V7EIpRPFM-Ll3r5Mte4V9HU0HDLmYHlFQ6mN_QGgtHf32bOkfCL_JBnuBgDubNPtWkcyidDzDDOE2g6WiKwxax9hFNjbTgWIYGZapBEztdACWnUlmSRWxjEVGkEpDvN4DnfU5noKGv37YSn70FjhfdkQqSOjHSZryojSU_7R63WIb4L_oK5ipDijXwJlB9MMu3OAHf3SJYdpgTLSqHT1IYrukVKb-CzSlGo3y1NwVAts3CwyLDQq3XNU_gBZodicZjCqKE_yS4s_tIXfGenzqQJFDNw7Vd3mLiDd8ULTVCbgHxU Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FA89 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzOTg4NTUyMDkyMDc2NDYxMw%3D%3D	170 B 188 B	63ms 63ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzOTg4NTUyMDkyMDc2NDYxMw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3z17QCEO7G27kCGPOUpaABMAE&v=APEucNWvYfE59Y60Kp5CsWCBnXHF16ztVKHgKpFgDuvF_mK_G9Y0VVB8sCPnDEiyfTY0kkHGn4GrGrf8NAaiF1xCbmGFAHqTa49ywFRrQZ-XZonCJpyJawg2MW9ScTd94oPWM7BkYddID1jIor__4RekrOd7xjQ8BksPxh9aF--2tIqC8DpkrAyaqkKFScO14f4b-_zBwlnooI-T6gpvaoheQas6B-MO6Cz2JfX5nWdxtlZgXIGVGe-ibRNumHPQXTyv2MUPwNK6qsX6-iiXcFzDKbJowsqqXiDBj5_0LbemjV6O_z88-YGa8sw5NAahhWgAvCB4V7EIpRPFM-Ll3r5Mte4V9HU0HDLmYHlFQ6mN_QGgtHf32bOkfCL_JBnuBgDubNPtWkcyidDzDDOE2g6WiKwxax9hFNjbTgWIYGZapBEztdACWnUlmSRWxjEVGkEpDvN4DnfU5noKGv37YSn70FjhfdkQqSOjHSZryojSU_7R63WIb4L_oK5ipDijXwJlB9MMu3OAHf3SJYdpgTLSqHT1IYrukVKb-CzSlGo3y1NwVAts3CwyLDQq3XNU_gBZodicZjCqKE_yS4s_tIXfGenzqQJFDNw7Vd3mLiDd8ULTVCbgHxU Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:19 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:19 GMT X-Proxy-Origin 82.102.20.244; 82.102.20.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.243:80 AN-X-Request-Uuid a21c71e5-32f1-4ab7-88f2-4b0cd0979fa2 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIzOTg4NTUyMDkyMDc2NDYxMw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame D4B8	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41200 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	t.php Show response c.statcounter.com/	192 B 611 B	151ms 150ms	XHR application/json	104.22.53.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.statcounter.com/t.php?sc_project=12470042&u1=75C8391639334FCD511B71E6F5C82956&java=1&security=e2edb273&sc_snum=1&sess=b731b1&p=0&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.gool-sport.com/p/blog-page_6.html%3F%26url%3Dhttp%3A//kooza.club/kp4cUWq&t=%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D9%82%D9%8A%D8%AF%20%D8%A7%D9%84%D8%AA%D8%AC%D9%87%D9%8A%D8%B2&invisible=1&sc_rum_e_s=2551&sc_rum_e_e=2556&sc_rum_f_s=0&sc_rum_f_e=720&get_config=true Requested by Host: www.statcounter.com URL: https://www.statcounter.com/counter/counter.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 65a32caffe2b10eb-CPH p3p policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR" access-control-allow-origin https://www.gool-sport.com access-control-allow-credentials true content-type application/json cf-request-id 0a79da41fc000010eb159ff000000001 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	default Show response www.blogger.com/feeds/293237636007103224/posts/	66 KB 11 KB	208ms 206ms	Script text/javascript	2a00:1450:4001:813::2009 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/feeds/293237636007103224/posts/default?alt=json-in-script&callback=jQuery32103174609697230457_1622830818260&_=1622830818261 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d8fd4ca36788f15180b698ce3180650c642c123ccbba674259ea1d7a52d26cb9 Security Headers Name Value Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info." cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10565 x-xss-protection 1; mode=block last-modified Fri, 08 Jan 2021 09:06:56 GMT server GSE x-frame-options SAMEORIGIN date Fri, 04 Jun 2021 18:20:19 GMT vary Accept, X-GData-Authorization, GData-Version gdata-version 1.0 content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=0, must-revalidate, no-transform expires Fri, 04 Jun 2021 18:20:19 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 49C4	31 KB 10 KB	39ms 38ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:19 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28820 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H3-29	200	container.html Show response 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE04	6 KB 3 KB	6ms 6ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 04 Jun 2021 18:20:19 GMT expires Sat, 04 Jun 2022 18:20:19 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 1767	73 KB 28 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622805992319560" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28149 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 1767	10 KB 8 KB	34ms 34ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2210a1e01ca740ca029fdf9bf9096b4d011747f1b86813e7013207aad736b121 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7695 x-xss-protection 0
GET H3-29	200	2f9e24b38db3bbeafc99af7f203b36a2.js Show response s0.2mdn.net/8945087/1608572807667/ Frame 5ACD	71 KB 18 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/8945087/1608572807667/2f9e24b38db3bbeafc99af7f203b36a2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8945087/1608572807667/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 011e4326e1d86f5e8df435fa462d8a8d32267a30ad6ca29ce84aaf7af31ab29d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/8945087/1608572807667/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 23:16:11 GMT content-encoding gzip x-content-type-options nosniff age 68648 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18353 x-xss-protection 0 last-modified Mon, 21 Dec 2020 17:46:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Fri, 04 Jun 2021 23:16:11 GMT
GET H3-29	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	112ms 112ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_300x250_DFP&sz=300x250&t=Placement_type%3Dserving&1622830819896 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 10ed43efcc44b6809aec95b59010d74e9a853d1ec44648058f8a336f0fc43122 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13057 x-xss-protection 0 google-lineitem-id 5665632364 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346050833 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	122ms 121ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_300x250_DFP&sz=300x250&t=Placement_type%3Dserving&1622830819897 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 10ed43efcc44b6809aec95b59010d74e9a853d1ec44648058f8a336f0fc43122 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13057 x-xss-protection 0 google-lineitem-id 5665632364 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346050833 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	adx Show response pubads.g.doubleclick.net/gampad/	56 KB 13 KB	105ms 104ms	XHR text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/gool-sport.com_300x250_DFP&sz=300x250&t=Placement_type%3Dserving&1622830819897 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 10ed43efcc44b6809aec95b59010d74e9a853d1ec44648058f8a336f0fc43122 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13057 x-xss-protection 0 google-lineitem-id 5665632364 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138346050833 content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	t.php Show response c.statcounter.com/	192 B 424 B	512ms 511ms	XHR application/json	104.22.53.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.statcounter.com/t.php?sc_project=12470042&u1=75C8391639334FCD511B71E6F5C82956&java=1&security=e2edb273&sc_snum=2&sess=b731b1&p=0&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.gool-sport.com/p/blog-page_6.html%3F%26url%3Dhttp%3A//kooza.club/kp4cUWq&t=%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D9%82%D9%8A%D8%AF%20%D8%A7%D9%84%D8%AA%D8%AC%D9%87%D9%8A%D8%B2&invisible=1&pg=0&get_config=true Requested by Host: www.statcounter.com URL: https://www.statcounter.com/counter/counter.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 65a32cb07f4110eb-CPH p3p policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR" access-control-allow-origin https://www.gool-sport.com access-control-allow-credentials true content-type application/json cf-request-id 0a79da4249000010ebff0da000000001 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	t.php Show response c.statcounter.com/	192 B 447 B	157ms 156ms	XHR application/json	104.22.53.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.statcounter.com/t.php?sc_project=12470042&u1=75C8391639334FCD511B71E6F5C82956&java=1&security=e2edb273&sc_snum=2&sess=b731b1&p=0&jg=0&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.gool-sport.com/p/blog-page_6.html%3F%26url%3Dhttp%3A//kooza.club/kp4cUWq&t=%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D9%82%D9%8A%D8%AF%20%D8%A7%D9%84%D8%AA%D8%AC%D9%87%D9%8A%D8%B2&invisible=1&sc_rum_e_s=2629&sc_rum_e_e=2631&sc_rum_f_s=0&sc_rum_f_e=720&get_config=true Requested by Host: www.statcounter.com URL: https://www.statcounter.com/counter/counter.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cf-ray 65a32cb07f4210eb-CPH p3p policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR" access-control-allow-origin https://www.gool-sport.com access-control-allow-credentials true content-type application/json cf-request-id 0a79da424b000010ebff0db000000001 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame FBBA	284 B 536 B	49ms 48ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 2E2C	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34737 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame 6577	668 KB 165 KB	49ms 49ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:19 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4754 cf-request-id 0a79da425a00004e31a3a53000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=T9A%2FoZuVdJFbBe5PqoqgKg%2Fak9HDLxWpcVrouGN6b4QZOqzi4FDV4hgOaIMf92brNC3gB3Ww%2Brb54cZ2eAFPQvaPhfWmDFXGE9qQcUIqYorytlj9l1gz0p00IZhMcPLMt68X"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32cb098eb4e31-FRA
GET H3-29	200	index.html Show response s0.2mdn.net/8945087/1608572807667/ Frame BEA0	19 KB 4 KB	7ms 6ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/8945087/1608572807667/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47acae7bbab97fa27ae26152567d74c72952ec6696eadbd01ee71b2f3b4a9426 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /8945087/1608572807667/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin content-length 4418 date Fri, 04 Jun 2021 09:27:20 GMT expires Sat, 05 Jun 2021 09:27:20 GMT last-modified Mon, 21 Dec 2020 17:46:47 GMT x-content-type-options nosniff server sffe x-xss-protection 0 age 31979 cache-control public, max-age=86400 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame CB5A	0 24 B	95ms 95ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1PL0RapMbC18xKALRSlaNlsocbF4er1GkSz71Cr5LzqogfS2PBLCnSPnHZFxnt-m8bXzpBl2kiwePn7pNW3UuiGZAThh62QZXR6PFXc84tpxZVhsGsv4aO5EslOom_iR2zm3ucKgvnaiyNqSuFHucR6Os9wY7gXgstoJiG1mOECCwCF_QHX8a-6Ztk8xs1BOx6l5A4L_QMrceqqRNN4lQGeXDR4O6MZfsE8Wn34VTckG_H2u2-gHShM7LUGTxwb4ZQRbcTHqtdvjchDI_FvQzRRSlBA6DD_f3M1x89IjlbDS0i4lwYHachmH_J6imonz3EhClPd1952fr3nctEzo1xOMFo8P1LMbPoqIpt6coQTh57a9RqzORum--u_R9xZyIItpX2HQRu4vtredeAVcs_eMTnZTIFVcu7ou_V1-5iEQGmYLZaLxbawWGygyt2DbMeX5xyPIWluuwCLinEw9xn4GlJijgeC4jOk0Oyh6tUjTvLmiSYvSgJIMW3QfOmtiqUUNPOw8wlqfe135jOggLHXOiZdC04J0e3LAsGN6bjzR-v58lGCwuUBezYZPlFQDWfWONTP24Uo9z3pWrtTA9ppSUYpREV-KhMipCpRZsOeZRc6NNlrMLhuiye_jAsuu9F8qp3chhXy_5Qh_mtZ_YSx75nl9LMYhH47g4leahaN2wX0XgLCTfXFUrjYBIUnnRpYyVOCXRkSgLUkDc3iK2W7tYrPZY6-RHyUrK73TJOKzGX73Mu2BKRn7SKFxWOpnXIDnoQ3MA61Z0RMSsLTfHTHzQX1vzsjHqYfXLKNS0kv4YZHHGxEOw-CFVH18dyvWIowGZCDx9OmV68EOwvaZK7uOC4FWowNHrvSlk75Y68P5c9f_w1qjbKxwp8H4YOrF2KXVYp4BbpKTW_N5WfpN-EM8vif4_z5eRcfl2dtLrFxZi4Q6Zw_KShkJ32wFYEY14r_2ZGvHAQCM0E0K_G38vlVc5BopvAppMMVJChLlzevVkZK2kltHPuQnzqOYzGyN783ii8YToOEl0iZa0zsyOJH0AvWeRbu6Wp9Ih33HbZuwjIczO4uzQpAYlc8jTchJ0NNYdIKT8oLYU9V9G57DPslgui5-BpTYRGewahO3XQXK8WqSAQg8rx6kP56Q3BB9VPybj6i3ihp21UXCxc5Yz3_d_40rGetE10x1X&sai=AMfl-YSR0gs5APRTUO5eCTXYLtkXSBslU0gjhtSeQt2kwTAvDkUz7wPgsAbipLaR3hJhQMeoyYdb9YpBmqgq8RZBsK9ZJSCNOLeMILEtgBllwrfIKwNb5qH2yho0w1Rk03Xj-US2ydm3gOUtYSvYJxuR7lepQ-62xQ&sig=Cg0ArKJSzAIsSUnWR8xqEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=219&cbvp=1&cstd=218&cisv=r20210601.05274&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 04 Jun 2021 18:20:19 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame 1A60	107 B 122 B	28ms 27ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame 1A60	107 B 122 B	28ms 28ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 1A60	14 KB 8 KB	247ms 246ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3742080238195216&correlator=1427156630931869&output=ldjh&impl=fifs&eid=31060437%2C31060988%2C31061357%2C31060991%2C31061149%2C31061167&vrg=2021052601&ptt=17&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D3a395bc5b81a85d3%3AT%3D1622830818%3AS%3DALNI_MYD_d5gPGef1Gvsa64kLTzKXJoK1Q&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830819&dt=1622830819949&dlt=1622830819303&idt=639&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=150&oid=3&adxs=601&adys=5779&adks=2312238337&ucis=o16x1chfu2iq&ifi=1&ifk=3286901705&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x150&msz=728x0&ga_vid=1904851795.1622830818&ga_sid=1622830820&ga_hid=601070827&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 1a2ae301d95c4406dfdae41015cd8902b8294b836fc678cb382b5ba189707ea0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8108 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1A60	0 0	56ms 25ms	Other text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame CB5A	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com URL: https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41202 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET DATA	200 OK	truncated / Frame CB5A	208 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 59da67a6dc244b89494e7b9519b7aff90b2dff49b4622c565902d9d6274d515c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 1767	17 KB 6 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:19 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:19 GMT
GET H3-29	200	pubads_impl_2021052601.js Show response securepubads.g.doubleclick.net/gpt/ Frame F02E	311 KB 109 KB	74ms 73ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 26 May 2021 08:37:30 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111649 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H2	200	css fonts.googleapis.com/ Frame 5ACD	1 KB 493 B	28ms 27ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oxygen:700|Oxygen:400 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8945087/1608572807667/2f9e24b38db3bbeafc99af7f203b36a2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bc9b412e10757e146d45545021a3f27724614cc3baeea6e2337488413eb1afe7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 04 Jun 2021 17:49:33 GMT server ESF date Fri, 04 Jun 2021 18:20:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	99c3ec2823c3b36ed8a4aace502a39c1.svg s0.2mdn.net/8945087/1608572807667/media/ Frame 5ACD	355 B 264 B	7ms 6ms	Image image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8945087/1608572807667/media/99c3ec2823c3b36ed8a4aace502a39c1.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8945087/1608572807667/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f43b0f0e166d6226afc034b872040c653dc5a0fbb90168baecfe6037df92acef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/8945087/1608572807667/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:45:48 GMT content-encoding gzip x-content-type-options nosniff age 41672 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 240 x-xss-protection 0 last-modified Mon, 21 Dec 2020 17:46:47 GMT server sffe vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Sat, 05 Jun 2021 06:45:48 GMT
GET H3-29	200	0af4bbb4655c84a7be7d11829fe67bac.png s0.2mdn.net/8945087/1608572807667/media/ Frame 5ACD	4 KB 4 KB	7ms 7ms	Image image/png	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8945087/1608572807667/media/0af4bbb4655c84a7be7d11829fe67bac.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8945087/1608572807667/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 357244b1b5765a2727d61c26cbbdadb6b6f71967bfb35d5489243fd78387310c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/8945087/1608572807667/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 19:09:25 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 17:46:47 GMT server sffe age 83455 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4229 x-xss-protection 0 expires Fri, 04 Jun 2021 19:09:25 GMT
GET H3-29	200	0aca5824ef68ea7593d3cb226bfa15c7.svg s0.2mdn.net/8945087/1608572807667/media/ Frame 5ACD	1 KB 696 B	8ms 7ms	Image image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8945087/1608572807667/media/0aca5824ef68ea7593d3cb226bfa15c7.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8945087/1608572807667/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27f160ca84b06148c29c4557e64ce173cbb502a8cf0f2738b1aba580edf03a84 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/8945087/1608572807667/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:12:51 GMT content-encoding gzip x-content-type-options nosniff age 449 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 672 x-xss-protection 0 last-modified Mon, 21 Dec 2020 17:46:47 GMT server sffe vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Sat, 05 Jun 2021 18:12:51 GMT
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame F82E	107 B 122 B	28ms 27ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame F82E	107 B 122 B	28ms 27ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame F82E	13 KB 8 KB	339ms 338ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=525773756496275&correlator=1030784315324564&output=ldjh&impl=fifs&eid=31061161%2C31061224%2C31061359%2C31061167&vrg=2021052601&ptt=17&gdpr_consent=CPHSFTjPHSFTjAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D3a395bc5b81a85d3%3AT%3D1622830818%3AS%3DALNI_MYD_d5gPGef1Gvsa64kLTzKXJoK1Q&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830820&dt=1622830820006&dlt=1622830819288&idt=692&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=150&oid=3&adxs=1169&adys=4367&adks=1591402378&ucis=klv32sm44ltn&ifi=1&ifk=4288846136&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x150&msz=160x0&ga_vid=1904851795.1622830818&ga_sid=1622830820&ga_hid=1453053161&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 263755acb50587497774b0793bb8fe87c1b65d8d06dfb9610ca03bcd77fb25ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8039 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F82E	0 0	57ms 27ms	Other text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 49C4	284 B 536 B	45ms 44ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H3-29	200	container.html Show response b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BE94	6 KB 3 KB	6ms 6ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 04 Jun 2021 18:20:19 GMT expires Sat, 04 Jun 2022 18:20:19 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 7B91	73 KB 27 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656037121142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28114 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 7B91	10 KB 8 KB	33ms 33ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dac6d4bc0590e8b43d43bf47fd1cacc21d1f675289422f6022feb98705bf837b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7678 x-xss-protection 0
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 378D	31 KB 10 KB	39ms 38ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:20 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28819 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 48B6	2 KB 613 B	30ms 30ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNWmHdFIK27ycbqkazdSjlc65nsxw9Q4c34Z-cmGzxaWA7QAksS5rSTz1xB6D58loaYNNMmIDgqJkGXTkzKsqQ8xBr1ib1XRbIgPNpChd8RA766UxDhkdKVGHGbkM5q9lR1JvIt3fyFeBmqtvpm1lXsfd_TE43-fQo83kXNkfSeFV0ZD92oEOuBRJ5PO35v8A1cb-tDwRLiIHvO1-SmHGKW5__U-OUx9KfWBJ7DUWu51WGYt-JlzNmCnOcp6gHvlq-k0MdYP6T2s8z4hMnH1gmniPRHHJ7SGZ6InCV6v_vyWqGWEPJxkI6uzhEbtRVLh5l7tthzn0NINe8QIkei1WvLe_K8bRgdN6x7DnEPaL4RvL3_GKB3NdGKd6RVv7SoWRKsQuE5J4z0_cUbywv9CUsbsuaPA5lcbBsCAX66TdMZ--qEl-Q-Nl3o8aHYm8d0WD8bUYJSy1PXNuA4ug987x-K0oQ9p5y21wDAbZetemy2pGkT7VSprDQg8rH0ArO_hkwBOrWhd2dTqsdIQAmCIIywlD98r4IElMmu513j_IbS7lSQXGzjM3ur_cyYKDTnuRbYRUIbTUcyU4TxnQ2r1lCQB8DPSlAIO0mt4geseRK0ZQzBCULg Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e7682384c7d68a80db614da064ace56a7c27e3f94cbb92a424bcc9a8a47a83c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNWmHdFIK27ycbqkazdSjlc65nsxw9Q4c34Z-cmGzxaWA7QAksS5rSTz1xB6D58loaYNNMmIDgqJkGXTkzKsqQ8xBr1ib1XRbIgPNpChd8RA766UxDhkdKVGHGbkM5q9lR1JvIt3fyFeBmqtvpm1lXsfd_TE43-fQo83kXNkfSeFV0ZD92oEOuBRJ5PO35v8A1cb-tDwRLiIHvO1-SmHGKW5__U-OUx9KfWBJ7DUWu51WGYt-JlzNmCnOcp6gHvlq-k0MdYP6T2s8z4hMnH1gmniPRHHJ7SGZ6InCV6v_vyWqGWEPJxkI6uzhEbtRVLh5l7tthzn0NINe8QIkei1WvLe_K8bRgdN6x7DnEPaL4RvL3_GKB3NdGKd6RVv7SoWRKsQuE5J4z0_cUbywv9CUsbsuaPA5lcbBsCAX66TdMZ--qEl-Q-Nl3o8aHYm8d0WD8bUYJSy1PXNuA4ug987x-K0oQ9p5y21wDAbZetemy2pGkT7VSprDQg8rH0ArO_hkwBOrWhd2dTqsdIQAmCIIywlD98r4IElMmu513j_IbS7lSQXGzjM3ur_cyYKDTnuRbYRUIbTUcyU4TxnQ2r1lCQB8DPSlAIO0mt4geseRK0ZQzBCULg pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUmmGTrH9HAdupfiwyjqcOUHH-zdTjbVhTZEuB4r04nYkw-Cnc8VE77jYdRnuTQ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 04 Jun 2021 18:20:20 GMT server cafe cache-control private content-length 592 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame AE04	64 KB 24 KB	73ms 72ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay7rRLPcD6mkqYlXx212M1M1V98ySpVQOzuM05J54VNVLBDbCFLJKga1jyKWeXtAg4yVdl4Nj3yRhihib2dUA3gsAqkylS_D1dKqCwY6BKwU3oLxWj5dthREAn2QIlvo10xVd4PYWCiQEdIqhtc7pUChCrsA&dbm_d=AKAmf-A59aEV57TKz8_P8fBCbp0rhAaNvwgrrY7Dq8IHpD0PmH71S5tafyYEuPFtmfeokImhoqH8y8c2K_Ob4yt441zDEwqn57wsXL_GYRmQs-WgA-i7Uo-99uLWLPM5T4_12oQx7GYzxXS1iH2u1LbJiLt0_nKNQShHApPVZhknUm44JNTayM9eKX9NvhhWBrzixz-9tslB2N_w1JngAAyh2j9if5e82S_GMszJ4xjd_7-_mh1ikBOCvmTXnPAs5kZeQn4if1wcO78j_QM1dU_8S4VCF5oI5-oYrdaU6JgRxzfcHo65_MRNMa9vIqz-hBatN5GxDErVbf9z6srXDrRNcahgyI2OW1LtQ2V_ITf4HRmbJYQBwwYlvhpwwy98edPP8otAvflNpApAwhFDvIx1NzuRw7wgJKzM22eAovNINxEioZovqv9Q6YzpR8DytD7uHkYh8cWEygYiHfhWUzgT2L6r-htghw2Uepl8yUYeFxGdQq9L-Ol4YZupmDr5Ze7G7dfe0KgnIaBkROZvpspwkGCj9nyjN-2-Rg2gCtVw8oBk-m0GaJIkLxKATtBWmKuOAZGSphUPJGSJq8HLDM-VfIpxRkJKHAPOmJ3dPzQFA3vO0OIqtX6LPMJkE3JF8O-tV3ptGHdtWOt_PTnQEgK39PvTuAlk1ndXfLa4Mtm_y-KSfolcKAJtXRA7DHf9drYeWsFDT-iBLqj65pMvxQYMspjKD1fNGj0jdu8G-ffXapGoDg7StXVak3erGzzbkIeizBD6kUSqV-Mgbti89bWnPz1WQRzJ0-gsJoWt9WkoQUsanvV7HqSgl3SWiU7OtTDn87g4x6RSY8tTdbNo4TnRn97bqX22r7yffJu0lE9z5CGZzFOzpnIJyb5yFhSqaR5D3tdQRVn8s8-d24GG1A06BC3KQ_ZdLAMaIl_YnnTbqYSO9xVGOghGGILIzHvkXkav4zpxG-laiD0Jp-DeKkl13hy_bNFEALtKapwRUcCjbWzFLKEcB5ydPeRHUUCjB3gXujdW1WGbCM1Kqrtkk-SQ7tAHLWMIXzjXZ9rvi6FPoYuDXcDQ7Ewlxz2jneXlSIWuJKRbM3Rqva3AHWLI5oywZiLm-cLLWQFEntKf3G9YzOmFLmAnpVOuWuo0TW59tukrDf3jqM8PZE-cAJ9lB9YxykL11Tjwe_MFJPdR-yKyiES3FffX-lkaTK8RdnOp_aKFeP2bWouXywDgsRb5vHmFisg--MAaYe7BJgLcOdD0ScWrN7uqHwVy9DP5UvX5LR8wC_Pe9x-KuYaIOIExX1IymgZeHT1hewuO0CoTi1XeXNTwejzDOYFD7_PAgHRZd7trtO1g2NjU61uYmhOxgSti5m-UHJuqAYxZZXmwdvr1VeHbzgfjFqFmKtJCgQDA9XyPeEtdAw_fb0SPQ4OBSJuweJm5QSshnM9eBiA_kbYC_WZKBVeQf-D9v17tfAqr-z2-pHeJwWjXVAirzdVFcg3n3XmyrZUI7CJ-Ua8aJkmG8BWSmmZE4t9kgXjUAueO92wyhBGojAONzoTvLEGkziy6NbM3t4ihvfSY8FQv23-NZby5vINos6KL63CKL7gaLGy0FbtAMbK7pcUjLG8GuOUhCqtjb3gNYh3N9BL99Jrjsn9vWp5FylPi0jtE0qMaDTh8S91nMNjYNrMuMVuB4QKITtK2fn2MPrE7CRDpk5GM_uxhf3obfrugsHrZhQvpMgwY3xZLXmPG8jKVVi4NQLSfvRD5nmml2PcolyQoI1RIy3rVKrLeKcr5TQFud7gcVJfAQ8h1Fg2ffFjBzz4XSP9F2bEPP-Hx1FME0ty3SPiD1wO4MHG2rqeeMYGE9Dsw8RtrdPWqshgCw_x4jRuC00T2yurQ8hPK6X0eHZOo6LwON7IeLJiwalbiOeoVtVesoznvIs7j6tADcVm7gsRComiUjibuuQYxoucdgtUGKnawQTqIAE9lcEN8oCXr7mFuqbkYAkAXCU_4l7sHy83isAGL-f2LnVNL6koH9dqvouSOlP2pVHS2C3xRvxY_MG_ik_iO3hkj0MQv6vIUzTn0XCYcRQ83-ToPa3I89PmdT6FYAcieHCk1RuWP3LhcKcC8jniBLgOe9QdF4K0KtiCKqgIIhQ3p7P7byEmlm_zU_vK3o-pO63z9fDOk8kY5INd2Nw_uYsFHyMOg5R4j05pfJ0iH4iJrQKz6w6si8hRkWqoc2PxgjjVN3QAQX6-pk78xbHsqBv8TdP0dMrNLWyQX_WhVc6k1bdB3WL5wwEq4Jg_bBQpKisDoM58E7Jg1zxL51nQXAK-QQ5yS1GrZD6swpBBjvcA0AwdZRqAeL3D196lPTOUom7mS2lhx1o_A72fO0h_YLXQUS08JTgjv-D-dxiWpU-8upnZdX8hT_HnpMbCtNOQuS7mfn2yby12fRoSYhqy4rtkfP5aqF-7WmJyZbzkqPqswH4U6FhC3338WUTQwloF4sE2Z5_nKzlbRn4OM8XXg1gsaJFZXrtJkuDDwDyX6fHkHm6knaSbrIWBxQBgfMcnhJV_pBHYcXx7r4LqbHrgfXFI3ZaJxIyR7TPOB-KO-OglaXGiXN6X2u3C9QSHT7P7kYqw2prAXRBBkUFhaTYKVfwVaBw-TLpNek-F6-fCVECZaustGw3i02KTI1SGUNowKCBgTfMfERBK0kpoCFIpCm6UiHuJyLehiivOASr-AF-9cFCFgmofP4lz-gFf7f3kK02yoE25-9YMS0E7XVLffpa095ReuxGzMaXIo4UsHhLR2it2BR6Ygc-5ZmIO9a09buncqUp0XTIJBJVAxh6Sml240l2oqb77lzyiIyK-TRhOJn_LNIYe8UDqdTSUAFWSIl3ftERfuNuuUrLqh5xrHJwfsQH1fM9L9d5Qw3wnYzRQLxJB70jpouoQ75w7oo8eAiIovfa_GW_o93T-bZDAbOxFAD_FfuTlgmeSxPMDzWWfRxldD66SOX5ZOKqSSPa2VIeCikylj78dopAJ_KqksesbkwqMkdPLy_kq8PE-ELmVf3n_iDa4wgghxhtmfKNEu8_Yyr2cdWlB11W309DZlqzhcH6hPam2HfcroRwKDaZwQ_kpsvWaJ690gYQYwVa2N2uMsrT97JhN5eo2Md2PFOmD-uhY_JzMZOAlGm0NZnsDgmX7Wq0VoezJD7M8KgR6TricFdCW2PaWt-Hfq9386hUKxCZNcDBURCotGvJjm3S2Sw2WM6ByN5bPDGYvEzc_uaPbtmgwR9yf9F2KCyHksUNYWnvBSJgn0JbDGDm-4XGKuCYRSWHBhYcxsoBhcL8C-Qtuifv1-JbM9MwidAwFTYSy-drdqza_2qp-nzHwnQAlU44FCizOS28TWA_CTfY0wudUjWrO_78y-qfEInEkPGDXDrK6i1pBLOwsueRrCOvZMBaOFSWRuqXd1nmTOqzkV5lrJ0Uz83nxMc1mkVNzx2txsTVxx63EI67u-3yb6nMao2HbF0212hf5-QycJ2Sh5oBQj5y-jRlak1uaSsSKgiM2lGczzjb9UxOOqoQk87-aBSSL2h6D6Th3udg8rprnyJEjQGx0&cid=CAASEuRogGirG-CViSbJj_9l8IxXSg&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3c5d53ec0243dbe609f8c034a87022a5411bbbab12265290721047abba0397ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25056 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame AE04	42 B 63 B	39ms 38ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A44hBMtLxKhG-FUe5sxlnNeLzuWKaFJ9gn5Ii158ir8LBKNzWRhlr-ctS4J6qDifgd1-cJ3KBvnGHG7zvpYJPFM6GHNJ7X4gujDEhrXlcfnOcwMb4 Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame AE04	46 KB 13 KB	182ms 79ms	Script application/javascript	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 0e05a169b79c4e60ce3da40a6ce5cba6ff314a12cb7d2082b591d60cb78fb641 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-server-name app06.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame AE04	2 KB 1 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:12 GMT content-encoding gzip x-content-type-options nosniff age 248 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:12 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame AE04	121 KB 37 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame AE04	13 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:19:37 GMT content-encoding gzip x-content-type-options nosniff age 43 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5635 x-xss-protection 0 server cafe etag 1091097466425408374 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:19:37 GMT
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 6577	62 KB 21 KB	30ms 29ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d3b1e91595e00d961f95eee4229b527cb8790f1e5718734ea0c85ffb69471cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 369 of 1000 / last-modified: 1622805049" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21373 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame FA5F Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	34ms 34ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:20 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:20 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame 4A83	668 KB 165 KB	33ms 33ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4755 cf-request-id 0a79da435e00004e31e2a29000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FyjdznEo28JQXChJnuG95We2qa5QcKke2JkwukPQfMUiq9sZDVZHinNaERLQ8OUg6VJz2KHz54KI4z3iZay4LhXj5pqeCfqO4K5ZyJB7eAtSrap5uJzeXAg2%2FAcafgYV2oN5"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32cb22d3d4e31-FRA
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame AAF0	668 KB 165 KB	33ms 33ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4755 cf-request-id 0a79da436300004e318429a000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u9CCujIiIascfy3r%2BJauNpwo82685f%2BwVTDU0h5BzoUHCz2lqEFs0p3fsUtIQqKSqGFJ4%2FmoWLEFQsyAo6xwund2aLNR7iDL9d3UKr9szMBg0J%2Fg7x7Fz1wc0tbBL9RiMNoH"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32cb23d464e31-FRA
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 7B91	17 KB 6 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H2	200	stpd201221.js Show response stpd.cloud/assets/postbid/ Frame 893F	668 KB 165 KB	32ms 32ms	Script application/javascript	2606:4700:20::681a:b5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd201221.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:b5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c6667af94922521a969587b85f54513b60200c364bae92af07e9f1872fc7002 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} content-md5 Z31KcnNREDgCG5fqQFS/wA== age 4755 cf-request-id 0a79da436800004e3169a4e000000001 x-ms-lease-status unlocked last-modified Fri, 04 Jun 2021 10:59:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=S%2BA2MetCXFfFho25t19Po3%2FNL5mfQB5UXN5Ans9CeVITQa%2B0BA6cgBjfD0aBqMJLsYEYqzuJ9BhJhaWUK1ewFDrQf4yj%2FUP729AexJpYQK6MFAPpoRUjk%2BzgiEVQNBlD2iXJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-ms-request-id 53f062ea-f01e-0027-3b30-59e853000000 cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 65a32cb23d664e31-FRA
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 63AE	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41201 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 fonts.gstatic.com/s/oxygen/v10/ Frame 5ACD	16 KB 16 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v10/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oxygen:700|Oxygen:400 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5f9ecb6ce5cd13a976187541227e0246570ae91864d052b3e9cc0a4636dc8a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://s0.2mdn.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 20:00:23 GMT x-content-type-options nosniff last-modified Thu, 10 Sep 2020 17:03:28 GMT server sffe age 253197 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16184 x-xss-protection 0 expires Wed, 01 Jun 2022 20:00:23 GMT
GET H3-29	200	2sDfZG1Wl4LcnbuKjk0m.woff2 fonts.gstatic.com/s/oxygen/v10/ Frame 5ACD	16 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v10/2sDfZG1Wl4LcnbuKjk0m.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oxygen:700|Oxygen:400 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ccfa0fba5ab2cfef812fff3452cfdc73b6573900a9613b2828dfa691535b57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://s0.2mdn.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 18:33:29 GMT x-content-type-options nosniff last-modified Thu, 10 Sep 2020 17:02:44 GMT server sffe age 258411 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16344 x-xss-protection 0 expires Wed, 01 Jun 2022 18:33:29 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 25B8	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34738 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0084	12 KB 5 KB	6ms 5ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4635 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame F7D4	783 B 531 B	30ms 29ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e30a211831f26fd2ee3f558663733ec4438cc7de7f807350b5a5d3b201d15483 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ehFdVqbAButcBXmXWgu+xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:20 GMT date Fri, 04 Jun 2021 18:20:20 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-ehFdVqbAButcBXmXWgu+xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	container.html Show response c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F343	6 KB 3 KB	7ms 7ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 04 Jun 2021 18:20:19 GMT expires Sat, 04 Jun 2022 18:20:19 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 1A60	73 KB 27 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656037121142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28114 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	2f9e24b38db3bbeafc99af7f203b36a2.js Show response s0.2mdn.net/8945087/1608572807667/ Frame BEA0	71 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/8945087/1608572807667/2f9e24b38db3bbeafc99af7f203b36a2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8945087/1608572807667/index.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 011e4326e1d86f5e8df435fa462d8a8d32267a30ad6ca29ce84aaf7af31ab29d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/8945087/1608572807667/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 23:16:11 GMT content-encoding gzip x-content-type-options nosniff age 68649 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18353 x-xss-protection 0 last-modified Mon, 21 Dec 2020 17:46:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Fri, 04 Jun 2021 23:16:11 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame D4B8	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34738 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame DD6B	0 23 B	88ms 88ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjwLBVSFCUc6Jv334csuRaYaYbyhjbTftBmqsBlPL5ETG8ek67jHPQo4Dl8cD7Tpm6XBxvfn5cBZdrvJ6uspGWiRZ31Pe2CB2Yo_0lc1ZevmkUqcxwQebmBvYhB25B6fYfR-iLfJkXP8LPLAkyHe5h_-yu74F1UrqT2CcFjARLCmhZUBntSbX5fjKyyhK8K-x05MEWStUoszJzCE13FjoFFvST7zKdCVcwm0wSvs6bah6PLHJa0TYt_nQLR7O4HUQcEeU8WFNcB8hGOYHKSLJd9h54NQaZ9UjAZbLd25nQ7rLJB205AD0L8yaSFfrSKc8lq__9d0mBguysgLo-Ku7_iu4Ev-fX34DxP4aA6DcwqHPXZ6exAu23sQ9EXM6uBGataYWZinCUsbr2SkbKouhIL3Gzi3mvlrPHeogfVoZRwTYPAW0sgFQy4mLo11tUNP46xa9nxjccmA0gbX_5RtlrAvrKp9CHkdkHAwFWhTCrubzTFPP0Vv31yF71JP_h9-nV4-76IrWT2Wu-tpwILy-iS3o1CYa4RVe41e3nlttCzT5tdh1hv0KzP8o64bBmsPEhtKhwCBOWn3Iu9OgKXUh5RFKuCB2McUa4Kme9_Oiig-iVPclDuFJSjf8AM9ezaCcbPMKuI70myK9ZIjLkyqSGdBWFwX2wRsQ1ZJ1IJdulp915tevTnv13a1wpOGkBj0LqSigRkZckXTKGoeUnbJrJhBk5FPCgy2w074EUuZ3_3ctoAtA2nwD1zEh9lAvFGz5DzB7Q3gRznF1t0rUuCl7XxA2EAYFY96XJbj8lg4-EpjtTenFs30x5TLaXchHN2Ob4I2NaaLXB1lZmR1B2qK4QXgRmgFMlUr-niSrI1TeArPWVN6rO505AkIqoDgpwiPLAp57PkLrrhGzzD9XOBuy8nSZ9ZfBjGi3zlr_PK5wiHli70RQIu0E0QVMWbWoDNoRXfcJnVvOYWtdzPe4n2rAj8LY9aB529CrXhZ-jH1aBTJpHtjvkQaWh_4wJmjMSlVulWnBgOJwASBIhxPDp1C0_Enm5BSc_zUqxM7_wtTvRjlKy_qk1irzdvpKjMtglMCvveMiY0QSh2-mrEs7zZSMSLGXCxpEcBBvwGvctsOWZikSlw7mWYYPjEmVidIeojLO8yt6QXFyUlE_7blykWcHprMt8OtuwRoIfJGE&sai=AMfl-YQnJ8rbnDwyVFsN1n4__9_chZxVuPOUY-SjtMhA7HfmLnAWfUOzsH6tWxk8nvmcwpm5YL68SGFFR9hLGpTAm6EjPoZGeAx1BjxCcEi_r3_d4MsnpcahGnenvcr7xUmx94TZ7Hy3wh-tIy34em3U7H5u0O23sw&sig=Cg0ArKJSzOEvm8EFk1w6EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=897&vt=11&dtpt=685&dett=3&cstd=208&cisv=r20210601.14936&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:20 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
POST H2	200	node.php Show response node.setupad.com/node/ Frame BABA	0 209 B	134ms 45ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 378D	284 B 536 B	44ms 43ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H3-29	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame AE04	176 KB 61 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 14:23:35 GMT content-encoding gzip x-content-type-options nosniff age 14205 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 05 Jun 2021 14:23:35 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame AE04	8 KB 3 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay7rRLPcD6mkqYlXx212M1M1V98ySpVQOzuM05J54VNVLBDbCFLJKga1jyKWeXtAg4yVdl4Nj3yRhihib2dUA3gsAqkylS_D1dKqCwY6BKwU3oLxWj5dthREAn2QIlvo10xVd4PYWCiQEdIqhtc7pUChCrsA&dbm_d=AKAmf-A59aEV57TKz8_P8fBCbp0rhAaNvwgrrY7Dq8IHpD0PmH71S5tafyYEuPFtmfeokImhoqH8y8c2K_Ob4yt441zDEwqn57wsXL_GYRmQs-WgA-i7Uo-99uLWLPM5T4_12oQx7GYzxXS1iH2u1LbJiLt0_nKNQShHApPVZhknUm44JNTayM9eKX9NvhhWBrzixz-9tslB2N_w1JngAAyh2j9if5e82S_GMszJ4xjd_7-_mh1ikBOCvmTXnPAs5kZeQn4if1wcO78j_QM1dU_8S4VCF5oI5-oYrdaU6JgRxzfcHo65_MRNMa9vIqz-hBatN5GxDErVbf9z6srXDrRNcahgyI2OW1LtQ2V_ITf4HRmbJYQBwwYlvhpwwy98edPP8otAvflNpApAwhFDvIx1NzuRw7wgJKzM22eAovNINxEioZovqv9Q6YzpR8DytD7uHkYh8cWEygYiHfhWUzgT2L6r-htghw2Uepl8yUYeFxGdQq9L-Ol4YZupmDr5Ze7G7dfe0KgnIaBkROZvpspwkGCj9nyjN-2-Rg2gCtVw8oBk-m0GaJIkLxKATtBWmKuOAZGSphUPJGSJq8HLDM-VfIpxRkJKHAPOmJ3dPzQFA3vO0OIqtX6LPMJkE3JF8O-tV3ptGHdtWOt_PTnQEgK39PvTuAlk1ndXfLa4Mtm_y-KSfolcKAJtXRA7DHf9drYeWsFDT-iBLqj65pMvxQYMspjKD1fNGj0jdu8G-ffXapGoDg7StXVak3erGzzbkIeizBD6kUSqV-Mgbti89bWnPz1WQRzJ0-gsJoWt9WkoQUsanvV7HqSgl3SWiU7OtTDn87g4x6RSY8tTdbNo4TnRn97bqX22r7yffJu0lE9z5CGZzFOzpnIJyb5yFhSqaR5D3tdQRVn8s8-d24GG1A06BC3KQ_ZdLAMaIl_YnnTbqYSO9xVGOghGGILIzHvkXkav4zpxG-laiD0Jp-DeKkl13hy_bNFEALtKapwRUcCjbWzFLKEcB5ydPeRHUUCjB3gXujdW1WGbCM1Kqrtkk-SQ7tAHLWMIXzjXZ9rvi6FPoYuDXcDQ7Ewlxz2jneXlSIWuJKRbM3Rqva3AHWLI5oywZiLm-cLLWQFEntKf3G9YzOmFLmAnpVOuWuo0TW59tukrDf3jqM8PZE-cAJ9lB9YxykL11Tjwe_MFJPdR-yKyiES3FffX-lkaTK8RdnOp_aKFeP2bWouXywDgsRb5vHmFisg--MAaYe7BJgLcOdD0ScWrN7uqHwVy9DP5UvX5LR8wC_Pe9x-KuYaIOIExX1IymgZeHT1hewuO0CoTi1XeXNTwejzDOYFD7_PAgHRZd7trtO1g2NjU61uYmhOxgSti5m-UHJuqAYxZZXmwdvr1VeHbzgfjFqFmKtJCgQDA9XyPeEtdAw_fb0SPQ4OBSJuweJm5QSshnM9eBiA_kbYC_WZKBVeQf-D9v17tfAqr-z2-pHeJwWjXVAirzdVFcg3n3XmyrZUI7CJ-Ua8aJkmG8BWSmmZE4t9kgXjUAueO92wyhBGojAONzoTvLEGkziy6NbM3t4ihvfSY8FQv23-NZby5vINos6KL63CKL7gaLGy0FbtAMbK7pcUjLG8GuOUhCqtjb3gNYh3N9BL99Jrjsn9vWp5FylPi0jtE0qMaDTh8S91nMNjYNrMuMVuB4QKITtK2fn2MPrE7CRDpk5GM_uxhf3obfrugsHrZhQvpMgwY3xZLXmPG8jKVVi4NQLSfvRD5nmml2PcolyQoI1RIy3rVKrLeKcr5TQFud7gcVJfAQ8h1Fg2ffFjBzz4XSP9F2bEPP-Hx1FME0ty3SPiD1wO4MHG2rqeeMYGE9Dsw8RtrdPWqshgCw_x4jRuC00T2yurQ8hPK6X0eHZOo6LwON7IeLJiwalbiOeoVtVesoznvIs7j6tADcVm7gsRComiUjibuuQYxoucdgtUGKnawQTqIAE9lcEN8oCXr7mFuqbkYAkAXCU_4l7sHy83isAGL-f2LnVNL6koH9dqvouSOlP2pVHS2C3xRvxY_MG_ik_iO3hkj0MQv6vIUzTn0XCYcRQ83-ToPa3I89PmdT6FYAcieHCk1RuWP3LhcKcC8jniBLgOe9QdF4K0KtiCKqgIIhQ3p7P7byEmlm_zU_vK3o-pO63z9fDOk8kY5INd2Nw_uYsFHyMOg5R4j05pfJ0iH4iJrQKz6w6si8hRkWqoc2PxgjjVN3QAQX6-pk78xbHsqBv8TdP0dMrNLWyQX_WhVc6k1bdB3WL5wwEq4Jg_bBQpKisDoM58E7Jg1zxL51nQXAK-QQ5yS1GrZD6swpBBjvcA0AwdZRqAeL3D196lPTOUom7mS2lhx1o_A72fO0h_YLXQUS08JTgjv-D-dxiWpU-8upnZdX8hT_HnpMbCtNOQuS7mfn2yby12fRoSYhqy4rtkfP5aqF-7WmJyZbzkqPqswH4U6FhC3338WUTQwloF4sE2Z5_nKzlbRn4OM8XXg1gsaJFZXrtJkuDDwDyX6fHkHm6knaSbrIWBxQBgfMcnhJV_pBHYcXx7r4LqbHrgfXFI3ZaJxIyR7TPOB-KO-OglaXGiXN6X2u3C9QSHT7P7kYqw2prAXRBBkUFhaTYKVfwVaBw-TLpNek-F6-fCVECZaustGw3i02KTI1SGUNowKCBgTfMfERBK0kpoCFIpCm6UiHuJyLehiivOASr-AF-9cFCFgmofP4lz-gFf7f3kK02yoE25-9YMS0E7XVLffpa095ReuxGzMaXIo4UsHhLR2it2BR6Ygc-5ZmIO9a09buncqUp0XTIJBJVAxh6Sml240l2oqb77lzyiIyK-TRhOJn_LNIYe8UDqdTSUAFWSIl3ftERfuNuuUrLqh5xrHJwfsQH1fM9L9d5Qw3wnYzRQLxJB70jpouoQ75w7oo8eAiIovfa_GW_o93T-bZDAbOxFAD_FfuTlgmeSxPMDzWWfRxldD66SOX5ZOKqSSPa2VIeCikylj78dopAJ_KqksesbkwqMkdPLy_kq8PE-ELmVf3n_iDa4wgghxhtmfKNEu8_Yyr2cdWlB11W309DZlqzhcH6hPam2HfcroRwKDaZwQ_kpsvWaJ690gYQYwVa2N2uMsrT97JhN5eo2Md2PFOmD-uhY_JzMZOAlGm0NZnsDgmX7Wq0VoezJD7M8KgR6TricFdCW2PaWt-Hfq9386hUKxCZNcDBURCotGvJjm3S2Sw2WM6ByN5bPDGYvEzc_uaPbtmgwR9yf9F2KCyHksUNYWnvBSJgn0JbDGDm-4XGKuCYRSWHBhYcxsoBhcL8C-Qtuifv1-JbM9MwidAwFTYSy-drdqza_2qp-nzHwnQAlU44FCizOS28TWA_CTfY0wudUjWrO_78y-qfEInEkPGDXDrK6i1pBLOwsueRrCOvZMBaOFSWRuqXd1nmTOqzkV5lrJ0Uz83nxMc1mkVNzx2txsTVxx63EI67u-3yb6nMao2HbF0212hf5-QycJ2Sh5oBQj5y-jRlak1uaSsSKgiM2lGczzjb9UxOOqoQk87-aBSSL2h6D6Th3udg8rprnyJEjQGx0&cid=CAASEuRogGirG-CViSbJj_9l8IxXSg&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:43 GMT content-encoding gzip x-content-type-options nosniff age 337 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:14:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame AE04	22 KB 8 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay7rRLPcD6mkqYlXx212M1M1V98ySpVQOzuM05J54VNVLBDbCFLJKga1jyKWeXtAg4yVdl4Nj3yRhihib2dUA3gsAqkylS_D1dKqCwY6BKwU3oLxWj5dthREAn2QIlvo10xVd4PYWCiQEdIqhtc7pUChCrsA&dbm_d=AKAmf-A59aEV57TKz8_P8fBCbp0rhAaNvwgrrY7Dq8IHpD0PmH71S5tafyYEuPFtmfeokImhoqH8y8c2K_Ob4yt441zDEwqn57wsXL_GYRmQs-WgA-i7Uo-99uLWLPM5T4_12oQx7GYzxXS1iH2u1LbJiLt0_nKNQShHApPVZhknUm44JNTayM9eKX9NvhhWBrzixz-9tslB2N_w1JngAAyh2j9if5e82S_GMszJ4xjd_7-_mh1ikBOCvmTXnPAs5kZeQn4if1wcO78j_QM1dU_8S4VCF5oI5-oYrdaU6JgRxzfcHo65_MRNMa9vIqz-hBatN5GxDErVbf9z6srXDrRNcahgyI2OW1LtQ2V_ITf4HRmbJYQBwwYlvhpwwy98edPP8otAvflNpApAwhFDvIx1NzuRw7wgJKzM22eAovNINxEioZovqv9Q6YzpR8DytD7uHkYh8cWEygYiHfhWUzgT2L6r-htghw2Uepl8yUYeFxGdQq9L-Ol4YZupmDr5Ze7G7dfe0KgnIaBkROZvpspwkGCj9nyjN-2-Rg2gCtVw8oBk-m0GaJIkLxKATtBWmKuOAZGSphUPJGSJq8HLDM-VfIpxRkJKHAPOmJ3dPzQFA3vO0OIqtX6LPMJkE3JF8O-tV3ptGHdtWOt_PTnQEgK39PvTuAlk1ndXfLa4Mtm_y-KSfolcKAJtXRA7DHf9drYeWsFDT-iBLqj65pMvxQYMspjKD1fNGj0jdu8G-ffXapGoDg7StXVak3erGzzbkIeizBD6kUSqV-Mgbti89bWnPz1WQRzJ0-gsJoWt9WkoQUsanvV7HqSgl3SWiU7OtTDn87g4x6RSY8tTdbNo4TnRn97bqX22r7yffJu0lE9z5CGZzFOzpnIJyb5yFhSqaR5D3tdQRVn8s8-d24GG1A06BC3KQ_ZdLAMaIl_YnnTbqYSO9xVGOghGGILIzHvkXkav4zpxG-laiD0Jp-DeKkl13hy_bNFEALtKapwRUcCjbWzFLKEcB5ydPeRHUUCjB3gXujdW1WGbCM1Kqrtkk-SQ7tAHLWMIXzjXZ9rvi6FPoYuDXcDQ7Ewlxz2jneXlSIWuJKRbM3Rqva3AHWLI5oywZiLm-cLLWQFEntKf3G9YzOmFLmAnpVOuWuo0TW59tukrDf3jqM8PZE-cAJ9lB9YxykL11Tjwe_MFJPdR-yKyiES3FffX-lkaTK8RdnOp_aKFeP2bWouXywDgsRb5vHmFisg--MAaYe7BJgLcOdD0ScWrN7uqHwVy9DP5UvX5LR8wC_Pe9x-KuYaIOIExX1IymgZeHT1hewuO0CoTi1XeXNTwejzDOYFD7_PAgHRZd7trtO1g2NjU61uYmhOxgSti5m-UHJuqAYxZZXmwdvr1VeHbzgfjFqFmKtJCgQDA9XyPeEtdAw_fb0SPQ4OBSJuweJm5QSshnM9eBiA_kbYC_WZKBVeQf-D9v17tfAqr-z2-pHeJwWjXVAirzdVFcg3n3XmyrZUI7CJ-Ua8aJkmG8BWSmmZE4t9kgXjUAueO92wyhBGojAONzoTvLEGkziy6NbM3t4ihvfSY8FQv23-NZby5vINos6KL63CKL7gaLGy0FbtAMbK7pcUjLG8GuOUhCqtjb3gNYh3N9BL99Jrjsn9vWp5FylPi0jtE0qMaDTh8S91nMNjYNrMuMVuB4QKITtK2fn2MPrE7CRDpk5GM_uxhf3obfrugsHrZhQvpMgwY3xZLXmPG8jKVVi4NQLSfvRD5nmml2PcolyQoI1RIy3rVKrLeKcr5TQFud7gcVJfAQ8h1Fg2ffFjBzz4XSP9F2bEPP-Hx1FME0ty3SPiD1wO4MHG2rqeeMYGE9Dsw8RtrdPWqshgCw_x4jRuC00T2yurQ8hPK6X0eHZOo6LwON7IeLJiwalbiOeoVtVesoznvIs7j6tADcVm7gsRComiUjibuuQYxoucdgtUGKnawQTqIAE9lcEN8oCXr7mFuqbkYAkAXCU_4l7sHy83isAGL-f2LnVNL6koH9dqvouSOlP2pVHS2C3xRvxY_MG_ik_iO3hkj0MQv6vIUzTn0XCYcRQ83-ToPa3I89PmdT6FYAcieHCk1RuWP3LhcKcC8jniBLgOe9QdF4K0KtiCKqgIIhQ3p7P7byEmlm_zU_vK3o-pO63z9fDOk8kY5INd2Nw_uYsFHyMOg5R4j05pfJ0iH4iJrQKz6w6si8hRkWqoc2PxgjjVN3QAQX6-pk78xbHsqBv8TdP0dMrNLWyQX_WhVc6k1bdB3WL5wwEq4Jg_bBQpKisDoM58E7Jg1zxL51nQXAK-QQ5yS1GrZD6swpBBjvcA0AwdZRqAeL3D196lPTOUom7mS2lhx1o_A72fO0h_YLXQUS08JTgjv-D-dxiWpU-8upnZdX8hT_HnpMbCtNOQuS7mfn2yby12fRoSYhqy4rtkfP5aqF-7WmJyZbzkqPqswH4U6FhC3338WUTQwloF4sE2Z5_nKzlbRn4OM8XXg1gsaJFZXrtJkuDDwDyX6fHkHm6knaSbrIWBxQBgfMcnhJV_pBHYcXx7r4LqbHrgfXFI3ZaJxIyR7TPOB-KO-OglaXGiXN6X2u3C9QSHT7P7kYqw2prAXRBBkUFhaTYKVfwVaBw-TLpNek-F6-fCVECZaustGw3i02KTI1SGUNowKCBgTfMfERBK0kpoCFIpCm6UiHuJyLehiivOASr-AF-9cFCFgmofP4lz-gFf7f3kK02yoE25-9YMS0E7XVLffpa095ReuxGzMaXIo4UsHhLR2it2BR6Ygc-5ZmIO9a09buncqUp0XTIJBJVAxh6Sml240l2oqb77lzyiIyK-TRhOJn_LNIYe8UDqdTSUAFWSIl3ftERfuNuuUrLqh5xrHJwfsQH1fM9L9d5Qw3wnYzRQLxJB70jpouoQ75w7oo8eAiIovfa_GW_o93T-bZDAbOxFAD_FfuTlgmeSxPMDzWWfRxldD66SOX5ZOKqSSPa2VIeCikylj78dopAJ_KqksesbkwqMkdPLy_kq8PE-ELmVf3n_iDa4wgghxhtmfKNEu8_Yyr2cdWlB11W309DZlqzhcH6hPam2HfcroRwKDaZwQ_kpsvWaJ690gYQYwVa2N2uMsrT97JhN5eo2Md2PFOmD-uhY_JzMZOAlGm0NZnsDgmX7Wq0VoezJD7M8KgR6TricFdCW2PaWt-Hfq9386hUKxCZNcDBURCotGvJjm3S2Sw2WM6ByN5bPDGYvEzc_uaPbtmgwR9yf9F2KCyHksUNYWnvBSJgn0JbDGDm-4XGKuCYRSWHBhYcxsoBhcL8C-Qtuifv1-JbM9MwidAwFTYSy-drdqza_2qp-nzHwnQAlU44FCizOS28TWA_CTfY0wudUjWrO_78y-qfEInEkPGDXDrK6i1pBLOwsueRrCOvZMBaOFSWRuqXd1nmTOqzkV5lrJ0Uz83nxMc1mkVNzx2txsTVxx63EI67u-3yb6nMao2HbF0212hf5-QycJ2Sh5oBQj5y-jRlak1uaSsSKgiM2lGczzjb9UxOOqoQk87-aBSSL2h6D6Th3udg8rprnyJEjQGx0&cid=CAASEuRogGirG-CViSbJj_9l8IxXSg&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:51 GMT content-encoding gzip x-content-type-options nosniff age 209 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8594 x-xss-protection 0 server cafe etag 7958287194716579593 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:51 GMT
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame F02E	107 B 122 B	29ms 29ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame F02E	107 B 122 B	29ms 28ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame F02E	14 KB 8 KB	272ms 271ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1219464265747833&correlator=2220111305575410&output=ldjh&impl=fifs&eid=31060783%2C31061358%2C21068030%2C31061149%2C31061167&vrg=2021052601&ptt=17&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie=ID%3D3a395bc5b81a85d3%3AT%3D1622830818%3AS%3DALNI_MYD_d5gPGef1Gvsa64kLTzKXJoK1Q&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830820&dt=1622830820370&dlt=1622830819541&idt=822&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=150&oid=3&adxs=601&adys=6290&adks=2311162970&ucis=2tpk99m7npg5&ifi=1&ifk=3286901705&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x150&msz=728x0&ga_vid=1904851795.1622830818&ga_sid=1622830820&ga_hid=1276051151&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 4dc2b647dd63db4dca07e6522465c37075385810c4a02e2ff64f545b6aa0f28a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8132 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F02E	0 0	171ms 53ms	Other text/html	2a00:1450:400d:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame FE4A	2 KB 622 B	30ms 29ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXsewGGYTATAIxA_NhhmzBESeN9g8wr1rTU2W_t-O32zORZ8RQ8nZ2Bv2gG0jmMbfY5FQLXzXxHlvFr5Cr-B1xBbfFK4AUCS8x8t5UlOIievdrCG8jgu91SLeOT3Dn4HkHjelOXjkh0ETAQGv3R71oidoAU47ilDAaa6ostKGpVzxINnjZs603_tXjAp9KxCJTMTQHyHqNDeTBvTGbZnQxwgFLyxjsDrRqWP31QqXvVCEeLdqsi8gvbYZ1GP2yCvCQKu4qxCZtV5xEe60_s5sxdYVL5F0vLz1OLLH_VrNfAZUZVtaGG4G-G15LFa7_xsSZI-iGle4RYjVCsHcMvfZt_HjM42zLA6SJhUxtJEBMCULJsmd6vMbRkXMRbwNFbMytGr9tLU51rpDN1D3KT3kqL541b0tc_uMi4Larq_Q0QS6w6XIYTYDO9VT0JExbGfbhDD2cH4NA9Q0rHMVklfqez5FbMPIP1pYfiDPpGu3XrPWqyCbmqcW2D4f85JmBmbkkfGALCP90C8L0JSfuZUGVI5Hy1mIVSHhtv4tzWJI3QgwYGLs1XhtuYd-JIlHIn9tL4cQH39m4WfBFuJ227YTzzvsfyVBEA2epxn9ueLl2vmtFiHKk Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 10c8021e26ebef3330592a0555e512270588f5a8a5ba8f16a6f41804eca17c85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXsewGGYTATAIxA_NhhmzBESeN9g8wr1rTU2W_t-O32zORZ8RQ8nZ2Bv2gG0jmMbfY5FQLXzXxHlvFr5Cr-B1xBbfFK4AUCS8x8t5UlOIievdrCG8jgu91SLeOT3Dn4HkHjelOXjkh0ETAQGv3R71oidoAU47ilDAaa6ostKGpVzxINnjZs603_tXjAp9KxCJTMTQHyHqNDeTBvTGbZnQxwgFLyxjsDrRqWP31QqXvVCEeLdqsi8gvbYZ1GP2yCvCQKu4qxCZtV5xEe60_s5sxdYVL5F0vLz1OLLH_VrNfAZUZVtaGG4G-G15LFa7_xsSZI-iGle4RYjVCsHcMvfZt_HjM42zLA6SJhUxtJEBMCULJsmd6vMbRkXMRbwNFbMytGr9tLU51rpDN1D3KT3kqL541b0tc_uMi4Larq_Q0QS6w6XIYTYDO9VT0JExbGfbhDD2cH4NA9Q0rHMVklfqez5FbMPIP1pYfiDPpGu3XrPWqyCbmqcW2D4f85JmBmbkkfGALCP90C8L0JSfuZUGVI5Hy1mIVSHhtv4tzWJI3QgwYGLs1XhtuYd-JIlHIn9tL4cQH39m4WfBFuJ227YTzzvsfyVBEA2epxn9ueLl2vmtFiHKk pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUmmGTrH9HAdupfiwyjqcOUHH-zdTjbVhTZEuB4r04nYkw-Cnc8VE77jYdRnuTQ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 04 Jun 2021 18:20:20 GMT server cafe cache-control private content-length 601 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame BE94	64 KB 25 KB	75ms 74ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApNEl6jG98_EW_S6onDySanDNLF0ut8cV3znooH-rFcxSUdC-BKiISK0H5Djw4iaptBXyGAWHdFVTKjioMWs_-aktaupliMvVOgFN2_pqjs1O6MuTIInt4DW3VzQ4AvLTWc-zXnkwXIK-c7lzSSk6628Nvpg&dbm_d=AKAmf-DHkwJ7ReBWiXwYsVb-qnl8-BWIXeO6uKrc6J6vGMx1BK1REL76U7YsHnXbFo3lKdZ6K0Q7DPAZ-bdGDPurON2eUbgmRFgfVP5a5oqyb4Ldq0NtFEdVO9TBsIyY58Rx3l_ySPj370TKPMvbciSOYaAeYSaAu1ncoZwaLmgtOLgq7o5fn0-hN7txYHx4IniDRaUilf6d8mTAQtUoYee4QaOzuKOUSOaOXgWlcHzjLIPuzRGGd1E9zBXXMQnkoJOkLTB6jAG7xKzGuzIR_MbRBMhwEOgNnAaAXb7jIBR66mMt_f30F1n5Zya-VNc0m0HWbNT2u3RRSYLkjSKe9RONMpEHvHXtelwEdYpmEGTDIOov1EjdTEVnQNl5Zs7p_gFqms5dROxAaV13mq_cDt2GBP8l_pcv9TWRlRuq6CYddXjmGBRB2VYHSFqgvFnS0gaqUyEcxf-7IRMW74l86TroI5bfMMUFz8FRmL0f8dLfhPBXK0Dip7TCSe8trXJ1RdSKYG8ZfMQnqLtYIWCTWrJbxH9TXKgGDn_TeXuOzt9f4Pg84LSJjwf68pXKGcLnb5EE_70xX1KbDzxJ-ktGvy0C-cAM4kJ4PuMeWFzDOEMg8SZtx6Y2dr4sEFqG2zQ-gESBHwj-h-0huw28-GfYvw-eU6O9xoD6uBExqMvKJ_DVn7wcjytQIRtpv9WxiHGod_AQ1fdfdBiBAt8dWJ1BM9TECg9zwZq8kgrOP07HzaQojWMt3v954QXb3704kydH4g0gurUwCLeDDjPSGP76jtpldRNLQNr5-Nva5uhTVvFAGO9LnH-sYsQe7QtnNtxCzqY4dCEHM0vSoQq9-ay4AWRXrjxm8hhD6Fao2ln-GvkaR5FU6d_j24kHrQ07JF4TYaAQ6ppSbUYroOgzkoZl5G92bZcwTdPLGcdkYNs1QOSP4s2M_vIdAj6CNQUaSf7-AdMyTw1C5FGKIP1E9iQXuqSvN8CP0W8Pa7q9mXtstVcEIT0CU3ef6p9aGL_NgXtMrKMxRilVTX7ZctAPQdIRxLeNQWBFisi8FCWn_XbMKfrieMSXZkpM0BCok8pAbDitSVCM6kc2HiZjIKWc7UsWmNB0A42UFCmencshEfNPPEW2oonMcEz05KWhvA5zMzYOSRbzlAi39-bL6Z60Dramotj73WiJb_q_9OeRwiLK6OSi2OcS3VAnp6ghZn5tICrCsl6MCmcojSwTc7JEB7WVq7iFv1ZnoxLeuHX6aC1O4mtlOPeCs980urK0OAEH9hJKVrGILc_K9oVHRYHQhN_iOP4-pbXed1aKYDnDKYVRR6QuFQQu4nt1Y9_rvNA9YgNpxFe6fYtz_lSvfTyKIMFCUdaEpZGgbaz2Mc1ZDkiFiF2Od20-XqJKGihnl3Cs8f7ho3V4nGcmyGGK0Us-Icg5EOTzoiaYVhYtrZfrrtYvFIlBSU9Fu3rgYJW828oMumC9nCQ3SrEAauBZ2Y1lh9kOIvNpMk4DJKXNyZSXPeb9566KpDP5eBcqhXBhJxUnYefr4lh3cNP3kSnyqgQxtDmvhdwAh-7aGtLGdtpcUEphHSpovFPV3f2bDDWLZDuQews5yWVVDrH5nWhwe5AtmmcXyvP_eU7nUKwNeN39pqTgp-irC-O2t0noqFzEvk5OTfWDNEjbu031tJLQ19YON4CuJ9Vl6N-2OEiGnskm6LaREUouU1p_TqpV-LbCBHbfYGaXDkLBAK0d_xgWpnfhpal_HYT97bLeJOFhsE0QiCr9s1JY42lnpB8NcyxxnnkCWiqyNyqRwM6qN55ZLlNNWVBFNw-dFHmphbbi5YY0udXGa_TblwTRWnpl0IeTrl_UpYRfJaDh1C0qRmsUN2FxNtm0pDbBd3nDX9qbA7TpWOONT9WIVPRrDz6KtfLGoomk9oLWESCDjrN4p6z-upQ5KJ21OBqmW1V0PN_8dYn_5Nig3SsAKSwun6BhBciNoMJ0E7CWiHCT4Cl2Dwq2xV23dncOPBJLAdTysYw3yOhoS5_Yed9IZtjxfvE_5YPZzgvVXClnT25zONPFEBSgO0M_4yFIOWLTBB_7lAt81nG0CgjeZWNN2oOT1uy6_bWuq1I115Zqh_4dPjWkiiGiK7GWz1sDNqemBSFOZHMPAyG_blM9wQL5p-OhobyCf704iL_H-lgLjlHMjGHKd-9EpT2HXG1XUYN9siUQl36VLxyWidgMPGpq9PbF-1nlIrq7hTy5AuzyZ6b16QJzF2tTsMYduHxF34ZaElZ5by6PnDBjfy3RIRjCts6pfuGvRXyvgD2qVrRlPMObkapSPUFpqGJkwuQDLsIAcYrkrGd5xv2OFRsBrE0IV7v9yxuvyp5gD9yzIeVszOqpJeJFHkx6rySbI72nqnFr7alqg6GoNlbKOFjOdLe-OtblxKm615NHnrJE7DSq04Q3lp8VF1ojyW6gBE6C07bV2NmxkdHZGVpXflg8-2cCazj3DtRCpbSjcXSd2IdHyce6i42CpW2iZ8WEupQCcIQxKDfHcWlBC8dvd72MhWSNkc9vmbr5UKGLuav1Qp0O_Gtqxs_U2zLWHOR8UjRtQk0JD6NH-M7zcwP-7wfr3tNMHK3eQ6M-A5ofHvfnVVxuwEe5Zim9NoGyu4pi13SktrrGpzekvDUObvwuWxPzR9lxeJ7w9Su9tvlVbMupmws3gelCqEpmPRI3z6NbOTAtujcx5OYlxEaJiP04eJ0KBVwWj_XOm4Z8N1_8eun-b4crZ6OjIfq3IyF1SbVW7pqPZQc0RbGPRL-iJDI2Rv3uX9-E79fmVxuFVxS8jf8sj1QFQ_1TlnyUZx7-UGxXWxq2zDb0Rgj4PNcp4bRe-JAK_Hz7D_cHQWR2FdJRSPjNSJGEK6pIFRJfhmougFd5RT3HciSesj1VQkfrZMnYkx2-b-cVxhMs_EiWCauuz8srE7NxqN4CHLHYPlg4Z0F0maIsJxj7ZdY5Ag0GkN22ozr-TtiF4D0tDCGIlv6sKpaDnWHqZFExSifXJXWnzjovnrSId_6RoYvUycAqMlXT2DRdLGPLH20pbkpa5jTpSRQZJxEHsjCRGt1-J1sUq0fk0autOObco7mxQ0cfuzqtMwrwK1MrziWCBqtdRhniVTDoUjqdYmt4EyEIgRyYgS6XV0iFOg9e2JH1_Monj3ajyBhDQO0kzy3SAJBdn0yQivpQ9wtMYeIQzSP2tY2HA2qMPwvafZZMopVyTKMqcHc7T9M3rByDB5XbeVxy5IKHRTUuUeJ7cx_vxo6zQfM7iTbsA_Nmkz6QBoWLIoXl1utr5EhPLZXN26A9CgOCwza2JqqsZ18k_CBtlNcC4SsmDY_zuI86DuOKkh-sjeV4QGMLGjEMWYPQv3arX4LIHNHcEmPjUMTJVfupQg9S0J_reKu4kOushDwJcRC4nufod4rkSSTSv6qNUKy0zndobMAqRR1_NMaf9QcF04_gJErMHjL9hhCTjGzGlN-fgrK_DE-Xyet32Re0KK9vow7iZSyGF4B431mH9h0XE6ohSHqrZPJcC7be-n3ieBsCyjxUCPFnJCSv6s-CERpvhh3dz0s&cid=CAASEuRoO67UxAobCl3NEmWyDNmkKQ&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 960ec6f12c6f6ee9ac6bfcf33903ebdc148d2bcd88e11e1851f031362c4efde6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25123 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame BE94	42 B 63 B	40ms 39ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0834mjXPVW15mZ42CGrP9cDq7r9FXAk3dGG-SDYBklsZh3GsI1kLhLkJ4_shlqNMV7U4ojp7_80gejIxUFq43SyKTZU0IR1vtyUUU5R8J5UaqPpc Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame BE94	46 KB 13 KB	62ms 61ms	Script application/javascript	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e91b58481813cfed5a4db33d200ab569977587c5e0df380cbc824c69a1542704 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-server-name app21.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame BE94	2 KB 1 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:12 GMT content-encoding gzip x-content-type-options nosniff age 248 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:12 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame BE94	121 KB 37 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame BE94	13 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:19:37 GMT content-encoding gzip x-content-type-options nosniff age 43 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5635 x-xss-protection 0 server cafe etag 1091097466425408374 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:19:37 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame BE94	0 0	20ms 19ms	Image text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcJnv0oUsAGzReURr0InMxZPfKKi3lNkm-gfFEWyUhhp_l5tYdLPiF3n-FrGbjeFcNqvmwNK0Ai0iJx3e9i7oJ-o4f4g Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	container.html Show response ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE48	6 KB 3 KB	7ms 6ms	Document text/html	2a00:1450:4001:812::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 04 Jun 2021 18:20:20 GMT expires Sat, 04 Jun 2022 18:20:20 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame F82E	73 KB 27 KB	29ms 29ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656037121142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28114 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame F82E	10 KB 8 KB	34ms 34ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 26234ccabfad056f6636fd34ce83b378203f4dabdf233ebcca7c12806e11b180 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7753 x-xss-protection 0
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 4A83	62 KB 21 KB	29ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b1b210746f3af2466e7dfa40e9f0472ba8d6779131adf856792002d857cea0b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 238 of 1000 / last-modified: 1622805049" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21347 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 821A Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	48ms 47ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:20 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:20 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame AAF0	62 KB 21 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a1917a5c340692841fe295a7c36869b96fe0164702e81a901537c9ee50d00c18 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 145 of 1000 / last-modified: 1622805049" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21374 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 3640 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	43ms 42ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:20 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:20 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H3-29	200	gpt.js Show response www.googletagservices.com/tag/js/ Frame 893F	62 KB 21 KB	31ms 30ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b1b210746f3af2466e7dfa40e9f0472ba8d6779131adf856792002d857cea0b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "893 / 168 of 1000 / last-modified: 1622805049" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21347 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame A7DD Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	48ms 48ms	Document text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Host eus.rubiconproject.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.gool-sport.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers Server Apache/2.2.15 (CentOS) Last-Modified Tue, 23 Feb 2021 20:47:52 GMT ETag "402b0-119-5bc0708346e00" Accept-Ranges bytes Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 04 Jun 2021 18:20:20 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server AkamaiGHost Content-Length 0 Location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Date Fri, 04 Jun 2021 18:20:20 GMT Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin *
GET H3-29	200	pubads_impl_2021060301.js Show response securepubads.g.doubleclick.net/gpt/ Frame 6577	312 KB 109 KB	78ms 77ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash d0b3850a417ef733c6acaff02a3311c7ce9a5b7ee55d2cd76d8c7f1f661bcb20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 03 Jun 2021 08:37:25 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112073 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	99c3ec2823c3b36ed8a4aace502a39c1.svg s0.2mdn.net/8945087/1608572807667/media/ Frame BEA0	355 B 264 B	6ms 6ms	Image image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8945087/1608572807667/media/99c3ec2823c3b36ed8a4aace502a39c1.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8945087/1608572807667/2f9e24b38db3bbeafc99af7f203b36a2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f43b0f0e166d6226afc034b872040c653dc5a0fbb90168baecfe6037df92acef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/8945087/1608572807667/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:45:48 GMT content-encoding gzip x-content-type-options nosniff age 41672 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 240 x-xss-protection 0 last-modified Mon, 21 Dec 2020 17:46:47 GMT server sffe vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Sat, 05 Jun 2021 06:45:48 GMT
GET H3-29	200	0af4bbb4655c84a7be7d11829fe67bac.png s0.2mdn.net/8945087/1608572807667/media/ Frame BEA0	4 KB 4 KB	7ms 6ms	Image image/png	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8945087/1608572807667/media/0af4bbb4655c84a7be7d11829fe67bac.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8945087/1608572807667/2f9e24b38db3bbeafc99af7f203b36a2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 357244b1b5765a2727d61c26cbbdadb6b6f71967bfb35d5489243fd78387310c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/8945087/1608572807667/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 19:09:25 GMT x-content-type-options nosniff last-modified Mon, 21 Dec 2020 17:46:47 GMT server sffe age 83455 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4229 x-xss-protection 0 expires Fri, 04 Jun 2021 19:09:25 GMT
GET H3-29	200	0aca5824ef68ea7593d3cb226bfa15c7.svg s0.2mdn.net/8945087/1608572807667/media/ Frame BEA0	1 KB 696 B	7ms 6ms	Image image/svg+xml	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/8945087/1608572807667/media/0aca5824ef68ea7593d3cb226bfa15c7.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8945087/1608572807667/2f9e24b38db3bbeafc99af7f203b36a2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27f160ca84b06148c29c4557e64ce173cbb502a8cf0f2738b1aba580edf03a84 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/8945087/1608572807667/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:12:51 GMT content-encoding gzip x-content-type-options nosniff age 449 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 672 x-xss-protection 0 last-modified Mon, 21 Dec 2020 17:46:47 GMT server sffe vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes expires Sat, 05 Jun 2021 18:12:51 GMT
GET H3-29	200	css fonts.googleapis.com/ Frame BEA0	1 KB 397 B	48ms 47ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oxygen:700|Oxygen:400 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/8945087/1608572807667/2f9e24b38db3bbeafc99af7f203b36a2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bc9b412e10757e146d45545021a3f27724614cc3baeea6e2337488413eb1afe7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 04 Jun 2021 16:25:29 GMT server ESF date Fri, 04 Jun 2021 18:20:20 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 426E	12 KB 5 KB	15ms 10ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4635 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame 395C	783 B 532 B	31ms 30ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5e2bbcfdb0be90ae6fc90904cddcff14877fdb799b7b9d3171582401df87c634 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-8k9qPzkmfbzr2i1vau7FBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:20 GMT date Fri, 04 Jun 2021 18:20:20 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-8k9qPzkmfbzr2i1vau7FBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 48B6	170 B 188 B	75ms 70ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNWmHdFIK27ycbqkazdSjlc65nsxw9Q4c34Z-cmGzxaWA7QAksS5rSTz1xB6D58loaYNNMmIDgqJkGXTkzKsqQ8xBr1ib1XRbIgPNpChd8RA766UxDhkdKVGHGbkM5q9lR1JvIt3fyFeBmqtvpm1lXsfd_TE43-fQo83kXNkfSeFV0ZD92oEOuBRJ5PO35v8A1cb-tDwRLiIHvO1-SmHGKW5__U-OUx9KfWBJ7DUWu51WGYt-JlzNmCnOcp6gHvlq-k0MdYP6T2s8z4hMnH1gmniPRHHJ7SGZ6InCV6v_vyWqGWEPJxkI6uzhEbtRVLh5l7tthzn0NINe8QIkei1WvLe_K8bRgdN6x7DnEPaL4RvL3_GKB3NdGKd6RVv7SoWRKsQuE5J4z0_cUbywv9CUsbsuaPA5lcbBsCAX66TdMZ--qEl-Q-Nl3o8aHYm8d0WD8bUYJSy1PXNuA4ug987x-K0oQ9p5y21wDAbZetemy2pGkT7VSprDQg8rH0ArO_hkwBOrWhd2dTqsdIQAmCIIywlD98r4IElMmu513j_IbS7lSQXGzjM3ur_cyYKDTnuRbYRUIbTUcyU4TxnQ2r1lCQB8DPSlAIO0mt4geseRK0ZQzBCULg Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 48B6 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBA... https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgE... https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2EwOWNjNDAtNGE2Ny0yOTExLWMxMGUtMGJlMjVmMDkxYjY2&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-...	170 B 232 B	68ms 67ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2EwOWNjNDAtNGE2Ny0yOTExLWMxMGUtMGJlMjVmMDkxYjY2&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNWmHdFIK27ycbqkazdSjlc65nsxw9Q4c34Z-cmGzxaWA7QAksS5rSTz1xB6D58loaYNNMmIDgqJkGXTkzKsqQ8xBr1ib1XRbIgPNpChd8RA766UxDhkdKVGHGbkM5q9lR1JvIt3fyFeBmqtvpm1lXsfd_TE43-fQo83kXNkfSeFV0ZD92oEOuBRJ5PO35v8A1cb-tDwRLiIHvO1-SmHGKW5__U-OUx9KfWBJ7DUWu51WGYt-JlzNmCnOcp6gHvlq-k0MdYP6T2s8z4hMnH1gmniPRHHJ7SGZ6InCV6v_vyWqGWEPJxkI6uzhEbtRVLh5l7tthzn0NINe8QIkei1WvLe_K8bRgdN6x7DnEPaL4RvL3_GKB3NdGKd6RVv7SoWRKsQuE5J4z0_cUbywv9CUsbsuaPA5lcbBsCAX66TdMZ--qEl-Q-Nl3o8aHYm8d0WD8bUYJSy1PXNuA4ug987x-K0oQ9p5y21wDAbZetemy2pGkT7VSprDQg8rH0ArO_hkwBOrWhd2dTqsdIQAmCIIywlD98r4IElMmu513j_IbS7lSQXGzjM3ur_cyYKDTnuRbYRUIbTUcyU4TxnQ2r1lCQB8DPSlAIO0mt4geseRK0ZQzBCULg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip server OXGW/16.208.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2EwOWNjNDAtNGE2Ny0yOTExLWMxMGUtMGJlMjVmMDkxYjY2&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA content-type image/gif alt-svc clear content-length 0 via 1.1 google
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 48B6	170 B 188 B	73ms 71ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNWmHdFIK27ycbqkazdSjlc65nsxw9Q4c34Z-cmGzxaWA7QAksS5rSTz1xB6D58loaYNNMmIDgqJkGXTkzKsqQ8xBr1ib1XRbIgPNpChd8RA766UxDhkdKVGHGbkM5q9lR1JvIt3fyFeBmqtvpm1lXsfd_TE43-fQo83kXNkfSeFV0ZD92oEOuBRJ5PO35v8A1cb-tDwRLiIHvO1-SmHGKW5__U-OUx9KfWBJ7DUWu51WGYt-JlzNmCnOcp6gHvlq-k0MdYP6T2s8z4hMnH1gmniPRHHJ7SGZ6InCV6v_vyWqGWEPJxkI6uzhEbtRVLh5l7tthzn0NINe8QIkei1WvLe_K8bRgdN6x7DnEPaL4RvL3_GKB3NdGKd6RVv7SoWRKsQuE5J4z0_cUbywv9CUsbsuaPA5lcbBsCAX66TdMZ--qEl-Q-Nl3o8aHYm8d0WD8bUYJSy1PXNuA4ug987x-K0oQ9p5y21wDAbZetemy2pGkT7VSprDQg8rH0ArO_hkwBOrWhd2dTqsdIQAmCIIywlD98r4IElMmu513j_IbS7lSQXGzjM3ur_cyYKDTnuRbYRUIbTUcyU4TxnQ2r1lCQB8DPSlAIO0mt4geseRK0ZQzBCULg Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 48B6 Redirect Chain https://sync.teads.tv/um?eid=3&uid=&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Mjc2MjI0ZjktNjQ5OS00NWVmLTg0ZGMtMjI1Y2Q0MjJjNjEw&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f...	170 B 188 B	65ms 65ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Mjc2MjI0ZjktNjQ5OS00NWVmLTg0ZGMtMjI1Y2Q0MjJjNjEw&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNWmHdFIK27ycbqkazdSjlc65nsxw9Q4c34Z-cmGzxaWA7QAksS5rSTz1xB6D58loaYNNMmIDgqJkGXTkzKsqQ8xBr1ib1XRbIgPNpChd8RA766UxDhkdKVGHGbkM5q9lR1JvIt3fyFeBmqtvpm1lXsfd_TE43-fQo83kXNkfSeFV0ZD92oEOuBRJ5PO35v8A1cb-tDwRLiIHvO1-SmHGKW5__U-OUx9KfWBJ7DUWu51WGYt-JlzNmCnOcp6gHvlq-k0MdYP6T2s8z4hMnH1gmniPRHHJ7SGZ6InCV6v_vyWqGWEPJxkI6uzhEbtRVLh5l7tthzn0NINe8QIkei1WvLe_K8bRgdN6x7DnEPaL4RvL3_GKB3NdGKd6RVv7SoWRKsQuE5J4z0_cUbywv9CUsbsuaPA5lcbBsCAX66TdMZ--qEl-Q-Nl3o8aHYm8d0WD8bUYJSy1PXNuA4ug987x-K0oQ9p5y21wDAbZetemy2pGkT7VSprDQg8rH0ArO_hkwBOrWhd2dTqsdIQAmCIIywlD98r4IElMmu513j_IbS7lSQXGzjM3ur_cyYKDTnuRbYRUIbTUcyU4TxnQ2r1lCQB8DPSlAIO0mt4geseRK0ZQzBCULg Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT server akka-http/10.2.3 content-type text/html; charset=UTF-8 location https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Mjc2MjI0ZjktNjQ5OS00NWVmLTg0ZGMtMjI1Y2Q0MjJjNjEw&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA cache-control max-age=0, no-cache, no-store content-length 535 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame F82E	17 KB 6 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame FA5F	31 KB 10 KB	39ms 38ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:20 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28819 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/ Frame BE7A	1 KB 610 B	27ms 27ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5122c11c712dd865696a259facba17e7d6d1b90fc386f5f26126bd56de867bca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 585 date Fri, 04 Jun 2021 18:20:20 GMT expires Sat, 05 Jun 2021 18:20:20 GMT cache-control public, max-age=86400 last-modified Mon, 09 Mar 2020 15:51:41 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame AE04	0 24 B	93ms 93ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5QKeZUjqlZP9XO4nnMJCdd9N7Phubr7D7fqlPWXXnA1VBZEMMWuYCHX6KHTXkBe7Vx9EnS1naRRoqiPMfmh43ieo6GAp0Q1Xkwb73r-JkYfvyK9g3LX4UNTMI3FDMkdY2d78B2Ud9Bawml2bx6gPB1s-gCeB2TYpRCKZjj766InQ1TtYVaJRNj34mAozC7UPKfR1BLFiWOYiU1RMQkh_C3bq6l4iSV7UGASa4Y8_zh5kl8NNJ2tZFnrx5ahbUcF-vEzCj3UbtsyLZ6cEebRKfevhPaH7UrQYwck-MrmPgmAyC5jcFWNp2VDCytn0Gl3Vflgjb4PtFh2sSZd5RPND1qK6Z5N3gomTTXORbgY5tOxDn-wFmIeczwix3jBsQaNyxy_AVpDZK23SJ3jGEB67TZOGCVNaW7rk29IpZn5iGPgepk5lPxDMH-GSWkS1rZAZokeY8ymS5OKOEYAr6z7Aso3QAPILZAMOrio9HA_VOXrpUMJpxLKiifhyAatyvI4s0mtUHXQ90qEISyUpc0o40Mw2SRXCSPgEeLt0swIVQZMQkWophStxO_pg3NF5rXctnN48JI-Obrht1VAk7AaVKmIMH-w9KR2VExrZ-9U4hoWcMu93VbTUgvII4xgzPWCcugJZHtzJhLpw8q0SDM5yuCARfdVCV4-Npidmrki-KXMoVoKbM7hZVeROkg_cGt05Q2GkPMFrKqObyOT9wameTHeKv1Gy0Y1CCkbpRS-TFv9GEizAcHjS045PtFj0D8Lx7InKfaokGSaXvgh9MI5oRQEwVLwL4e2c0UEEzbFhXCKp8K9W5fJFlS52F9CiW5g4qAshDCUohjz4dsD3oyZ-4dc2uXofsnPr0F8GeNB36vVpFgdS2DXZHeBQ57LSF3dBYnHdfPpbaIWx59_-RySA7HCp40MXlEAIXndrPK3h6W_z_EHBcIfLU6rtM0ymoekpaNPb6JZXwAOFQlzCt4_vWIg5lg4KYPoWlbR92W63CnCNO_XX0ieCe5FEZnOyn09-3IpvhiYS7drekhdn6VXKdCzI6AfIGj9JHKqSdJMHTvbh8J0UGuRMLV23H8QJ-RgtPIbp0bHOuh0YH0j2ZWuLEzvOXBGOR6Hc7q5oyvm5lgwMqEesOZE37ADVtCIhnNtX5RV_4Pqt9_7EmRs9_A5oghv2eJhPdqlRgbjznwX-5JEQGK6oaNAn5uou61zY9LFzc58x87OXoUpiaKxufUdLjzBjrQ5efBIQ2wNH8Qhlk4g&sai=AMfl-YTNa-xCSKMjmAwZWtDFLRQbguIUU4aNarhKWCyNP652YU2B8x99NqKoVnl_46GVW7uWi4CObOPh2HF0ZfyEdJSi72UITtUgTGtIXBof2hiPkwIMAw6Z2RN-YXqCFr2HNntgP6BSgx8oAMrX6yuTdO-1YwZUMA&sig=Cg0ArKJSzOvnTng6-7ozEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=437&cbvp=1&cstd=429&cisv=r20210601.68356&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 04 Jun 2021 18:20:20 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame AE04	43 B 1 KB	148ms 48ms	Image image/gif	213.202.235.8 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extLi=25042747&extCr=130146484&extPm=292521141&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1 Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" Connection close X-ET-Monitoring 1 Content-Length 43 Pragma no-cache X-ET-Code 0 Last-Modified Fr, 04 Jun 2021 06:20:21 GMT Server Microsoft-IIS/8.5 Date Fri, 04 Jun 2021 18:20:20 GMT Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1711 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3-29	200	container.html Show response 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C99C	6 KB 3 KB	69ms 20ms	Document text/html	2a00:1450:400d:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 04 Jun 2021 18:20:20 GMT expires Sat, 04 Jun 2022 18:20:20 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame F02E	73 KB 27 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656037121142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28114 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame BE94	176 KB 61 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 14:23:35 GMT content-encoding gzip x-content-type-options nosniff age 14205 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 05 Jun 2021 14:23:35 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame BE94	8 KB 3 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApNEl6jG98_EW_S6onDySanDNLF0ut8cV3znooH-rFcxSUdC-BKiISK0H5Djw4iaptBXyGAWHdFVTKjioMWs_-aktaupliMvVOgFN2_pqjs1O6MuTIInt4DW3VzQ4AvLTWc-zXnkwXIK-c7lzSSk6628Nvpg&dbm_d=AKAmf-DHkwJ7ReBWiXwYsVb-qnl8-BWIXeO6uKrc6J6vGMx1BK1REL76U7YsHnXbFo3lKdZ6K0Q7DPAZ-bdGDPurON2eUbgmRFgfVP5a5oqyb4Ldq0NtFEdVO9TBsIyY58Rx3l_ySPj370TKPMvbciSOYaAeYSaAu1ncoZwaLmgtOLgq7o5fn0-hN7txYHx4IniDRaUilf6d8mTAQtUoYee4QaOzuKOUSOaOXgWlcHzjLIPuzRGGd1E9zBXXMQnkoJOkLTB6jAG7xKzGuzIR_MbRBMhwEOgNnAaAXb7jIBR66mMt_f30F1n5Zya-VNc0m0HWbNT2u3RRSYLkjSKe9RONMpEHvHXtelwEdYpmEGTDIOov1EjdTEVnQNl5Zs7p_gFqms5dROxAaV13mq_cDt2GBP8l_pcv9TWRlRuq6CYddXjmGBRB2VYHSFqgvFnS0gaqUyEcxf-7IRMW74l86TroI5bfMMUFz8FRmL0f8dLfhPBXK0Dip7TCSe8trXJ1RdSKYG8ZfMQnqLtYIWCTWrJbxH9TXKgGDn_TeXuOzt9f4Pg84LSJjwf68pXKGcLnb5EE_70xX1KbDzxJ-ktGvy0C-cAM4kJ4PuMeWFzDOEMg8SZtx6Y2dr4sEFqG2zQ-gESBHwj-h-0huw28-GfYvw-eU6O9xoD6uBExqMvKJ_DVn7wcjytQIRtpv9WxiHGod_AQ1fdfdBiBAt8dWJ1BM9TECg9zwZq8kgrOP07HzaQojWMt3v954QXb3704kydH4g0gurUwCLeDDjPSGP76jtpldRNLQNr5-Nva5uhTVvFAGO9LnH-sYsQe7QtnNtxCzqY4dCEHM0vSoQq9-ay4AWRXrjxm8hhD6Fao2ln-GvkaR5FU6d_j24kHrQ07JF4TYaAQ6ppSbUYroOgzkoZl5G92bZcwTdPLGcdkYNs1QOSP4s2M_vIdAj6CNQUaSf7-AdMyTw1C5FGKIP1E9iQXuqSvN8CP0W8Pa7q9mXtstVcEIT0CU3ef6p9aGL_NgXtMrKMxRilVTX7ZctAPQdIRxLeNQWBFisi8FCWn_XbMKfrieMSXZkpM0BCok8pAbDitSVCM6kc2HiZjIKWc7UsWmNB0A42UFCmencshEfNPPEW2oonMcEz05KWhvA5zMzYOSRbzlAi39-bL6Z60Dramotj73WiJb_q_9OeRwiLK6OSi2OcS3VAnp6ghZn5tICrCsl6MCmcojSwTc7JEB7WVq7iFv1ZnoxLeuHX6aC1O4mtlOPeCs980urK0OAEH9hJKVrGILc_K9oVHRYHQhN_iOP4-pbXed1aKYDnDKYVRR6QuFQQu4nt1Y9_rvNA9YgNpxFe6fYtz_lSvfTyKIMFCUdaEpZGgbaz2Mc1ZDkiFiF2Od20-XqJKGihnl3Cs8f7ho3V4nGcmyGGK0Us-Icg5EOTzoiaYVhYtrZfrrtYvFIlBSU9Fu3rgYJW828oMumC9nCQ3SrEAauBZ2Y1lh9kOIvNpMk4DJKXNyZSXPeb9566KpDP5eBcqhXBhJxUnYefr4lh3cNP3kSnyqgQxtDmvhdwAh-7aGtLGdtpcUEphHSpovFPV3f2bDDWLZDuQews5yWVVDrH5nWhwe5AtmmcXyvP_eU7nUKwNeN39pqTgp-irC-O2t0noqFzEvk5OTfWDNEjbu031tJLQ19YON4CuJ9Vl6N-2OEiGnskm6LaREUouU1p_TqpV-LbCBHbfYGaXDkLBAK0d_xgWpnfhpal_HYT97bLeJOFhsE0QiCr9s1JY42lnpB8NcyxxnnkCWiqyNyqRwM6qN55ZLlNNWVBFNw-dFHmphbbi5YY0udXGa_TblwTRWnpl0IeTrl_UpYRfJaDh1C0qRmsUN2FxNtm0pDbBd3nDX9qbA7TpWOONT9WIVPRrDz6KtfLGoomk9oLWESCDjrN4p6z-upQ5KJ21OBqmW1V0PN_8dYn_5Nig3SsAKSwun6BhBciNoMJ0E7CWiHCT4Cl2Dwq2xV23dncOPBJLAdTysYw3yOhoS5_Yed9IZtjxfvE_5YPZzgvVXClnT25zONPFEBSgO0M_4yFIOWLTBB_7lAt81nG0CgjeZWNN2oOT1uy6_bWuq1I115Zqh_4dPjWkiiGiK7GWz1sDNqemBSFOZHMPAyG_blM9wQL5p-OhobyCf704iL_H-lgLjlHMjGHKd-9EpT2HXG1XUYN9siUQl36VLxyWidgMPGpq9PbF-1nlIrq7hTy5AuzyZ6b16QJzF2tTsMYduHxF34ZaElZ5by6PnDBjfy3RIRjCts6pfuGvRXyvgD2qVrRlPMObkapSPUFpqGJkwuQDLsIAcYrkrGd5xv2OFRsBrE0IV7v9yxuvyp5gD9yzIeVszOqpJeJFHkx6rySbI72nqnFr7alqg6GoNlbKOFjOdLe-OtblxKm615NHnrJE7DSq04Q3lp8VF1ojyW6gBE6C07bV2NmxkdHZGVpXflg8-2cCazj3DtRCpbSjcXSd2IdHyce6i42CpW2iZ8WEupQCcIQxKDfHcWlBC8dvd72MhWSNkc9vmbr5UKGLuav1Qp0O_Gtqxs_U2zLWHOR8UjRtQk0JD6NH-M7zcwP-7wfr3tNMHK3eQ6M-A5ofHvfnVVxuwEe5Zim9NoGyu4pi13SktrrGpzekvDUObvwuWxPzR9lxeJ7w9Su9tvlVbMupmws3gelCqEpmPRI3z6NbOTAtujcx5OYlxEaJiP04eJ0KBVwWj_XOm4Z8N1_8eun-b4crZ6OjIfq3IyF1SbVW7pqPZQc0RbGPRL-iJDI2Rv3uX9-E79fmVxuFVxS8jf8sj1QFQ_1TlnyUZx7-UGxXWxq2zDb0Rgj4PNcp4bRe-JAK_Hz7D_cHQWR2FdJRSPjNSJGEK6pIFRJfhmougFd5RT3HciSesj1VQkfrZMnYkx2-b-cVxhMs_EiWCauuz8srE7NxqN4CHLHYPlg4Z0F0maIsJxj7ZdY5Ag0GkN22ozr-TtiF4D0tDCGIlv6sKpaDnWHqZFExSifXJXWnzjovnrSId_6RoYvUycAqMlXT2DRdLGPLH20pbkpa5jTpSRQZJxEHsjCRGt1-J1sUq0fk0autOObco7mxQ0cfuzqtMwrwK1MrziWCBqtdRhniVTDoUjqdYmt4EyEIgRyYgS6XV0iFOg9e2JH1_Monj3ajyBhDQO0kzy3SAJBdn0yQivpQ9wtMYeIQzSP2tY2HA2qMPwvafZZMopVyTKMqcHc7T9M3rByDB5XbeVxy5IKHRTUuUeJ7cx_vxo6zQfM7iTbsA_Nmkz6QBoWLIoXl1utr5EhPLZXN26A9CgOCwza2JqqsZ18k_CBtlNcC4SsmDY_zuI86DuOKkh-sjeV4QGMLGjEMWYPQv3arX4LIHNHcEmPjUMTJVfupQg9S0J_reKu4kOushDwJcRC4nufod4rkSSTSv6qNUKy0zndobMAqRR1_NMaf9QcF04_gJErMHjL9hhCTjGzGlN-fgrK_DE-Xyet32Re0KK9vow7iZSyGF4B431mH9h0XE6ohSHqrZPJcC7be-n3ieBsCyjxUCPFnJCSv6s-CERpvhh3dz0s&cid=CAASEuRoO67UxAobCl3NEmWyDNmkKQ&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:43 GMT content-encoding gzip x-content-type-options nosniff age 337 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:14:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame BE94	22 KB 8 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApNEl6jG98_EW_S6onDySanDNLF0ut8cV3znooH-rFcxSUdC-BKiISK0H5Djw4iaptBXyGAWHdFVTKjioMWs_-aktaupliMvVOgFN2_pqjs1O6MuTIInt4DW3VzQ4AvLTWc-zXnkwXIK-c7lzSSk6628Nvpg&dbm_d=AKAmf-DHkwJ7ReBWiXwYsVb-qnl8-BWIXeO6uKrc6J6vGMx1BK1REL76U7YsHnXbFo3lKdZ6K0Q7DPAZ-bdGDPurON2eUbgmRFgfVP5a5oqyb4Ldq0NtFEdVO9TBsIyY58Rx3l_ySPj370TKPMvbciSOYaAeYSaAu1ncoZwaLmgtOLgq7o5fn0-hN7txYHx4IniDRaUilf6d8mTAQtUoYee4QaOzuKOUSOaOXgWlcHzjLIPuzRGGd1E9zBXXMQnkoJOkLTB6jAG7xKzGuzIR_MbRBMhwEOgNnAaAXb7jIBR66mMt_f30F1n5Zya-VNc0m0HWbNT2u3RRSYLkjSKe9RONMpEHvHXtelwEdYpmEGTDIOov1EjdTEVnQNl5Zs7p_gFqms5dROxAaV13mq_cDt2GBP8l_pcv9TWRlRuq6CYddXjmGBRB2VYHSFqgvFnS0gaqUyEcxf-7IRMW74l86TroI5bfMMUFz8FRmL0f8dLfhPBXK0Dip7TCSe8trXJ1RdSKYG8ZfMQnqLtYIWCTWrJbxH9TXKgGDn_TeXuOzt9f4Pg84LSJjwf68pXKGcLnb5EE_70xX1KbDzxJ-ktGvy0C-cAM4kJ4PuMeWFzDOEMg8SZtx6Y2dr4sEFqG2zQ-gESBHwj-h-0huw28-GfYvw-eU6O9xoD6uBExqMvKJ_DVn7wcjytQIRtpv9WxiHGod_AQ1fdfdBiBAt8dWJ1BM9TECg9zwZq8kgrOP07HzaQojWMt3v954QXb3704kydH4g0gurUwCLeDDjPSGP76jtpldRNLQNr5-Nva5uhTVvFAGO9LnH-sYsQe7QtnNtxCzqY4dCEHM0vSoQq9-ay4AWRXrjxm8hhD6Fao2ln-GvkaR5FU6d_j24kHrQ07JF4TYaAQ6ppSbUYroOgzkoZl5G92bZcwTdPLGcdkYNs1QOSP4s2M_vIdAj6CNQUaSf7-AdMyTw1C5FGKIP1E9iQXuqSvN8CP0W8Pa7q9mXtstVcEIT0CU3ef6p9aGL_NgXtMrKMxRilVTX7ZctAPQdIRxLeNQWBFisi8FCWn_XbMKfrieMSXZkpM0BCok8pAbDitSVCM6kc2HiZjIKWc7UsWmNB0A42UFCmencshEfNPPEW2oonMcEz05KWhvA5zMzYOSRbzlAi39-bL6Z60Dramotj73WiJb_q_9OeRwiLK6OSi2OcS3VAnp6ghZn5tICrCsl6MCmcojSwTc7JEB7WVq7iFv1ZnoxLeuHX6aC1O4mtlOPeCs980urK0OAEH9hJKVrGILc_K9oVHRYHQhN_iOP4-pbXed1aKYDnDKYVRR6QuFQQu4nt1Y9_rvNA9YgNpxFe6fYtz_lSvfTyKIMFCUdaEpZGgbaz2Mc1ZDkiFiF2Od20-XqJKGihnl3Cs8f7ho3V4nGcmyGGK0Us-Icg5EOTzoiaYVhYtrZfrrtYvFIlBSU9Fu3rgYJW828oMumC9nCQ3SrEAauBZ2Y1lh9kOIvNpMk4DJKXNyZSXPeb9566KpDP5eBcqhXBhJxUnYefr4lh3cNP3kSnyqgQxtDmvhdwAh-7aGtLGdtpcUEphHSpovFPV3f2bDDWLZDuQews5yWVVDrH5nWhwe5AtmmcXyvP_eU7nUKwNeN39pqTgp-irC-O2t0noqFzEvk5OTfWDNEjbu031tJLQ19YON4CuJ9Vl6N-2OEiGnskm6LaREUouU1p_TqpV-LbCBHbfYGaXDkLBAK0d_xgWpnfhpal_HYT97bLeJOFhsE0QiCr9s1JY42lnpB8NcyxxnnkCWiqyNyqRwM6qN55ZLlNNWVBFNw-dFHmphbbi5YY0udXGa_TblwTRWnpl0IeTrl_UpYRfJaDh1C0qRmsUN2FxNtm0pDbBd3nDX9qbA7TpWOONT9WIVPRrDz6KtfLGoomk9oLWESCDjrN4p6z-upQ5KJ21OBqmW1V0PN_8dYn_5Nig3SsAKSwun6BhBciNoMJ0E7CWiHCT4Cl2Dwq2xV23dncOPBJLAdTysYw3yOhoS5_Yed9IZtjxfvE_5YPZzgvVXClnT25zONPFEBSgO0M_4yFIOWLTBB_7lAt81nG0CgjeZWNN2oOT1uy6_bWuq1I115Zqh_4dPjWkiiGiK7GWz1sDNqemBSFOZHMPAyG_blM9wQL5p-OhobyCf704iL_H-lgLjlHMjGHKd-9EpT2HXG1XUYN9siUQl36VLxyWidgMPGpq9PbF-1nlIrq7hTy5AuzyZ6b16QJzF2tTsMYduHxF34ZaElZ5by6PnDBjfy3RIRjCts6pfuGvRXyvgD2qVrRlPMObkapSPUFpqGJkwuQDLsIAcYrkrGd5xv2OFRsBrE0IV7v9yxuvyp5gD9yzIeVszOqpJeJFHkx6rySbI72nqnFr7alqg6GoNlbKOFjOdLe-OtblxKm615NHnrJE7DSq04Q3lp8VF1ojyW6gBE6C07bV2NmxkdHZGVpXflg8-2cCazj3DtRCpbSjcXSd2IdHyce6i42CpW2iZ8WEupQCcIQxKDfHcWlBC8dvd72MhWSNkc9vmbr5UKGLuav1Qp0O_Gtqxs_U2zLWHOR8UjRtQk0JD6NH-M7zcwP-7wfr3tNMHK3eQ6M-A5ofHvfnVVxuwEe5Zim9NoGyu4pi13SktrrGpzekvDUObvwuWxPzR9lxeJ7w9Su9tvlVbMupmws3gelCqEpmPRI3z6NbOTAtujcx5OYlxEaJiP04eJ0KBVwWj_XOm4Z8N1_8eun-b4crZ6OjIfq3IyF1SbVW7pqPZQc0RbGPRL-iJDI2Rv3uX9-E79fmVxuFVxS8jf8sj1QFQ_1TlnyUZx7-UGxXWxq2zDb0Rgj4PNcp4bRe-JAK_Hz7D_cHQWR2FdJRSPjNSJGEK6pIFRJfhmougFd5RT3HciSesj1VQkfrZMnYkx2-b-cVxhMs_EiWCauuz8srE7NxqN4CHLHYPlg4Z0F0maIsJxj7ZdY5Ag0GkN22ozr-TtiF4D0tDCGIlv6sKpaDnWHqZFExSifXJXWnzjovnrSId_6RoYvUycAqMlXT2DRdLGPLH20pbkpa5jTpSRQZJxEHsjCRGt1-J1sUq0fk0autOObco7mxQ0cfuzqtMwrwK1MrziWCBqtdRhniVTDoUjqdYmt4EyEIgRyYgS6XV0iFOg9e2JH1_Monj3ajyBhDQO0kzy3SAJBdn0yQivpQ9wtMYeIQzSP2tY2HA2qMPwvafZZMopVyTKMqcHc7T9M3rByDB5XbeVxy5IKHRTUuUeJ7cx_vxo6zQfM7iTbsA_Nmkz6QBoWLIoXl1utr5EhPLZXN26A9CgOCwza2JqqsZ18k_CBtlNcC4SsmDY_zuI86DuOKkh-sjeV4QGMLGjEMWYPQv3arX4LIHNHcEmPjUMTJVfupQg9S0J_reKu4kOushDwJcRC4nufod4rkSSTSv6qNUKy0zndobMAqRR1_NMaf9QcF04_gJErMHjL9hhCTjGzGlN-fgrK_DE-Xyet32Re0KK9vow7iZSyGF4B431mH9h0XE6ohSHqrZPJcC7be-n3ieBsCyjxUCPFnJCSv6s-CERpvhh3dz0s&cid=CAASEuRoO67UxAobCl3NEmWyDNmkKQ&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:51 GMT content-encoding gzip x-content-type-options nosniff age 209 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8594 x-xss-protection 0 server cafe etag 7958287194716579593 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:51 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame DD6B	42 B 64 B	44ms 42ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqu0VLgMSs-trlvTy5g-eTOGQNpsWnpH9BFQujR7uL6SW2aEMStCiqTDE27C1lTFp5CwTjQlE-HyZGLIfWzaguD2GiZOThWCdStkyE06kMMksT4n0nO2RL5x6GUg&sai=AMfl-YSrF9_867tx_OqobBCuuJRe-N7RqP5UXdunU10ByD0uWdQicG1bfpPXowS6Jg9pImQfTNqg0wODjmdrynAv615fJgUJUmcpMkBu_IjFAB-ONNNu6AT8uzVrKNk&sig=Cg0ArKJSzA71RoCDEsqDEAE&cid=CAASEuRoM3i-Z5Ov5eRLEIBJVi0C2A&id=lidar2&mcvt=1125&p=30,0,120,728&mtos=1125,1125,1125,1125,1125&tos=1125,0,0,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=781404011&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622830819212&dlt=35&rpt=483&isd=0&msd=0&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 9C1D	1 KB 528 B	31ms 30ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNUngd0kdWanRGN_JP-w5yvGB_77BXxj0yXzDxo-LUe5zTZe8q1pG3jg357jJ1eg1y02aUz0p2Rys_6JK30MYYd-s5oLJK-0I9EXz8wfgkQwrfm1jUFcVOLO-44D7m3gf-riuAJmvMEegSuYYj4JTc-shO4tpL7CMQPaCf4ZDPIko7mL2NGWfYRb7G-xLYoKHx6-5X3h7yMlPMvnFtHK0gT88W7-uUhT_t_cOaPdDMhXPzjK7C4lYHCENcluMRTDCdOaINh3z9syxRDPvrZsKfX9h4ruJPzLXDnF2P4JiDnRje70B2LeVfIffPtlIdZhivFSdFhJnYi7uzlKRUf5lOGFZ90n2JbsoGmZ_0HTsrsS13YTSiiKHmBzVWNXCTy89Fae5bSGcS36W0-RvjONeaQEDrJSHZ4x9ZcvdB94yFUWN_Yuw6ZQuQZm65E7UbIYu2CJDNPu2GDuBUKt3N-rf26gtIviDt_ioL_xDma8JchPd10jsdDE6dcuJ-KNdyH53mk1Eh_QDO8_cAjhiopxH72foKD8IKULkKXHr1zXKyheaTusMTfTmoN3EhocM0IoTqQm-Q9bYPr4QqRrRN0KObukZVmVIK6DllzBAbmv20NY3NsXhGA Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c3b87bfeaf237905441e3ad61ec99e0df38b7ea20eabd2d9cfee4fd80d3aece8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNUngd0kdWanRGN_JP-w5yvGB_77BXxj0yXzDxo-LUe5zTZe8q1pG3jg357jJ1eg1y02aUz0p2Rys_6JK30MYYd-s5oLJK-0I9EXz8wfgkQwrfm1jUFcVOLO-44D7m3gf-riuAJmvMEegSuYYj4JTc-shO4tpL7CMQPaCf4ZDPIko7mL2NGWfYRb7G-xLYoKHx6-5X3h7yMlPMvnFtHK0gT88W7-uUhT_t_cOaPdDMhXPzjK7C4lYHCENcluMRTDCdOaINh3z9syxRDPvrZsKfX9h4ruJPzLXDnF2P4JiDnRje70B2LeVfIffPtlIdZhivFSdFhJnYi7uzlKRUf5lOGFZ90n2JbsoGmZ_0HTsrsS13YTSiiKHmBzVWNXCTy89Fae5bSGcS36W0-RvjONeaQEDrJSHZ4x9ZcvdB94yFUWN_Yuw6ZQuQZm65E7UbIYu2CJDNPu2GDuBUKt3N-rf26gtIviDt_ioL_xDma8JchPd10jsdDE6dcuJ-KNdyH53mk1Eh_QDO8_cAjhiopxH72foKD8IKULkKXHr1zXKyheaTusMTfTmoN3EhocM0IoTqQm-Q9bYPr4QqRrRN0KObukZVmVIK6DllzBAbmv20NY3NsXhGA pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUmmGTrH9HAdupfiwyjqcOUHH-zdTjbVhTZEuB4r04nYkw-Cnc8VE77jYdRnuTQ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 04 Jun 2021 18:20:20 GMT server cafe cache-control private content-length 507 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame F343	64 KB 24 KB	75ms 75ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGyhOzd91Ck1biFrrAWxckYEq6XXOat1RyrHseziyMsWgErRhftuvp-hpWWkf0h6qNw4kOmcizpGLb_Spw_aqxjvI11U3ysge2-o6VrovQsEuLykVTG47JkAdMYh5ixelaI9Mbq5u2dLZrYicZnbyy8wnvfw&dbm_d=AKAmf-B4XMmUon0LHNeW6kwNdNi3uZZkpZo3_BwhdQt8n-a1WXADbVi7FwuIlyqlYmNCSBfgxea09a2ZjSvdJFGnkfDr5Bs6Sm4ux2VFLx5BvINJyQ3Kz4jYcpLxsB7J0TJMYSpaehwZEEPbFP9BvNj2MuXD417t2WZUr19wroyAIYhjLtxJRPB5AY-LI-IJys0ocAnOwixCsqUXgS78nxglPQkm3NXGvz1KciCt4CIDksi3t7yPWdsEirtQm6ce-Wm0m1EOemCbltUhNymBwntrWnj95jTuUiaQANuHLo6whYqd2WSDvmr3Kn7ml5fJsvSDuXF6b5t4XMJKQfElQ0VWN4Uo997-YiZguPC7-7dUO4h3sJ0BLSen0VSjvOvs9sQKp4XZ9fudqDFtEdn6PY8rAOjrTStT0wlxS5afshmPWo4cNiYTEiS6JDzGwyw0Xlwf8Y-DNOTQLvcoZQPY0YPKZIjwYcBuxOcvsE7mHmr737SAqkd7ycuuTXlIjfUYUT3oEcXZf93lUoyT7J9N1PJrahw7yqgEJWbwvQ-A1AKcLzOtmOSLfPH-BEtkc4FfLzVoim3MDjinXxkMaIATaJ8F23jpmnBiLwHZMF3sk8ox3ebShN_xIm_eV_RngRmkrmZtRvNbXLb3RSkvdcqIZm9NDjMdgGomG59GDWx8TvB-5Tt-dFviLACRWpl37v9QVWaQwvE87Rzlkd3fldWJPEYIQPMpRCkvJWvyvRkA2aJ1b156BaWkCJ6i2kPce8KlL9zTDsOuOZs10ObEnbN1tQhF83h1Nl19_WQ3BHTYaXyA5sv4EChVbx-ZVPFGyeBCTFbdBkx-ZmoetSM_X1ryX_6gp76zwt_2knooE-rm05SzcDeKQdKo9mNl6ecFbre7U32nDHb-0JLc4DoSI9yJZmUzrTPrAMASBXIENk3HcEup3959rk7__K3yNMSHsYn19Ru61GUzG2on1pwnyVB8qE0tqE1tY_uGrsTrQbEOXgh69UcYB77FheeuR8dC7ibUTX5-KZIWxcgK6Oliz_0HMr0108OSG1KsoFMZgg4iGCgcCGCe5MDJhUEdmq5e6wJ36qg71t3kBzGMNV0O-W30YJHl0uquJFw5Qvr7Kq18mrw_3zRovi94MMEFpobRYDkX5tafegbUG82zVcW_BpQmvTFJNT-UqlRUmZplDRPkK-qkr7SAMZGhOcRUsNjqG0EZn6QzWkLd1Gk4-BOS87lWQIpCfB-XpOz7hD6mTiBPnBKrK9lyASCLOQ9dcwE5IlQkCIxWmmI5S893PEKu9oHAU5khnviI7akJ28TN1U_ePL_Lk2UR3cJQG_eYliZDa89x-UJ2RhhYZjmjQ_6Fw-oejtqVrsYJby-wjrXzWpdkzAYAdyvTTjlwMa0CwP99z1m2wOmnSi1ADZ219clOsNYlPRrfpJELUUyZg27d6V5hiXHLpCrhhTGaIVComqNxIGJkgyjxbA2BC5gT_5iUpfC81B1r3ka4AdpROsGFc9lai-escd2Q9Ugn7ISk35GgPAzvuaVtvatP7NO3_5C90fDgM15Y67jbAWVM10pZRVe-4scxu9cB3xYGcpkbltaMqW1-8JZmROc7x08j1BmqrCcD4-8pJ2TAByIEcedOxMYd9h0SDbIfVZ42ikvky-Mox3wOZQd8SubzuL6PJ1DXbGUWMRUMNtQitMlERddgRk-9ll2miXWdL1KuUWGPW7_vdQkhgAytLXXm5fiXmCXiHithoG8j56ltBfBVroyJcBff_ziJQ6uW_H_dHpcJ2O8R_XluWkWWuPNZ9hRzFgnyWZiyM1s4hhT9a24arN4n9MSZPxG5xYzdWGUPN9bG0_Lrg3uPcUlQbt83DcXYBgoAZNQzaDrG0zCUPpNC5Y7W0wugROcGPyiXwDP4_-Dvh6tu5xfbEokvgLIId8RFGoLRDrqFg7sCRb09Tnd2j1sNGRanZ_Txg_KrH1yVsm1tmsWxBBs69eN0TRBzh2w-oV9qi8__30nYJVkznOR1jlw7YgKX8_Eq1n9IP4WHg5bcFmm8TfGrPXY2L2cW4l0UwFiyz7MCA18ERkEhGhtION4P7kefbKvsbZB8MD0rQmXjgDtLPL29uCj17jGy4V1RP4IxbTqC5yMqeN52vuUg9SMtahrFl5YOwRck7x2RYBHTF3ZNrzQYHkSsP_7LsnE77ha99dVekMQPd3fTFl9FuLaFsQOY0M6ytVlJZD8MurxbZtZ1Az2YABxSLa_sDwqP960wwViPdTjK6AOWtjFdd1wY778ZuBKAqXrlHVHBILWByMDX7lIGg2-wE6jXhRVlB_H62-FTpO6SbTHJ-R_2j6Q5PB8KwxnOPaYrr47Ld6SXFh76O6Ots5OzODocn0n-5d1s15e2jzejbnuZrFN6rZbvme81PniQ1oBPAxl0qpXJ0Yi8b0G2m61kgoHxG49aZ_-0QAH0JoQ3EwyqrTgk1szQs_eDGHR9M1LlluoakE9q2KUrYSfdPv6AtOazfg5N3Uw4QihX2I9WKFmwIJ9N7eBOe1Eok7Ovmi-omYeN3M9DXp8L74JAHpdDC1CKKIUC0qHwYW3wPnGQi-DfNegP5HCUkgHcGSCFuahU0Je5bX7_iErnpCAl6eVVLgPmQ89JrpZWkNbEnZUVZr7gBmBvlpmzV686t6zOHO3KFeGROIKfwJJC-zfCXtgjGN8zX05cFlj8txvD6WKSz1mNzBRY0IFnweHwk15T7dylrkfCI1KH7FMsgLa3F8-q40_Vpoj_VuLHTT-Ra4U-h5Wem-9EaNc-gk-aEk3is9l7wP7gbjzeFyZ6vyimlO2NuwtuFbahWLyO-v8g1fZWQFCxPKPumo2bQFXbZEIzpLN7DMOWhiCPlfJgOCyeq2HNgmowxkTA9q10mTI7NUn6izyEzcMOI1WeEXUSI1DYpwESpyZ_0Rf1oR0r_E0NEDwGszzWn3T-QoMTLQAdDLl8WJ6C7pvBA-nSYKzXMEHIqUfrFjDn-16GgeI_GhY-cA-iFyGZywgQUFXwaIVL_xWcBuHDRivn_fmsFhZ6KC7A0K95vQV2Zml5Z3rLrDl5l-g8tgTbcrgE9Uj1tD9j24UYeDmQpf13UP-i5sfrb07kqwb_eqD0je42QrZaxIxQvArgYfZ0HdU3UGZyCDK2IO0kQyV76zp5YQAzTy-yZDnQKd9lm_TiCtez6D-FDl9Gkeovn5zm2UXN-KIEBjFbYinpG0Cq6RtWdTEwbkyPlO9YDvJ9XPeP6ZIYisyNsAW10MWGXPyUqrs8YoJMVFoTYol-tNXjK9ltUbbfW2Lt4fKzzNJPbeU69hTIRI_nfr_c5QkGU2OLJnyPUIzRVOUf48dMiJ0ufBSDRnSDeAmVqmfXuRqbQWjiEfyEnngG9ja4FsJetA9qN6lvxElu7jEF7E-1WHTjGjowyZ2yt55V2qXik8VODVklB3i0DraqGuce-0X8agRfhRKGWYt4lzyF-cSEscXCKdwbHG2AQpwOInI3g4UsrdShaISwgyLYmfFNN0erw2iT4Vds7gifvXr8oXHDl1JTjmn5IaeF_VGqLaHFHpELfndA9SiLwZ4ZJOLMXmuBG80PpcHmYzG_7BFaPXgKDdQfxzgT6H4pOPKFmVYafC9NX3bvLRI&cid=CAASEuRobEj8CQW3F0Cc_rmGaQKLnw&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f45ffc46ef4274b642f67f6faa2aca7764e6abf760207fb9de15e7052997fed4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25040 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame F343	42 B 63 B	41ms 39ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5ZJ4fpl3PK-vCjrRRUgIBwjKU9TbSzM8AgoVxbmfTlFjBPZ54XB_z3Gxc5ud7mMQkd5d-hO5CedDwYEx_-U_Of240YK6Z1Igz6HLJ2BOngJmHLFs Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame F343	46 KB 13 KB	57ms 56ms	Script application/javascript	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 7467026605644285064293c01771b414f06fed9cdeebe59b51da482372245c70 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-server-name app15.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame F343	2 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:12 GMT content-encoding gzip x-content-type-options nosniff age 248 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:12 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F343	121 KB 37 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame F343	13 KB 6 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:19:37 GMT content-encoding gzip x-content-type-options nosniff age 43 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5635 x-xss-protection 0 server cafe etag 1091097466425408374 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:19:37 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame F343	0 0	20ms 19ms	Image text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQ37p3ivnEaiCr9BbtiIU5VIOjm1TzfgaQjtIZbMyrLl0bkx2A6xD7vbsYiUW1kYp0vtVJtCzjegpdVgldgXdrbr5lWQ Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 fonts.gstatic.com/s/oxygen/v10/ Frame BEA0	16 KB 16 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v10/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oxygen:700|Oxygen:400 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5f9ecb6ce5cd13a976187541227e0246570ae91864d052b3e9cc0a4636dc8a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://s0.2mdn.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 20:00:23 GMT x-content-type-options nosniff last-modified Thu, 10 Sep 2020 17:03:28 GMT server sffe age 253197 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16184 x-xss-protection 0 expires Wed, 01 Jun 2022 20:00:23 GMT
GET H3-29	200	2sDfZG1Wl4LcnbuKjk0m.woff2 fonts.gstatic.com/s/oxygen/v10/ Frame BEA0	16 KB 16 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v10/2sDfZG1Wl4LcnbuKjk0m.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oxygen:700|Oxygen:400 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ccfa0fba5ab2cfef812fff3452cfdc73b6573900a9613b2828dfa691535b57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://s0.2mdn.net Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 18:33:29 GMT x-content-type-options nosniff last-modified Thu, 10 Sep 2020 17:02:44 GMT server sffe age 258411 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16344 x-xss-protection 0 expires Wed, 01 Jun 2022 18:33:29 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame AE04	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41203 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET H2	200	main.gr.19.8.206.js Show response static.adsafeprotected.com/ Frame AE04	183 KB 58 KB	156ms 51ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.206.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip last-modified Tue, 01 Jun 2021 22:03:45 GMT server nginx/1.16.1 etag W/"f4d80fb2c423b91d55077116728f6247" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET DATA	200 OK	truncated / Frame AE04	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3576bf909003ab2b6d3c93845d73d911f436ae7a5a079b9cb8f09b3ec5ea810f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	pubads_impl_2021052601.js Show response securepubads.g.doubleclick.net/gpt/ Frame 4A83	311 KB 109 KB	74ms 74ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 26 May 2021 08:37:30 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111649 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	pubads_impl_2021060201.js Show response securepubads.g.doubleclick.net/gpt/ Frame AAF0	312 KB 109 KB	72ms 71ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash afcea64040738271b127e7b2338adaf40a6612e0320ec5e4d1e5353d92a3bfbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 02 Jun 2021 19:37:16 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112073 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H3-29	200	pubads_impl_2021052601.js Show response securepubads.g.doubleclick.net/gpt/ Frame 893F	311 KB 109 KB	74ms 73ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 26 May 2021 08:37:30 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 111649 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 9E06	0 180 B	29ms 29ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYlpbEmgEwAQ&v=APEucNV1EIfQxgcsVSUHT-i73rpL2s6kyHE2cr-RsXwmQqpJRy4iRjsMa35-j-_OZlaLrWWLWNziSaBktz0rZztPYmmgzoCbj1Vs-zxQnslZhTcdnLrlMYAF7ev9J1NueZzh94l92YWYgdrartXueZeP20Oxj-RZuNVShAIMsRjfBQXnhrv3dnPq4-UqXETWajxOqq0iiN1xUHtZ9VEJDWG4DhtL062hdUZ9rxkX8cZPr8LdBpyAqTM8T0GmUBksmEh3DZlmsZoVLJwgz8dQ_msG2OIDUKbrIYOUs0UbBO4R4pBj5FNEv5AhXnhIHv7LA3k46jsT0aGm4sZN2Hfulg0VlyAtB1qVn2ATnqYkzkOwhJKB94khx1ohKJnV3ZClT5tv1PrKrnaYgE6dk-PkWlE1zQ6xUAddxbIx6Pf6PmCnyejvoMytslWgeEJVFtP8c9ID75GEw8IXd3w1MiQxP8PSVeMJ6EvAY7iOsQSB7ELVa4hXpcURrYjQpCZUC9ca5P-UncIjtf8_pgJU0kQOqgdHClzwD1B58JWnNf2S1mzmoq1b6fPEQf-NOruwsIuzhP5JKCzKViXUhXp7LsezLclBzWDTdn5xNycAVPw7Jufa5yJmUEhpti8 Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CKCQWhCPwFsYlpbEmgEwAQ&v=APEucNV1EIfQxgcsVSUHT-i73rpL2s6kyHE2cr-RsXwmQqpJRy4iRjsMa35-j-_OZlaLrWWLWNziSaBktz0rZztPYmmgzoCbj1Vs-zxQnslZhTcdnLrlMYAF7ev9J1NueZzh94l92YWYgdrartXueZeP20Oxj-RZuNVShAIMsRjfBQXnhrv3dnPq4-UqXETWajxOqq0iiN1xUHtZ9VEJDWG4DhtL062hdUZ9rxkX8cZPr8LdBpyAqTM8T0GmUBksmEh3DZlmsZoVLJwgz8dQ_msG2OIDUKbrIYOUs0UbBO4R4pBj5FNEv5AhXnhIHv7LA3k46jsT0aGm4sZN2Hfulg0VlyAtB1qVn2ATnqYkzkOwhJKB94khx1ohKJnV3ZClT5tv1PrKrnaYgE6dk-PkWlE1zQ6xUAddxbIx6Pf6PmCnyejvoMytslWgeEJVFtP8c9ID75GEw8IXd3w1MiQxP8PSVeMJ6EvAY7iOsQSB7ELVa4hXpcURrYjQpCZUC9ca5P-UncIjtf8_pgJU0kQOqgdHClzwD1B58JWnNf2S1mzmoq1b6fPEQf-NOruwsIuzhP5JKCzKViXUhXp7LsezLclBzWDTdn5xNycAVPw7Jufa5yJmUEhpti8 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 04 Jun 2021 18:20:20 GMT server cafe content-length 0 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Fri, 04-Jun-2021 18:35:20 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 04 Jun 2021 18:20:20 GMT cache-control private
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame DE48	65 KB 25 KB	78ms 78ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-iPX2jCWuxTtrC9nUQ58eWlcdSGixYyTyg7BEKNp7Ko6NrkvvjDenVURwga-VjQAEn2s4-f4-Vu2QsZaSpkgZb2_h2bHhZeY1R3f1tAmoeVyoOLBj0xVFAoHRmf2youi0gHTT4y9_3v9mTdmiQO3zsYKjsQ&dbm_d=AKAmf-DaeG0Ne11866icqcH7-eHTuv9yI9SGpIjIr6QMnraUl-ZKD3hrIyLCjX0ueZ0LoFEMJtFlOSe9X7oJ-gY6qoZJY8vW3fSdrUAKgHHeBme0OPVbsYl9DCWsvIxqPGgHkql0vjKfFFMFj94OByW2W7JtwZw7zbKb8s_Zgqrx8pvphYNY7xQ03HK88Y3jqlpP8mg4V5X78PfeRAwbVLupOULgds7O5aBljhAVd-jQZVsySlFU7C6mhEUigIUWgm8buQuDOuA0jcRIy6SjmFOWBsZsruuMfZi98NbpE3ctRo-hs6jj3bqdWCaKjWiz5dmt_yiZKjQjKx_WMvndtnHPEbouSnYh-M8yViA8Xo7jsLFxabV8VpXkf1kALXJ5zsIty0Crhtnw3t4DEYYihcOJKw-WDFAHISfwzdwjbjD4G2gbhYW7AFASfTjdEg5pkJ_7AlP3ZrOasxWcZC0cEXD3okzm0PqlXgQhzRxWc5sFv-gX8p21l4cb4BQAmvxKYCSr24BYGR8hModOEj6h4g8A_pKTbOrVu7JsRnDVv_nCzPUWhdEcBSF2DKMvXK0wSO2Mqt8EZDyFLKUXSx0HXRH8ggMqGIQWRF7fQA02X-mIiYQuXjlMWIzOWWnUNdggh4PtGRL6XMVqY9ta2BBNzuAb7jGhQ1VXcJ9xEO_YZ0PygtKTiw0DfzmAWncXXAxQfXNk_4sVLsgeDixCvfvw5Pt6lSS9ZsZCNXZIMEnKX9dCzRYZa-VoPaNFFazI7X77s9mohRQuPw5BqNKvSPfHWTlWGRN4oLc__Scp0tdUDw3UwT4c6H_6EKQczmleM0fkhUp_qplYTBcFXx1M-iuX8tc6T3vYZONHte6F7CrnsQnNm0FVQrgizaib-gah2AbCemJYpP9lQ7KPEy18pJEpCa30k0mOnMoLil-s4MqGn4GZiEDRL47stE00E5ts3RPtfkrXNyHHPzBFpcK_bZoq7pputF_B6C_aP3KNj70V7qmPmpvrGAPa4w89rMfuKVXHfLWfv7mdkggsfNB97TxXmTssIQctS1oIXBGU7N26DFnkpZPxsMS8zcfrbzKqpodMmNosJxn3dG0bs4DQ9tR7D7Gr7_AJC6X9aoIgb4P-VlMwUQXG6auFS6gPbZ9UiHWpO5Td8w8QE9nk24LqDplXXvvRs0gE-EiuByaBBLaI0dsD_dXVK4JQmWHftnDTanAo9h69hwvIl82C6gWmI08lu1Asouu_Io-KNLrWjYR_5Ajjb1-vToPk3wukS_CkuZli_ceJHTjqwa-eEIsrcPghwplihZbW_90ZGawEiZApFyxBI-OJBqix-9RwJXIhxlmIubQSH432DwSvR66X4FsWArNElK6gXmQHBPmFLHnLJ7DWcvespGjI6BFCdeGEsq_OSmDc4roBssIYjtWI2e4bFxQBVNqluYfCV7IwxyER8S7d9uyN2UMn1Tqjo8KpKHric620KistjyI3HRnwXaC7wnOk5u4rCOv07cIvJMYxfxbVfJdMDmJQaVgK-vc9GMi0S4RwmMpABKeiG4lN1D5JDk8MXLn93v3RzEIXWCNeWZto6uJg90S-wnQ8yNQyM4XhEySXslabKf6WYmLI2_mJg-UmCBVmv9IjppYaNLK2HibWnuX-skjT1DF4ZgUHmpTT9RkncmwCNhw-27UzebP5RgJRWHM6tv3sIGTXCZ5ReCCEfUx99qYSSpKH9VtTuRQxqRwhE5OYoae-XcmkxFPc4Vb5riZXAGcnlxdobjbsAJwu8SIS9BmR4odgAnNmH8u44LTQ1y0tvBl9dXpyW_zmPhVY_3LNkensjmYeAWsVKFHl7RvC7MR91CZkHShngLZrpZHeL1xabXcBnvAuaweAZ6_i8DcfEEEaWIQAg8TZs71EPpM7WKdlwge4p1sLAxdK_xHAWnq0L6dZRUhaMGNaTTvKbmqK9aH0EAZrxMbm-RFdfc9DxpvKPIrrr9E4t59FGIAPggJXbipKbJyjPc7sZWChT_4YFscfuG8Jadgl5GbcFHh53MJTFG7UnZjNOmBSrexAvFdZuy232DdaDh1sQBgxdpN66x5uPaLn-3KObrlhJFCOiHkI6FVH9Djwsrd9CpudSjL6GQvGmZskGwZ7-u7DoLl9GiOLAxyqI-fjPDCCN2x96xKXVhGQ2Glptqj2-pI5kxU0gmt8DsXD4DT57ynNzUwQqTXlFscFplHakDRwklxi-WM4_ZuB275YQdiQUIGTJFZBXTzg_0xtQ_WGx4s99M0lBQN8sCG1eHnLKoJAOp5tgVv016MdDYtDF2xs8vfgQcZO41H8x2JOsu_e1SEKqsYqt4-JhSqRtzGFmcuBNy0ZISaieMs-4VMK42IJOIAmAhrxHD4RtHDeF-eBjioZsMbVQKAuES0FR5ThJlccTDazkEFhQOZiRsMpSyKTHpWfh1RfLvEvlT1elyNpx9nVESFKamNzZv_6_qluoLptxwjIM_wsITLZWnWiKkClho34nf3udq9ZQMj-bcO83wjJ6HgViLbAcffNdDWB2MFB_VFBUMAb4zkM4-jwAafIL_AC7iG1IlYV9Os_XaTJJ2hnmncshjsNt7GU8apldr5McGzH67Ri5FsWnjRA-fW-lfuuSMB_zbHXH_MNF4y0eno4kVm-ehA_vHVW7LVv5Wv_bKm8TQW07lmxkaRYMQ4SyEIFIvZ25FEUrbH3VhGUZsZRI3SjlPrNK0uQezoG1X472sGOY54w5VBqkIvBC1eqqx9WNHz2hk_Y_e1GSDcuufo0wwvHBhUUb68xHJ_Gk9pZTaYvLQBCracIfWkhulJmQjBSy1GsCupQQ_WQFk3KGjNEyIKX1wIcZDyyrU9p8TzJiBBiM-LKv0P0bWNutgb3TY741mQs2cucTRo9eg1WasRS2_0uEMBjyF8B7Um1dpYGWc2zHwcM2TfKsCYTBmM2jVWxQikXbaGxL5u9SNUoDnE4OVE9V9DjJV-Dik8syHBKLRqD7RmR5Lfm4T5ueE4L9ljd2Nike_aLl5b81naWCZtfgPRlLzojCwaWL6knxI0crRBhSnqWrVv8N4kQTzCCC9ZRcO0-ZR-P1iOhEmf6Bdh7suuWGUXIPY4D4fjPDZoFdNIf7COm55_CJ9iFa-CHbqfR8w0MtDTwIkNXu0nAF2GkGBSjYHQkjzJimWpgxciznEhyKbUNNSOOQlzSyH_q8E2J5ouvlUE2JHHFnEiE90M0myQY-pdDh7DaaW1vW-xVVu4fhNUqI8Q1TtyKGP6oz9BVHU8X0AVQQ60_aeNQYOXFN7r07tOUi3XD5EszwFEO0rrPdPHkq2W40IkE9EJTl8Cw_jQLkh6cLBGIf5y9ol0Xaog3DbMYvkkuPTpK0MG1tnZ3n9jJZMq5HLncgkYG54crgQnAp6yYc_DigrMAcojhyA-DY0nVoBdnGP9NkEBf34MSXw8a7IjPMbQZ8F_EjyG0md5YtLQ4CI-YQpRnhAvqdJ_Sj7kNFao6DTR4MILLao20BplIuo9XQ4oTpitn1aTV_gdxfUHAOEjfssL_7pjEMYm1jfXVyrFqoTpJGuvK6uW1MZRDXcs969lgzWUHR_it1Fw9dcLD67OWjyJI_dAi8AGsyorguktVvnOdEwp90ze_Gha8DGs&cid=CAASEuRoTGyTBjXUubzIa2JEg-7EEQ&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ac54ad3774b159a7b41246e960bde8570cc854a7b1de924f7e3706fa16f12ea1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25710 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame DE48	42 B 173 B	39ms 38ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DsUpbB2q_zzRYZp_tSdadTqOn_2HpF-vaNK1xUg3QQuqLu16saeYMyEkhekCbsfUi25l_uJYkvpfT7WRh-2bK62MqSzx1M507ieQVG4MFEiZYYTeg Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame DE48	46 KB 13 KB	60ms 59ms	Script application/javascript	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324078358&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash f70944ac2fb407f0502630f9d26a12a29bc71ed6cd269552694d65b845a1ef71 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip x-server-name app27.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame DE48	2 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:12 GMT content-encoding gzip x-content-type-options nosniff age 248 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:12 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame DE48	121 KB 37 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:20 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:20 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame DE48	13 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:17:39 GMT content-encoding gzip x-content-type-options nosniff age 161 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5635 x-xss-protection 0 server cafe etag 1091097466425408374 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:17:39 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame FA5F	284 B 536 B	48ms 46ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H2	200	pixel cm.g.doubleclick.net/ Frame FE4A	170 B 232 B	68ms 67ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXsewGGYTATAIxA_NhhmzBESeN9g8wr1rTU2W_t-O32zORZ8RQ8nZ2Bv2gG0jmMbfY5FQLXzXxHlvFr5Cr-B1xBbfFK4AUCS8x8t5UlOIievdrCG8jgu91SLeOT3Dn4HkHjelOXjkh0ETAQGv3R71oidoAU47ilDAaa6ostKGpVzxINnjZs603_tXjAp9KxCJTMTQHyHqNDeTBvTGbZnQxwgFLyxjsDrRqWP31QqXvVCEeLdqsi8gvbYZ1GP2yCvCQKu4qxCZtV5xEe60_s5sxdYVL5F0vLz1OLLH_VrNfAZUZVtaGG4G-G15LFa7_xsSZI-iGle4RYjVCsHcMvfZt_HjM42zLA6SJhUxtJEBMCULJsmd6vMbRkXMRbwNFbMytGr9tLU51rpDN1D3KT3kqL541b0tc_uMi4Larq_Q0QS6w6XIYTYDO9VT0JExbGfbhDD2cH4NA9Q0rHMVklfqez5FbMPIP1pYfiDPpGu3XrPWqyCbmqcW2D4f85JmBmbkkfGALCP90C8L0JSfuZUGVI5Hy1mIVSHhtv4tzWJI3QgwYGLs1XhtuYd-JIlHIn9tL4cQH39m4WfBFuJ227YTzzvsfyVBEA2epxn9ueLl2vmtFiHKk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FE4A Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFi... https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFi... https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODViYjEyODUtYzU2MS0xMWViLWIzMjgtMTQ2ODRhM2EwNTA2	170 B 188 B	64ms 64ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODViYjEyODUtYzU2MS0xMWViLWIzMjgtMTQ2ODRhM2EwNTA2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXsewGGYTATAIxA_NhhmzBESeN9g8wr1rTU2W_t-O32zORZ8RQ8nZ2Bv2gG0jmMbfY5FQLXzXxHlvFr5Cr-B1xBbfFK4AUCS8x8t5UlOIievdrCG8jgu91SLeOT3Dn4HkHjelOXjkh0ETAQGv3R71oidoAU47ilDAaa6ostKGpVzxINnjZs603_tXjAp9KxCJTMTQHyHqNDeTBvTGbZnQxwgFLyxjsDrRqWP31QqXvVCEeLdqsi8gvbYZ1GP2yCvCQKu4qxCZtV5xEe60_s5sxdYVL5F0vLz1OLLH_VrNfAZUZVtaGG4G-G15LFa7_xsSZI-iGle4RYjVCsHcMvfZt_HjM42zLA6SJhUxtJEBMCULJsmd6vMbRkXMRbwNFbMytGr9tLU51rpDN1D3KT3kqL541b0tc_uMi4Larq_Q0QS6w6XIYTYDO9VT0JExbGfbhDD2cH4NA9Q0rHMVklfqez5FbMPIP1pYfiDPpGu3XrPWqyCbmqcW2D4f85JmBmbkkfGALCP90C8L0JSfuZUGVI5Hy1mIVSHhtv4tzWJI3QgwYGLs1XhtuYd-JIlHIn9tL4cQH39m4WfBFuJ227YTzzvsfyVBEA2epxn9ueLl2vmtFiHKk Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 04 Jun 2021 18:20:21 GMT Server nginx Location https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODViYjEyODUtYzU2MS0xMWViLWIzMjgtMTQ2ODRhM2EwNTA2 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 76 Connection keep-alive Content-Length 0
GET H2	204	v1 ads.yahoo.com/cms/ Frame FE4A	0 444 B	21ms 7ms	Image text/plain	2a00:1288:80:800::7001 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1&gdpr=1&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXsewGGYTATAIxA_NhhmzBESeN9g8wr1rTU2W_t-O32zORZ8RQ8nZ2Bv2gG0jmMbfY5FQLXzXxHlvFr5Cr-B1xBbfFK4AUCS8x8t5UlOIievdrCG8jgu91SLeOT3Dn4HkHjelOXjkh0ETAQGv3R71oidoAU47ilDAaa6ostKGpVzxINnjZs603_tXjAp9KxCJTMTQHyHqNDeTBvTGbZnQxwgFLyxjsDrRqWP31QqXvVCEeLdqsi8gvbYZ1GP2yCvCQKu4qxCZtV5xEe60_s5sxdYVL5F0vLz1OLLH_VrNfAZUZVtaGG4G-G15LFa7_xsSZI-iGle4RYjVCsHcMvfZt_HjM42zLA6SJhUxtJEBMCULJsmd6vMbRkXMRbwNFbMytGr9tLU51rpDN1D3KT3kqL541b0tc_uMi4Larq_Q0QS6w6XIYTYDO9VT0JExbGfbhDD2cH4NA9Q0rHMVklfqez5FbMPIP1pYfiDPpGu3XrPWqyCbmqcW2D4f85JmBmbkkfGALCP90C8L0JSfuZUGVI5Hy1mIVSHhtv4tzWJI3QgwYGLs1XhtuYd-JIlHIn9tL4cQH39m4WfBFuJ227YTzzvsfyVBEA2epxn9ueLl2vmtFiHKk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame CB5A	0 60 B	78ms 78ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1PL0RapMbC18xKALRSlaNlsocbF4er1GkSz71Cr5LzqogfS2PBLCnSPnHZFxnt-m8bXzpBl2kiwePn7pNW3UuiGZAThh62QZXR6PFXc84tpxZVhsGsv4aO5EslOom_iR2zm3ucKgvnaiyNqSuFHucR6Os9wY7gXgstoJiG1mOECCwCF_QHX8a-6Ztk8xs1BOx6l5A4L_QMrceqqRNN4lQGeXDR4O6MZfsE8Wn34VTckG_H2u2-gHShM7LUGTxwb4ZQRbcTHqtdvjchDI_FvQzRRSlBA6DD_f3M1x89IjlbDS0i4lwYHachmH_J6imonz3EhClPd1952fr3nctEzo1xOMFo8P1LMbPoqIpt6coQTh57a9RqzORum--u_R9xZyIItpX2HQRu4vtredeAVcs_eMTnZTIFVcu7ou_V1-5iEQGmYLZaLxbawWGygyt2DbMeX5xyPIWluuwCLinEw9xn4GlJijgeC4jOk0Oyh6tUjTvLmiSYvSgJIMW3QfOmtiqUUNPOw8wlqfe135jOggLHXOiZdC04J0e3LAsGN6bjzR-v58lGCwuUBezYZPlFQDWfWONTP24Uo9z3pWrtTA9ppSUYpREV-KhMipCpRZsOeZRc6NNlrMLhuiye_jAsuu9F8qp3chhXy_5Qh_mtZ_YSx75nl9LMYhH47g4leahaN2wX0XgLCTfXFUrjYBIUnnRpYyVOCXRkSgLUkDc3iK2W7tYrPZY6-RHyUrK73TJOKzGX73Mu2BKRn7SKFxWOpnXIDnoQ3MA61Z0RMSsLTfHTHzQX1vzsjHqYfXLKNS0kv4YZHHGxEOw-CFVH18dyvWIowGZCDx9OmV68EOwvaZK7uOC4FWowNHrvSlk75Y68P5c9f_w1qjbKxwp8H4YOrF2KXVYp4BbpKTW_N5WfpN-EM8vif4_z5eRcfl2dtLrFxZi4Q6Zw_KShkJ32wFYEY14r_2ZGvHAQCM0E0K_G38vlVc5BopvAppMMVJChLlzevVkZK2kltHPuQnzqOYzGyN783ii8YToOEl0iZa0zsyOJH0AvWeRbu6Wp9Ih33HbZuwjIczO4uzQpAYlc8jTchJ0NNYdIKT8oLYU9V9G57DPslgui5-BpTYRGewahO3XQXK8WqSAQg8rx6kP56Q3BB9VPybj6i3ihp21UXCxc5Yz3_d_40rGetE10x1X&sai=AMfl-YSR0gs5APRTUO5eCTXYLtkXSBslU0gjhtSeQt2kwTAvDkUz7wPgsAbipLaR3hJhQMeoyYdb9YpBmqgq8RZBsK9ZJSCNOLeMILEtgBllwrfIKwNb5qH2yho0w1Rk03Xj-US2ydm3gOUtYSvYJxuR7lepQ-62xQ&sig=Cg0ArKJSzAIsSUnWR8xqEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1289&vt=11&dtpt=1070&dett=3&cstd=218&cisv=r20210601.05274&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
POST H2	200	node.php Show response node.setupad.com/node/ Frame A515	0 208 B	41ms 41ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 821A	31 KB 10 KB	38ms 38ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:21 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28818 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 63AE	14 KB 6 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34739 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 0125	12 KB 5 KB	6ms 5ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4636 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame FC88	783 B 813 B	32ms 31ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash ae083dbf526a25e9b071db2e4ebf8c9770d8e0265ac37e67fd77931cbd27af32 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-r5x8pWeBnDp8K/u5oDZJJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:21 GMT date Fri, 04 Jun 2021 18:20:21 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-r5x8pWeBnDp8K/u5oDZJJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	integrator.js Show response adservice.google.de/adsid/ Frame 6577	107 B 165 B	28ms 28ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 6577	107 B 165 B	29ms 29ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 6577	14 KB 8 KB	489ms 488ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2449990126455031&correlator=3540986707094286&output=ldjh&impl=fifs&eid=31061161%2C31061224%2C31061371&vrg=2021060301&ptt=17&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_728x90_desktop_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830821&dt=1622830821052&dlt=1622830819925&idt=1110&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=150&oid=3&adxs=872&adys=7450&adks=2121488992&ucis=utg5gvtuuoqt&ifi=1&ifk=3286901705&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x150&msz=728x0&ga_vid=1275499235.1622830821&ga_sid=1622830821&ga_hid=1179943830&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 2806391c8359eb76d16d89ebe4875f26b4ea1f5ef89e533a26e44dbbff2d9cad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8268 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6577	0 0	91ms 51ms	Other text/html	2a00:1450:400d:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 3640	31 KB 10 KB	39ms 38ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:21 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28818 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H2	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame F343	176 KB 61 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 14:23:35 GMT content-encoding gzip x-content-type-options nosniff age 14206 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 05 Jun 2021 14:23:35 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame F343	8 KB 3 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGyhOzd91Ck1biFrrAWxckYEq6XXOat1RyrHseziyMsWgErRhftuvp-hpWWkf0h6qNw4kOmcizpGLb_Spw_aqxjvI11U3ysge2-o6VrovQsEuLykVTG47JkAdMYh5ixelaI9Mbq5u2dLZrYicZnbyy8wnvfw&dbm_d=AKAmf-B4XMmUon0LHNeW6kwNdNi3uZZkpZo3_BwhdQt8n-a1WXADbVi7FwuIlyqlYmNCSBfgxea09a2ZjSvdJFGnkfDr5Bs6Sm4ux2VFLx5BvINJyQ3Kz4jYcpLxsB7J0TJMYSpaehwZEEPbFP9BvNj2MuXD417t2WZUr19wroyAIYhjLtxJRPB5AY-LI-IJys0ocAnOwixCsqUXgS78nxglPQkm3NXGvz1KciCt4CIDksi3t7yPWdsEirtQm6ce-Wm0m1EOemCbltUhNymBwntrWnj95jTuUiaQANuHLo6whYqd2WSDvmr3Kn7ml5fJsvSDuXF6b5t4XMJKQfElQ0VWN4Uo997-YiZguPC7-7dUO4h3sJ0BLSen0VSjvOvs9sQKp4XZ9fudqDFtEdn6PY8rAOjrTStT0wlxS5afshmPWo4cNiYTEiS6JDzGwyw0Xlwf8Y-DNOTQLvcoZQPY0YPKZIjwYcBuxOcvsE7mHmr737SAqkd7ycuuTXlIjfUYUT3oEcXZf93lUoyT7J9N1PJrahw7yqgEJWbwvQ-A1AKcLzOtmOSLfPH-BEtkc4FfLzVoim3MDjinXxkMaIATaJ8F23jpmnBiLwHZMF3sk8ox3ebShN_xIm_eV_RngRmkrmZtRvNbXLb3RSkvdcqIZm9NDjMdgGomG59GDWx8TvB-5Tt-dFviLACRWpl37v9QVWaQwvE87Rzlkd3fldWJPEYIQPMpRCkvJWvyvRkA2aJ1b156BaWkCJ6i2kPce8KlL9zTDsOuOZs10ObEnbN1tQhF83h1Nl19_WQ3BHTYaXyA5sv4EChVbx-ZVPFGyeBCTFbdBkx-ZmoetSM_X1ryX_6gp76zwt_2knooE-rm05SzcDeKQdKo9mNl6ecFbre7U32nDHb-0JLc4DoSI9yJZmUzrTPrAMASBXIENk3HcEup3959rk7__K3yNMSHsYn19Ru61GUzG2on1pwnyVB8qE0tqE1tY_uGrsTrQbEOXgh69UcYB77FheeuR8dC7ibUTX5-KZIWxcgK6Oliz_0HMr0108OSG1KsoFMZgg4iGCgcCGCe5MDJhUEdmq5e6wJ36qg71t3kBzGMNV0O-W30YJHl0uquJFw5Qvr7Kq18mrw_3zRovi94MMEFpobRYDkX5tafegbUG82zVcW_BpQmvTFJNT-UqlRUmZplDRPkK-qkr7SAMZGhOcRUsNjqG0EZn6QzWkLd1Gk4-BOS87lWQIpCfB-XpOz7hD6mTiBPnBKrK9lyASCLOQ9dcwE5IlQkCIxWmmI5S893PEKu9oHAU5khnviI7akJ28TN1U_ePL_Lk2UR3cJQG_eYliZDa89x-UJ2RhhYZjmjQ_6Fw-oejtqVrsYJby-wjrXzWpdkzAYAdyvTTjlwMa0CwP99z1m2wOmnSi1ADZ219clOsNYlPRrfpJELUUyZg27d6V5hiXHLpCrhhTGaIVComqNxIGJkgyjxbA2BC5gT_5iUpfC81B1r3ka4AdpROsGFc9lai-escd2Q9Ugn7ISk35GgPAzvuaVtvatP7NO3_5C90fDgM15Y67jbAWVM10pZRVe-4scxu9cB3xYGcpkbltaMqW1-8JZmROc7x08j1BmqrCcD4-8pJ2TAByIEcedOxMYd9h0SDbIfVZ42ikvky-Mox3wOZQd8SubzuL6PJ1DXbGUWMRUMNtQitMlERddgRk-9ll2miXWdL1KuUWGPW7_vdQkhgAytLXXm5fiXmCXiHithoG8j56ltBfBVroyJcBff_ziJQ6uW_H_dHpcJ2O8R_XluWkWWuPNZ9hRzFgnyWZiyM1s4hhT9a24arN4n9MSZPxG5xYzdWGUPN9bG0_Lrg3uPcUlQbt83DcXYBgoAZNQzaDrG0zCUPpNC5Y7W0wugROcGPyiXwDP4_-Dvh6tu5xfbEokvgLIId8RFGoLRDrqFg7sCRb09Tnd2j1sNGRanZ_Txg_KrH1yVsm1tmsWxBBs69eN0TRBzh2w-oV9qi8__30nYJVkznOR1jlw7YgKX8_Eq1n9IP4WHg5bcFmm8TfGrPXY2L2cW4l0UwFiyz7MCA18ERkEhGhtION4P7kefbKvsbZB8MD0rQmXjgDtLPL29uCj17jGy4V1RP4IxbTqC5yMqeN52vuUg9SMtahrFl5YOwRck7x2RYBHTF3ZNrzQYHkSsP_7LsnE77ha99dVekMQPd3fTFl9FuLaFsQOY0M6ytVlJZD8MurxbZtZ1Az2YABxSLa_sDwqP960wwViPdTjK6AOWtjFdd1wY778ZuBKAqXrlHVHBILWByMDX7lIGg2-wE6jXhRVlB_H62-FTpO6SbTHJ-R_2j6Q5PB8KwxnOPaYrr47Ld6SXFh76O6Ots5OzODocn0n-5d1s15e2jzejbnuZrFN6rZbvme81PniQ1oBPAxl0qpXJ0Yi8b0G2m61kgoHxG49aZ_-0QAH0JoQ3EwyqrTgk1szQs_eDGHR9M1LlluoakE9q2KUrYSfdPv6AtOazfg5N3Uw4QihX2I9WKFmwIJ9N7eBOe1Eok7Ovmi-omYeN3M9DXp8L74JAHpdDC1CKKIUC0qHwYW3wPnGQi-DfNegP5HCUkgHcGSCFuahU0Je5bX7_iErnpCAl6eVVLgPmQ89JrpZWkNbEnZUVZr7gBmBvlpmzV686t6zOHO3KFeGROIKfwJJC-zfCXtgjGN8zX05cFlj8txvD6WKSz1mNzBRY0IFnweHwk15T7dylrkfCI1KH7FMsgLa3F8-q40_Vpoj_VuLHTT-Ra4U-h5Wem-9EaNc-gk-aEk3is9l7wP7gbjzeFyZ6vyimlO2NuwtuFbahWLyO-v8g1fZWQFCxPKPumo2bQFXbZEIzpLN7DMOWhiCPlfJgOCyeq2HNgmowxkTA9q10mTI7NUn6izyEzcMOI1WeEXUSI1DYpwESpyZ_0Rf1oR0r_E0NEDwGszzWn3T-QoMTLQAdDLl8WJ6C7pvBA-nSYKzXMEHIqUfrFjDn-16GgeI_GhY-cA-iFyGZywgQUFXwaIVL_xWcBuHDRivn_fmsFhZ6KC7A0K95vQV2Zml5Z3rLrDl5l-g8tgTbcrgE9Uj1tD9j24UYeDmQpf13UP-i5sfrb07kqwb_eqD0je42QrZaxIxQvArgYfZ0HdU3UGZyCDK2IO0kQyV76zp5YQAzTy-yZDnQKd9lm_TiCtez6D-FDl9Gkeovn5zm2UXN-KIEBjFbYinpG0Cq6RtWdTEwbkyPlO9YDvJ9XPeP6ZIYisyNsAW10MWGXPyUqrs8YoJMVFoTYol-tNXjK9ltUbbfW2Lt4fKzzNJPbeU69hTIRI_nfr_c5QkGU2OLJnyPUIzRVOUf48dMiJ0ufBSDRnSDeAmVqmfXuRqbQWjiEfyEnngG9ja4FsJetA9qN6lvxElu7jEF7E-1WHTjGjowyZ2yt55V2qXik8VODVklB3i0DraqGuce-0X8agRfhRKGWYt4lzyF-cSEscXCKdwbHG2AQpwOInI3g4UsrdShaISwgyLYmfFNN0erw2iT4Vds7gifvXr8oXHDl1JTjmn5IaeF_VGqLaHFHpELfndA9SiLwZ4ZJOLMXmuBG80PpcHmYzG_7BFaPXgKDdQfxzgT6H4pOPKFmVYafC9NX3bvLRI&cid=CAASEuRobEj8CQW3F0Cc_rmGaQKLnw&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:43 GMT content-encoding gzip x-content-type-options nosniff age 338 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:14:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame F343	22 KB 8 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGyhOzd91Ck1biFrrAWxckYEq6XXOat1RyrHseziyMsWgErRhftuvp-hpWWkf0h6qNw4kOmcizpGLb_Spw_aqxjvI11U3ysge2-o6VrovQsEuLykVTG47JkAdMYh5ixelaI9Mbq5u2dLZrYicZnbyy8wnvfw&dbm_d=AKAmf-B4XMmUon0LHNeW6kwNdNi3uZZkpZo3_BwhdQt8n-a1WXADbVi7FwuIlyqlYmNCSBfgxea09a2ZjSvdJFGnkfDr5Bs6Sm4ux2VFLx5BvINJyQ3Kz4jYcpLxsB7J0TJMYSpaehwZEEPbFP9BvNj2MuXD417t2WZUr19wroyAIYhjLtxJRPB5AY-LI-IJys0ocAnOwixCsqUXgS78nxglPQkm3NXGvz1KciCt4CIDksi3t7yPWdsEirtQm6ce-Wm0m1EOemCbltUhNymBwntrWnj95jTuUiaQANuHLo6whYqd2WSDvmr3Kn7ml5fJsvSDuXF6b5t4XMJKQfElQ0VWN4Uo997-YiZguPC7-7dUO4h3sJ0BLSen0VSjvOvs9sQKp4XZ9fudqDFtEdn6PY8rAOjrTStT0wlxS5afshmPWo4cNiYTEiS6JDzGwyw0Xlwf8Y-DNOTQLvcoZQPY0YPKZIjwYcBuxOcvsE7mHmr737SAqkd7ycuuTXlIjfUYUT3oEcXZf93lUoyT7J9N1PJrahw7yqgEJWbwvQ-A1AKcLzOtmOSLfPH-BEtkc4FfLzVoim3MDjinXxkMaIATaJ8F23jpmnBiLwHZMF3sk8ox3ebShN_xIm_eV_RngRmkrmZtRvNbXLb3RSkvdcqIZm9NDjMdgGomG59GDWx8TvB-5Tt-dFviLACRWpl37v9QVWaQwvE87Rzlkd3fldWJPEYIQPMpRCkvJWvyvRkA2aJ1b156BaWkCJ6i2kPce8KlL9zTDsOuOZs10ObEnbN1tQhF83h1Nl19_WQ3BHTYaXyA5sv4EChVbx-ZVPFGyeBCTFbdBkx-ZmoetSM_X1ryX_6gp76zwt_2knooE-rm05SzcDeKQdKo9mNl6ecFbre7U32nDHb-0JLc4DoSI9yJZmUzrTPrAMASBXIENk3HcEup3959rk7__K3yNMSHsYn19Ru61GUzG2on1pwnyVB8qE0tqE1tY_uGrsTrQbEOXgh69UcYB77FheeuR8dC7ibUTX5-KZIWxcgK6Oliz_0HMr0108OSG1KsoFMZgg4iGCgcCGCe5MDJhUEdmq5e6wJ36qg71t3kBzGMNV0O-W30YJHl0uquJFw5Qvr7Kq18mrw_3zRovi94MMEFpobRYDkX5tafegbUG82zVcW_BpQmvTFJNT-UqlRUmZplDRPkK-qkr7SAMZGhOcRUsNjqG0EZn6QzWkLd1Gk4-BOS87lWQIpCfB-XpOz7hD6mTiBPnBKrK9lyASCLOQ9dcwE5IlQkCIxWmmI5S893PEKu9oHAU5khnviI7akJ28TN1U_ePL_Lk2UR3cJQG_eYliZDa89x-UJ2RhhYZjmjQ_6Fw-oejtqVrsYJby-wjrXzWpdkzAYAdyvTTjlwMa0CwP99z1m2wOmnSi1ADZ219clOsNYlPRrfpJELUUyZg27d6V5hiXHLpCrhhTGaIVComqNxIGJkgyjxbA2BC5gT_5iUpfC81B1r3ka4AdpROsGFc9lai-escd2Q9Ugn7ISk35GgPAzvuaVtvatP7NO3_5C90fDgM15Y67jbAWVM10pZRVe-4scxu9cB3xYGcpkbltaMqW1-8JZmROc7x08j1BmqrCcD4-8pJ2TAByIEcedOxMYd9h0SDbIfVZ42ikvky-Mox3wOZQd8SubzuL6PJ1DXbGUWMRUMNtQitMlERddgRk-9ll2miXWdL1KuUWGPW7_vdQkhgAytLXXm5fiXmCXiHithoG8j56ltBfBVroyJcBff_ziJQ6uW_H_dHpcJ2O8R_XluWkWWuPNZ9hRzFgnyWZiyM1s4hhT9a24arN4n9MSZPxG5xYzdWGUPN9bG0_Lrg3uPcUlQbt83DcXYBgoAZNQzaDrG0zCUPpNC5Y7W0wugROcGPyiXwDP4_-Dvh6tu5xfbEokvgLIId8RFGoLRDrqFg7sCRb09Tnd2j1sNGRanZ_Txg_KrH1yVsm1tmsWxBBs69eN0TRBzh2w-oV9qi8__30nYJVkznOR1jlw7YgKX8_Eq1n9IP4WHg5bcFmm8TfGrPXY2L2cW4l0UwFiyz7MCA18ERkEhGhtION4P7kefbKvsbZB8MD0rQmXjgDtLPL29uCj17jGy4V1RP4IxbTqC5yMqeN52vuUg9SMtahrFl5YOwRck7x2RYBHTF3ZNrzQYHkSsP_7LsnE77ha99dVekMQPd3fTFl9FuLaFsQOY0M6ytVlJZD8MurxbZtZ1Az2YABxSLa_sDwqP960wwViPdTjK6AOWtjFdd1wY778ZuBKAqXrlHVHBILWByMDX7lIGg2-wE6jXhRVlB_H62-FTpO6SbTHJ-R_2j6Q5PB8KwxnOPaYrr47Ld6SXFh76O6Ots5OzODocn0n-5d1s15e2jzejbnuZrFN6rZbvme81PniQ1oBPAxl0qpXJ0Yi8b0G2m61kgoHxG49aZ_-0QAH0JoQ3EwyqrTgk1szQs_eDGHR9M1LlluoakE9q2KUrYSfdPv6AtOazfg5N3Uw4QihX2I9WKFmwIJ9N7eBOe1Eok7Ovmi-omYeN3M9DXp8L74JAHpdDC1CKKIUC0qHwYW3wPnGQi-DfNegP5HCUkgHcGSCFuahU0Je5bX7_iErnpCAl6eVVLgPmQ89JrpZWkNbEnZUVZr7gBmBvlpmzV686t6zOHO3KFeGROIKfwJJC-zfCXtgjGN8zX05cFlj8txvD6WKSz1mNzBRY0IFnweHwk15T7dylrkfCI1KH7FMsgLa3F8-q40_Vpoj_VuLHTT-Ra4U-h5Wem-9EaNc-gk-aEk3is9l7wP7gbjzeFyZ6vyimlO2NuwtuFbahWLyO-v8g1fZWQFCxPKPumo2bQFXbZEIzpLN7DMOWhiCPlfJgOCyeq2HNgmowxkTA9q10mTI7NUn6izyEzcMOI1WeEXUSI1DYpwESpyZ_0Rf1oR0r_E0NEDwGszzWn3T-QoMTLQAdDLl8WJ6C7pvBA-nSYKzXMEHIqUfrFjDn-16GgeI_GhY-cA-iFyGZywgQUFXwaIVL_xWcBuHDRivn_fmsFhZ6KC7A0K95vQV2Zml5Z3rLrDl5l-g8tgTbcrgE9Uj1tD9j24UYeDmQpf13UP-i5sfrb07kqwb_eqD0je42QrZaxIxQvArgYfZ0HdU3UGZyCDK2IO0kQyV76zp5YQAzTy-yZDnQKd9lm_TiCtez6D-FDl9Gkeovn5zm2UXN-KIEBjFbYinpG0Cq6RtWdTEwbkyPlO9YDvJ9XPeP6ZIYisyNsAW10MWGXPyUqrs8YoJMVFoTYol-tNXjK9ltUbbfW2Lt4fKzzNJPbeU69hTIRI_nfr_c5QkGU2OLJnyPUIzRVOUf48dMiJ0ufBSDRnSDeAmVqmfXuRqbQWjiEfyEnngG9ja4FsJetA9qN6lvxElu7jEF7E-1WHTjGjowyZ2yt55V2qXik8VODVklB3i0DraqGuce-0X8agRfhRKGWYt4lzyF-cSEscXCKdwbHG2AQpwOInI3g4UsrdShaISwgyLYmfFNN0erw2iT4Vds7gifvXr8oXHDl1JTjmn5IaeF_VGqLaHFHpELfndA9SiLwZ4ZJOLMXmuBG80PpcHmYzG_7BFaPXgKDdQfxzgT6H4pOPKFmVYafC9NX3bvLRI&cid=CAASEuRobEj8CQW3F0Cc_rmGaQKLnw&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:51 GMT content-encoding gzip x-content-type-options nosniff age 210 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8594 x-xss-protection 0 server cafe etag 7958287194716579593 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:51 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame CB5A	42 B 64 B	26ms 25ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDOUkAkCbNRwuFpESpOdMaAp2Wufqm58-dzGxMERb2ImMAkVXodi7eUSOxnS4lOBwn-CPUMP_0-xXuSz8ZaH_s7qE4B6H7z5zBbD-FMAAXwhwh0G_R1L0mjZ-vKA&sai=AMfl-YQvM4AXpIi7R8t3dYguZRJLNVRDtLP_7XCNyD4U7CYANzThQ42B1qCFgCOwhE86TYmi0s6LgUQ-ZZPMQRCJzPY9Hn0eoSJwNqDNr9An4VCrVCsBh_JuIcd61sk&sig=Cg0ArKJSzFS6vyR_EC5bEAE&cid=CAASEuRoMWwWLVjEqRVIT6zGzjAlPA&id=lidar2&mcvt=1051&p=30,0,120,728&asp=30,0,120,728&mtos=0,0,1051,1051,1051&tos=0,0,1051,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=3319398020&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622830819369&rpt=603&isd=0&lsd=0&r=v&speed=1 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame A7DD	31 KB 10 KB	48ms 48ms	Script text/html	104.111.230.142 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-230-142.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 225d0e79a8d4f08b5f1bf4778096cb8ff8db1f5a08b6c2b2322d90f8bd0e63d2 Request headers Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:21 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 21:11:51 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=28818 Connection keep-alive Content-Type text/html; charset=UTF-8 Content-Length 9301 Expires Sat, 05 Jun 2021 02:20:39 GMT
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/ Frame 7041	1 KB 610 B	27ms 27ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5122c11c712dd865696a259facba17e7d6d1b90fc386f5f26126bd56de867bca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 585 date Fri, 04 Jun 2021 18:20:21 GMT expires Sat, 05 Jun 2021 18:20:21 GMT cache-control public, max-age=86400 last-modified Mon, 09 Mar 2020 15:51:41 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame BE94	0 24 B	99ms 98ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuUdyV3K7cBVHaiefX1W9mmTLfPr7wHXLAeEp9F4uXmKVMRC4DVfZZech5ZmoosFVa2lymjZy-kwuh5nkjeKmQIIwuFmTil33Ye0xl3x3IBUJNZvmgypg-m5cybTpFGOllU0OJYCUUKTPRVUifLOYJxWAv9Qga7BQmBaW0t6TaHB8AsR7ejos78MGEI4TlR8a9-kioUKaD_NhRHC4RNTK4RNZNGsexnEMIcocPOz8gJjvJC_ewbw8JcweCxu5yHclCTQVTuUZ_mIiRjXrkrGkVjQWlSQiFiyGYSojsmlrzZapyq-CiOeRAYXiEmZReWRfvMICXMF2Ofeax75TFGT0O9VBmF8alDif-tfoWS8ogtSh5sLERlIPJ2c39kN1piZeLNKrH24b6bOxyS95HQV9P7SQVr58VoAoi7mUxDmvOLTxj8M72JO4FE-pXhm28WF2UXEcdkYNDa4pwvvFQPG6aulvhTHWCd6tOJB72v1LW350GNIw4YrmxfIlTgSH72P3X07lq0da20CWNDRxYSeK9wfxi4UYtKxED_9T8x_TUkZ6K6KUfz99VgczsJfGEns1Kt09u3nUsis7InpaGdfnMzif4uCtFz8f0btcOJiGoDxK5q2bRYVMyMkwxOq_pPPdCAZb--b_RHBn5dDUankbn2oQGs0-h0MHmg5cxQXSJEbG3NswsFG6enlbsz5IboihpyKnoIGtGQ9sJk7GyXIvkI97s3acNGbGZ0L7XD21W6K7kx52quOj_ZhtmG64mHVGIqVbVj-ZuqUJC8kIUtLe2ZoFpJB6BuTlikKnJZC1F-yxxZ7qFs_ZfN8RUWiAor-NvSewwCZW5YHrDBRZAJ5Kps-C6OeH7jxbkQkuLCoD-daxB_UwXZrD_gdACrgJBZwkgqNDcGGMyfu4My-9fhuaswczk2KgPX9VPqFT_7qL7CChT3pcnJa80s5ROP6Vm11evvO2xXa4-VTRutodznDRXh4AGlj6ECJ5fakuKbhJMtGloaL9eNxYbjMBm9OQjieQPoWhMcPR6tjbgeIVvGuJr5pK2wgpLUv3p9O_wZC6HRyIiHjZpHpU0Ag2qEXDRLFOQe9wYG9xwH-7x5wzewGruSrPU9wPQQlk-lDAp7BFEj__xtFRxn2Plm_E_hToNsAImSPFNvIQKTSYB8KLGBs16pp9gBPc1dYaEsW3tAd7OaiTzNZHhYpP2-3YpnK7GUj26VvG-CsePIDsHLgC5vS7zs40Qai6FKCxfw73wOp2YExg&sai=AMfl-YSpL4v-wnhNEGA_0-cdQ1DIYCp6DOEpRLr1PT7-06pP36wccxlEptrK1mZC57uagPPd98Gkti2I2VCdScp0FY3mVecs6uv8yHD-D_rWyz4iCEARV-Bz0hwRW1nDGDnTr3H6mQF6UgT-gYUZ8iSo1pQqddyetQ&sig=Cg0ArKJSzM12QDEqL-TKEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=318&cbvp=1&cstd=313&cisv=r20210601.72752&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 04 Jun 2021 18:20:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame BE94	43 B 1 KB	110ms 44ms	Image image/gif	213.202.235.8 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extLi=25042747&extCr=130146484&extPm=292521141&gdpr_consent=CPHSFTcPHSFTcAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" Connection close X-ET-Monitoring 1 Content-Length 43 Pragma no-cache X-ET-Code 0 Last-Modified Fr, 04 Jun 2021 06:20:21 GMT Server Microsoft-IIS/8.5 Date Fri, 04 Jun 2021 18:20:20 GMT Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1711 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 1DAF	22 KB 8 KB	12ms 11ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41202 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	Enabler_01_241.js Show response s0.2mdn.net/879366/ Frame BE7A	107 KB 37 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_241.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7cdfd59d0748ea8674458b0c70ac670b5f5f973ddb26b37b2f99b64ddb7a2a06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 19:07:23 GMT content-encoding gzip x-content-type-options nosniff age 83578 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37392 x-xss-protection 0 last-modified Tue, 14 Jan 2020 17:33:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 19:07:23 GMT
GET H3-29	200	preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame BE7A	64 KB 16 KB	34ms 33ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16579 x-xss-protection 0 last-modified Mon, 12 Feb 2018 18:09:40 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:21 GMT
GET H3-29	200	tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame BE7A	112 KB 38 KB	33ms 32ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38407 x-xss-protection 0 last-modified Wed, 04 Oct 2017 18:33:56 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:21 GMT
GET H3-29	200	da_DK_polite.js Show response s0.2mdn.net/creatives/assets/2377528/ Frame BE7A	86 KB 27 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f4adbb04efcb4683d989d1bdf5ceb15ee481b444f2f1eadc19fb9fa4e5f339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:25 GMT content-encoding gzip x-content-type-options nosniff age 356 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27158 x-xss-protection 0 last-modified Sun, 14 Mar 2021 22:07:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:25 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame BE94	41 KB 15 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41204 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET H2	200	main.gr.19.8.206.js Show response static.adsafeprotected.com/ Frame BE94	183 KB 58 KB	55ms 54ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.206.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip last-modified Tue, 01 Jun 2021 22:03:45 GMT server nginx/1.16.1 etag W/"f4d80fb2c423b91d55077116728f6247" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET DATA	200 OK	truncated / Frame BE94	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e746f5ec61ee8322955c74b42e26bad2fe2af5d8ef393a9bab81a3d2c88dd18 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame DE48	176 KB 61 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 14:23:35 GMT content-encoding gzip x-content-type-options nosniff age 14206 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 05 Jun 2021 14:23:35 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame DE48	8 KB 3 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-iPX2jCWuxTtrC9nUQ58eWlcdSGixYyTyg7BEKNp7Ko6NrkvvjDenVURwga-VjQAEn2s4-f4-Vu2QsZaSpkgZb2_h2bHhZeY1R3f1tAmoeVyoOLBj0xVFAoHRmf2youi0gHTT4y9_3v9mTdmiQO3zsYKjsQ&dbm_d=AKAmf-DaeG0Ne11866icqcH7-eHTuv9yI9SGpIjIr6QMnraUl-ZKD3hrIyLCjX0ueZ0LoFEMJtFlOSe9X7oJ-gY6qoZJY8vW3fSdrUAKgHHeBme0OPVbsYl9DCWsvIxqPGgHkql0vjKfFFMFj94OByW2W7JtwZw7zbKb8s_Zgqrx8pvphYNY7xQ03HK88Y3jqlpP8mg4V5X78PfeRAwbVLupOULgds7O5aBljhAVd-jQZVsySlFU7C6mhEUigIUWgm8buQuDOuA0jcRIy6SjmFOWBsZsruuMfZi98NbpE3ctRo-hs6jj3bqdWCaKjWiz5dmt_yiZKjQjKx_WMvndtnHPEbouSnYh-M8yViA8Xo7jsLFxabV8VpXkf1kALXJ5zsIty0Crhtnw3t4DEYYihcOJKw-WDFAHISfwzdwjbjD4G2gbhYW7AFASfTjdEg5pkJ_7AlP3ZrOasxWcZC0cEXD3okzm0PqlXgQhzRxWc5sFv-gX8p21l4cb4BQAmvxKYCSr24BYGR8hModOEj6h4g8A_pKTbOrVu7JsRnDVv_nCzPUWhdEcBSF2DKMvXK0wSO2Mqt8EZDyFLKUXSx0HXRH8ggMqGIQWRF7fQA02X-mIiYQuXjlMWIzOWWnUNdggh4PtGRL6XMVqY9ta2BBNzuAb7jGhQ1VXcJ9xEO_YZ0PygtKTiw0DfzmAWncXXAxQfXNk_4sVLsgeDixCvfvw5Pt6lSS9ZsZCNXZIMEnKX9dCzRYZa-VoPaNFFazI7X77s9mohRQuPw5BqNKvSPfHWTlWGRN4oLc__Scp0tdUDw3UwT4c6H_6EKQczmleM0fkhUp_qplYTBcFXx1M-iuX8tc6T3vYZONHte6F7CrnsQnNm0FVQrgizaib-gah2AbCemJYpP9lQ7KPEy18pJEpCa30k0mOnMoLil-s4MqGn4GZiEDRL47stE00E5ts3RPtfkrXNyHHPzBFpcK_bZoq7pputF_B6C_aP3KNj70V7qmPmpvrGAPa4w89rMfuKVXHfLWfv7mdkggsfNB97TxXmTssIQctS1oIXBGU7N26DFnkpZPxsMS8zcfrbzKqpodMmNosJxn3dG0bs4DQ9tR7D7Gr7_AJC6X9aoIgb4P-VlMwUQXG6auFS6gPbZ9UiHWpO5Td8w8QE9nk24LqDplXXvvRs0gE-EiuByaBBLaI0dsD_dXVK4JQmWHftnDTanAo9h69hwvIl82C6gWmI08lu1Asouu_Io-KNLrWjYR_5Ajjb1-vToPk3wukS_CkuZli_ceJHTjqwa-eEIsrcPghwplihZbW_90ZGawEiZApFyxBI-OJBqix-9RwJXIhxlmIubQSH432DwSvR66X4FsWArNElK6gXmQHBPmFLHnLJ7DWcvespGjI6BFCdeGEsq_OSmDc4roBssIYjtWI2e4bFxQBVNqluYfCV7IwxyER8S7d9uyN2UMn1Tqjo8KpKHric620KistjyI3HRnwXaC7wnOk5u4rCOv07cIvJMYxfxbVfJdMDmJQaVgK-vc9GMi0S4RwmMpABKeiG4lN1D5JDk8MXLn93v3RzEIXWCNeWZto6uJg90S-wnQ8yNQyM4XhEySXslabKf6WYmLI2_mJg-UmCBVmv9IjppYaNLK2HibWnuX-skjT1DF4ZgUHmpTT9RkncmwCNhw-27UzebP5RgJRWHM6tv3sIGTXCZ5ReCCEfUx99qYSSpKH9VtTuRQxqRwhE5OYoae-XcmkxFPc4Vb5riZXAGcnlxdobjbsAJwu8SIS9BmR4odgAnNmH8u44LTQ1y0tvBl9dXpyW_zmPhVY_3LNkensjmYeAWsVKFHl7RvC7MR91CZkHShngLZrpZHeL1xabXcBnvAuaweAZ6_i8DcfEEEaWIQAg8TZs71EPpM7WKdlwge4p1sLAxdK_xHAWnq0L6dZRUhaMGNaTTvKbmqK9aH0EAZrxMbm-RFdfc9DxpvKPIrrr9E4t59FGIAPggJXbipKbJyjPc7sZWChT_4YFscfuG8Jadgl5GbcFHh53MJTFG7UnZjNOmBSrexAvFdZuy232DdaDh1sQBgxdpN66x5uPaLn-3KObrlhJFCOiHkI6FVH9Djwsrd9CpudSjL6GQvGmZskGwZ7-u7DoLl9GiOLAxyqI-fjPDCCN2x96xKXVhGQ2Glptqj2-pI5kxU0gmt8DsXD4DT57ynNzUwQqTXlFscFplHakDRwklxi-WM4_ZuB275YQdiQUIGTJFZBXTzg_0xtQ_WGx4s99M0lBQN8sCG1eHnLKoJAOp5tgVv016MdDYtDF2xs8vfgQcZO41H8x2JOsu_e1SEKqsYqt4-JhSqRtzGFmcuBNy0ZISaieMs-4VMK42IJOIAmAhrxHD4RtHDeF-eBjioZsMbVQKAuES0FR5ThJlccTDazkEFhQOZiRsMpSyKTHpWfh1RfLvEvlT1elyNpx9nVESFKamNzZv_6_qluoLptxwjIM_wsITLZWnWiKkClho34nf3udq9ZQMj-bcO83wjJ6HgViLbAcffNdDWB2MFB_VFBUMAb4zkM4-jwAafIL_AC7iG1IlYV9Os_XaTJJ2hnmncshjsNt7GU8apldr5McGzH67Ri5FsWnjRA-fW-lfuuSMB_zbHXH_MNF4y0eno4kVm-ehA_vHVW7LVv5Wv_bKm8TQW07lmxkaRYMQ4SyEIFIvZ25FEUrbH3VhGUZsZRI3SjlPrNK0uQezoG1X472sGOY54w5VBqkIvBC1eqqx9WNHz2hk_Y_e1GSDcuufo0wwvHBhUUb68xHJ_Gk9pZTaYvLQBCracIfWkhulJmQjBSy1GsCupQQ_WQFk3KGjNEyIKX1wIcZDyyrU9p8TzJiBBiM-LKv0P0bWNutgb3TY741mQs2cucTRo9eg1WasRS2_0uEMBjyF8B7Um1dpYGWc2zHwcM2TfKsCYTBmM2jVWxQikXbaGxL5u9SNUoDnE4OVE9V9DjJV-Dik8syHBKLRqD7RmR5Lfm4T5ueE4L9ljd2Nike_aLl5b81naWCZtfgPRlLzojCwaWL6knxI0crRBhSnqWrVv8N4kQTzCCC9ZRcO0-ZR-P1iOhEmf6Bdh7suuWGUXIPY4D4fjPDZoFdNIf7COm55_CJ9iFa-CHbqfR8w0MtDTwIkNXu0nAF2GkGBSjYHQkjzJimWpgxciznEhyKbUNNSOOQlzSyH_q8E2J5ouvlUE2JHHFnEiE90M0myQY-pdDh7DaaW1vW-xVVu4fhNUqI8Q1TtyKGP6oz9BVHU8X0AVQQ60_aeNQYOXFN7r07tOUi3XD5EszwFEO0rrPdPHkq2W40IkE9EJTl8Cw_jQLkh6cLBGIf5y9ol0Xaog3DbMYvkkuPTpK0MG1tnZ3n9jJZMq5HLncgkYG54crgQnAp6yYc_DigrMAcojhyA-DY0nVoBdnGP9NkEBf34MSXw8a7IjPMbQZ8F_EjyG0md5YtLQ4CI-YQpRnhAvqdJ_Sj7kNFao6DTR4MILLao20BplIuo9XQ4oTpitn1aTV_gdxfUHAOEjfssL_7pjEMYm1jfXVyrFqoTpJGuvK6uW1MZRDXcs969lgzWUHR_it1Fw9dcLD67OWjyJI_dAi8AGsyorguktVvnOdEwp90ze_Gha8DGs&cid=CAASEuRoTGyTBjXUubzIa2JEg-7EEQ&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:43 GMT content-encoding gzip x-content-type-options nosniff age 338 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:14:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame DE48	22 KB 8 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-iPX2jCWuxTtrC9nUQ58eWlcdSGixYyTyg7BEKNp7Ko6NrkvvjDenVURwga-VjQAEn2s4-f4-Vu2QsZaSpkgZb2_h2bHhZeY1R3f1tAmoeVyoOLBj0xVFAoHRmf2youi0gHTT4y9_3v9mTdmiQO3zsYKjsQ&dbm_d=AKAmf-DaeG0Ne11866icqcH7-eHTuv9yI9SGpIjIr6QMnraUl-ZKD3hrIyLCjX0ueZ0LoFEMJtFlOSe9X7oJ-gY6qoZJY8vW3fSdrUAKgHHeBme0OPVbsYl9DCWsvIxqPGgHkql0vjKfFFMFj94OByW2W7JtwZw7zbKb8s_Zgqrx8pvphYNY7xQ03HK88Y3jqlpP8mg4V5X78PfeRAwbVLupOULgds7O5aBljhAVd-jQZVsySlFU7C6mhEUigIUWgm8buQuDOuA0jcRIy6SjmFOWBsZsruuMfZi98NbpE3ctRo-hs6jj3bqdWCaKjWiz5dmt_yiZKjQjKx_WMvndtnHPEbouSnYh-M8yViA8Xo7jsLFxabV8VpXkf1kALXJ5zsIty0Crhtnw3t4DEYYihcOJKw-WDFAHISfwzdwjbjD4G2gbhYW7AFASfTjdEg5pkJ_7AlP3ZrOasxWcZC0cEXD3okzm0PqlXgQhzRxWc5sFv-gX8p21l4cb4BQAmvxKYCSr24BYGR8hModOEj6h4g8A_pKTbOrVu7JsRnDVv_nCzPUWhdEcBSF2DKMvXK0wSO2Mqt8EZDyFLKUXSx0HXRH8ggMqGIQWRF7fQA02X-mIiYQuXjlMWIzOWWnUNdggh4PtGRL6XMVqY9ta2BBNzuAb7jGhQ1VXcJ9xEO_YZ0PygtKTiw0DfzmAWncXXAxQfXNk_4sVLsgeDixCvfvw5Pt6lSS9ZsZCNXZIMEnKX9dCzRYZa-VoPaNFFazI7X77s9mohRQuPw5BqNKvSPfHWTlWGRN4oLc__Scp0tdUDw3UwT4c6H_6EKQczmleM0fkhUp_qplYTBcFXx1M-iuX8tc6T3vYZONHte6F7CrnsQnNm0FVQrgizaib-gah2AbCemJYpP9lQ7KPEy18pJEpCa30k0mOnMoLil-s4MqGn4GZiEDRL47stE00E5ts3RPtfkrXNyHHPzBFpcK_bZoq7pputF_B6C_aP3KNj70V7qmPmpvrGAPa4w89rMfuKVXHfLWfv7mdkggsfNB97TxXmTssIQctS1oIXBGU7N26DFnkpZPxsMS8zcfrbzKqpodMmNosJxn3dG0bs4DQ9tR7D7Gr7_AJC6X9aoIgb4P-VlMwUQXG6auFS6gPbZ9UiHWpO5Td8w8QE9nk24LqDplXXvvRs0gE-EiuByaBBLaI0dsD_dXVK4JQmWHftnDTanAo9h69hwvIl82C6gWmI08lu1Asouu_Io-KNLrWjYR_5Ajjb1-vToPk3wukS_CkuZli_ceJHTjqwa-eEIsrcPghwplihZbW_90ZGawEiZApFyxBI-OJBqix-9RwJXIhxlmIubQSH432DwSvR66X4FsWArNElK6gXmQHBPmFLHnLJ7DWcvespGjI6BFCdeGEsq_OSmDc4roBssIYjtWI2e4bFxQBVNqluYfCV7IwxyER8S7d9uyN2UMn1Tqjo8KpKHric620KistjyI3HRnwXaC7wnOk5u4rCOv07cIvJMYxfxbVfJdMDmJQaVgK-vc9GMi0S4RwmMpABKeiG4lN1D5JDk8MXLn93v3RzEIXWCNeWZto6uJg90S-wnQ8yNQyM4XhEySXslabKf6WYmLI2_mJg-UmCBVmv9IjppYaNLK2HibWnuX-skjT1DF4ZgUHmpTT9RkncmwCNhw-27UzebP5RgJRWHM6tv3sIGTXCZ5ReCCEfUx99qYSSpKH9VtTuRQxqRwhE5OYoae-XcmkxFPc4Vb5riZXAGcnlxdobjbsAJwu8SIS9BmR4odgAnNmH8u44LTQ1y0tvBl9dXpyW_zmPhVY_3LNkensjmYeAWsVKFHl7RvC7MR91CZkHShngLZrpZHeL1xabXcBnvAuaweAZ6_i8DcfEEEaWIQAg8TZs71EPpM7WKdlwge4p1sLAxdK_xHAWnq0L6dZRUhaMGNaTTvKbmqK9aH0EAZrxMbm-RFdfc9DxpvKPIrrr9E4t59FGIAPggJXbipKbJyjPc7sZWChT_4YFscfuG8Jadgl5GbcFHh53MJTFG7UnZjNOmBSrexAvFdZuy232DdaDh1sQBgxdpN66x5uPaLn-3KObrlhJFCOiHkI6FVH9Djwsrd9CpudSjL6GQvGmZskGwZ7-u7DoLl9GiOLAxyqI-fjPDCCN2x96xKXVhGQ2Glptqj2-pI5kxU0gmt8DsXD4DT57ynNzUwQqTXlFscFplHakDRwklxi-WM4_ZuB275YQdiQUIGTJFZBXTzg_0xtQ_WGx4s99M0lBQN8sCG1eHnLKoJAOp5tgVv016MdDYtDF2xs8vfgQcZO41H8x2JOsu_e1SEKqsYqt4-JhSqRtzGFmcuBNy0ZISaieMs-4VMK42IJOIAmAhrxHD4RtHDeF-eBjioZsMbVQKAuES0FR5ThJlccTDazkEFhQOZiRsMpSyKTHpWfh1RfLvEvlT1elyNpx9nVESFKamNzZv_6_qluoLptxwjIM_wsITLZWnWiKkClho34nf3udq9ZQMj-bcO83wjJ6HgViLbAcffNdDWB2MFB_VFBUMAb4zkM4-jwAafIL_AC7iG1IlYV9Os_XaTJJ2hnmncshjsNt7GU8apldr5McGzH67Ri5FsWnjRA-fW-lfuuSMB_zbHXH_MNF4y0eno4kVm-ehA_vHVW7LVv5Wv_bKm8TQW07lmxkaRYMQ4SyEIFIvZ25FEUrbH3VhGUZsZRI3SjlPrNK0uQezoG1X472sGOY54w5VBqkIvBC1eqqx9WNHz2hk_Y_e1GSDcuufo0wwvHBhUUb68xHJ_Gk9pZTaYvLQBCracIfWkhulJmQjBSy1GsCupQQ_WQFk3KGjNEyIKX1wIcZDyyrU9p8TzJiBBiM-LKv0P0bWNutgb3TY741mQs2cucTRo9eg1WasRS2_0uEMBjyF8B7Um1dpYGWc2zHwcM2TfKsCYTBmM2jVWxQikXbaGxL5u9SNUoDnE4OVE9V9DjJV-Dik8syHBKLRqD7RmR5Lfm4T5ueE4L9ljd2Nike_aLl5b81naWCZtfgPRlLzojCwaWL6knxI0crRBhSnqWrVv8N4kQTzCCC9ZRcO0-ZR-P1iOhEmf6Bdh7suuWGUXIPY4D4fjPDZoFdNIf7COm55_CJ9iFa-CHbqfR8w0MtDTwIkNXu0nAF2GkGBSjYHQkjzJimWpgxciznEhyKbUNNSOOQlzSyH_q8E2J5ouvlUE2JHHFnEiE90M0myQY-pdDh7DaaW1vW-xVVu4fhNUqI8Q1TtyKGP6oz9BVHU8X0AVQQ60_aeNQYOXFN7r07tOUi3XD5EszwFEO0rrPdPHkq2W40IkE9EJTl8Cw_jQLkh6cLBGIf5y9ol0Xaog3DbMYvkkuPTpK0MG1tnZ3n9jJZMq5HLncgkYG54crgQnAp6yYc_DigrMAcojhyA-DY0nVoBdnGP9NkEBf34MSXw8a7IjPMbQZ8F_EjyG0md5YtLQ4CI-YQpRnhAvqdJ_Sj7kNFao6DTR4MILLao20BplIuo9XQ4oTpitn1aTV_gdxfUHAOEjfssL_7pjEMYm1jfXVyrFqoTpJGuvK6uW1MZRDXcs969lgzWUHR_it1Fw9dcLD67OWjyJI_dAi8AGsyorguktVvnOdEwp90ze_Gha8DGs&cid=CAASEuRoTGyTBjXUubzIa2JEg-7EEQ&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:51 GMT content-encoding gzip x-content-type-options nosniff age 210 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8594 x-xss-protection 0 server cafe etag 7958287194716579593 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:51 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 0084	14 KB 6 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34739 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 821A	284 B 536 B	52ms 52ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 9C1D Redirect Chain https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkF... https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0xamJubjRKRTJ1SHNjb3lGck1rOGRkei5JQnBRSHNiZH5B&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y...	170 B 188 B	67ms 67ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0xamJubjRKRTJ1SHNjb3lGck1rOGRkei5JQnBRSHNiZH5B&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNUngd0kdWanRGN_JP-w5yvGB_77BXxj0yXzDxo-LUe5zTZe8q1pG3jg357jJ1eg1y02aUz0p2Rys_6JK30MYYd-s5oLJK-0I9EXz8wfgkQwrfm1jUFcVOLO-44D7m3gf-riuAJmvMEegSuYYj4JTc-shO4tpL7CMQPaCf4ZDPIko7mL2NGWfYRb7G-xLYoKHx6-5X3h7yMlPMvnFtHK0gT88W7-uUhT_t_cOaPdDMhXPzjK7C4lYHCENcluMRTDCdOaINh3z9syxRDPvrZsKfX9h4ruJPzLXDnF2P4JiDnRje70B2LeVfIffPtlIdZhivFSdFhJnYi7uzlKRUf5lOGFZ90n2JbsoGmZ_0HTsrsS13YTSiiKHmBzVWNXCTy89Fae5bSGcS36W0-RvjONeaQEDrJSHZ4x9ZcvdB94yFUWN_Yuw6ZQuQZm65E7UbIYu2CJDNPu2GDuBUKt3N-rf26gtIviDt_ioL_xDma8JchPd10jsdDE6dcuJ-KNdyH53mk1Eh_QDO8_cAjhiopxH72foKD8IKULkKXHr1zXKyheaTusMTfTmoN3EhocM0IoTqQm-Q9bYPr4QqRrRN0KObukZVmVIK6DllzBAbmv20NY3NsXhGA Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 04 Jun 2021 18:20:21 GMT Server ATS/7.1.2.128 Age 0 Strict-Transport-Security max-age=31536000 P3P CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Location https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS0xamJubjRKRTJ1SHNjb3lGck1rOGRkei5JQnBRSHNiZH5B&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA Connection keep-alive Content-Length 0
GET H/1.1	200 OK	user-registering ads.stickyadstv.com/ Frame 9C1D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4... https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGFUMmAzV8Ryy64aA3rCQZc&google_cver=1&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3...	43 B 394 B	120ms 52ms	Image image/gif	184.30.21.112 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGFUMmAzV8Ryy64aA3rCQZc&google_cver=1&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNUngd0kdWanRGN_JP-w5yvGB_77BXxj0yXzDxo-LUe5zTZe8q1pG3jg357jJ1eg1y02aUz0p2Rys_6JK30MYYd-s5oLJK-0I9EXz8wfgkQwrfm1jUFcVOLO-44D7m3gf-riuAJmvMEegSuYYj4JTc-shO4tpL7CMQPaCf4ZDPIko7mL2NGWfYRb7G-xLYoKHx6-5X3h7yMlPMvnFtHK0gT88W7-uUhT_t_cOaPdDMhXPzjK7C4lYHCENcluMRTDCdOaINh3z9syxRDPvrZsKfX9h4ruJPzLXDnF2P4JiDnRje70B2LeVfIffPtlIdZhivFSdFhJnYi7uzlKRUf5lOGFZ90n2JbsoGmZ_0HTsrsS13YTSiiKHmBzVWNXCTy89Fae5bSGcS36W0-RvjONeaQEDrJSHZ4x9ZcvdB94yFUWN_Yuw6ZQuQZm65E7UbIYu2CJDNPu2GDuBUKt3N-rf26gtIviDt_ioL_xDma8JchPd10jsdDE6dcuJ-KNdyH53mk1Eh_QDO8_cAjhiopxH72foKD8IKULkKXHr1zXKyheaTusMTfTmoN3EhocM0IoTqQm-Q9bYPr4QqRrRN0KObukZVmVIK6DllzBAbmv20NY3NsXhGA Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-21-112.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:21 GMT Server nginx Content-Type image/gif Access-Control-Allow-Origin * Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 43 x-sticky-vk 1622830821497066-425 Expires Fri, 04 Jun 2021 18:20:21 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGFUMmAzV8Ryy64aA3rCQZc&google_cver=1&gdpr=1&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 690 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 9C1D Redirect Chain https://ads.stickyadstv.com/user-matching?id=11 https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5YTE5ZDliYTcyYzdmMzE2NTJiYmQ4NmM3NDY3YQ==&gdpr=0&gdpr_consent=	170 B 188 B	66ms 65ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5YTE5ZDliYTcyYzdmMzE2NTJiYmQ4NmM3NDY3YQ==&gdpr=0&gdpr_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNUngd0kdWanRGN_JP-w5yvGB_77BXxj0yXzDxo-LUe5zTZe8q1pG3jg357jJ1eg1y02aUz0p2Rys_6JK30MYYd-s5oLJK-0I9EXz8wfgkQwrfm1jUFcVOLO-44D7m3gf-riuAJmvMEegSuYYj4JTc-shO4tpL7CMQPaCf4ZDPIko7mL2NGWfYRb7G-xLYoKHx6-5X3h7yMlPMvnFtHK0gT88W7-uUhT_t_cOaPdDMhXPzjK7C4lYHCENcluMRTDCdOaINh3z9syxRDPvrZsKfX9h4ruJPzLXDnF2P4JiDnRje70B2LeVfIffPtlIdZhivFSdFhJnYi7uzlKRUf5lOGFZ90n2JbsoGmZ_0HTsrsS13YTSiiKHmBzVWNXCTy89Fae5bSGcS36W0-RvjONeaQEDrJSHZ4x9ZcvdB94yFUWN_Yuw6ZQuQZm65E7UbIYu2CJDNPu2GDuBUKt3N-rf26gtIviDt_ioL_xDma8JchPd10jsdDE6dcuJ-KNdyH53mk1Eh_QDO8_cAjhiopxH72foKD8IKULkKXHr1zXKyheaTusMTfTmoN3EhocM0IoTqQm-Q9bYPr4QqRrRN0KObukZVmVIK6DllzBAbmv20NY3NsXhGA Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:21 GMT Server nginx Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=NGQ5YTE5ZDliYTcyYzdmMzE2NTJiYmQ4NmM3NDY3YQ==&gdpr=0&gdpr_consent= Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 x-sticky-vk 1622830821275040-395 Expires Fri, 04 Jun 2021 18:20:21 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 7E35	2 KB 594 B	31ms 31ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXHOvIwMkVFNpH6vZoMxLzsLxfNctmQLEHoktNEsK8AB75evtl1pPJT0zV9dbvwcyZI1LAf2LABtLNiFLlZItdbgVKHbjYugDnIoB0f00L7ZkL5HfdDhkAHongsdYvTTMYdeWhfRTtu8-KNYpPjd4wrRQUX5Nvqn47VEbFWINjkdphCs1ojt7H0bmyCQV1Bvz24RzpYcdsWxq4XAUQvzzh5KE77G_d7bJv0SbGFjuSXSbTMFf_umTs9BBLYzuspgy7vXTk6kPWOVnzP-eHhlbpLsYlXZHz-QDDCasupIPOz4GT2hAsouX5-L_6u4IRK72AJ_PfxKjZOJwqM9hdfLMnpnWYgUZvxSFo5goRglJzQWqlVh5LpSXbxupxZt-0IjqMJMs62lsGiXfZVi9ZOdms7-bjd_TYfNhqxf1i4e3plEidaRmjJSmogqPWcushrnbNgsXVuerV39FfzYIVWCAzEqp7oIGwW40SKHnplWpdLHzSURm7iL9jrwQGnyyJWcETdnAEFaGqvVVzdijPHbIDGf1nNV1Ppja1Rr-6RLSTPHos1JquOW5K7_8EYbVbhKI1p_J1tenRgG_JVtV18qVZq8FPQuyu8RC-W1SbF-glzVeTP6lI Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 786a8c28a60810b4785fcfe81a3374cb43e62c2757391eacabeb9f8b65807d00 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXHOvIwMkVFNpH6vZoMxLzsLxfNctmQLEHoktNEsK8AB75evtl1pPJT0zV9dbvwcyZI1LAf2LABtLNiFLlZItdbgVKHbjYugDnIoB0f00L7ZkL5HfdDhkAHongsdYvTTMYdeWhfRTtu8-KNYpPjd4wrRQUX5Nvqn47VEbFWINjkdphCs1ojt7H0bmyCQV1Bvz24RzpYcdsWxq4XAUQvzzh5KE77G_d7bJv0SbGFjuSXSbTMFf_umTs9BBLYzuspgy7vXTk6kPWOVnzP-eHhlbpLsYlXZHz-QDDCasupIPOz4GT2hAsouX5-L_6u4IRK72AJ_PfxKjZOJwqM9hdfLMnpnWYgUZvxSFo5goRglJzQWqlVh5LpSXbxupxZt-0IjqMJMs62lsGiXfZVi9ZOdms7-bjd_TYfNhqxf1i4e3plEidaRmjJSmogqPWcushrnbNgsXVuerV39FfzYIVWCAzEqp7oIGwW40SKHnplWpdLHzSURm7iL9jrwQGnyyJWcETdnAEFaGqvVVzdijPHbIDGf1nNV1Ppja1Rr-6RLSTPHos1JquOW5K7_8EYbVbhKI1p_J1tenRgG_JVtV18qVZq8FPQuyu8RC-W1SbF-glzVeTP6lI pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 04 Jun 2021 18:20:21 GMT server cafe cache-control private content-length 570 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlord9qTAs905Jf0hAe34-K4CmDtUPJTDyS9Ez2_dvBcSbe14Kl9uewbH0F; expires=Wed, 29-Jun-2022 18:20:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Fri, 04 Jun 2021 18:20:21 GMT
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame C99C	64 KB 25 KB	71ms 71ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-Qm7TKv29XYEV4TqiyH1kJYfo78FWA7uWum-3v-2MMTIS7CDeOyxvERzBajj_zTbrwWUAnkLIVtF8NeNQwzJH5ZGnd2XLk0lbn-DsngChVlJ6JrUwIZ3_rBjt_F_UPxdtLu9c0Hjkh8bCb7cQYSVPZ22Xaw&dbm_d=AKAmf-BWIMGQiWtTTK_VcLvP6P1ydHALiJIs-RTHn0XxcjmhBayUcRQ3LCa7VGxD7z5hgXfgbZB-he_gGC-G4v5E0YF8mY8WqAvqc2rlSC7VYhwpFzRDMx4gNe9VMoE2aRwoHWV_QQm7cZwY-P6blHLeN1_3fU95uFyZJQ-MxMORoaPHgTeTmDD58AHk8pyzVrXQRLH7uqJjb7wjBkU_DlnBufYo_HHOfeLBMBArBmwmR-YYJ-NIuDjbQ1Pr1J1qZ0ZuukqFZalF1bRtRzddvr0SmGq9SoXwDf3Ts5t04bTn8b2F_wyHR-hR4qaILAHMerXRCoNkj7a2IQYqfuoZDnUzgVLgNDNceceTAzPB0TQIBO3p1N03IZ5jz-wsShsEqGYjT6Jzu5MiSHhDHUPJR34raN0wewt9HfL57d2SYfpLcpjRe0MgG_j0w0fIo9Lv_FMFC9Z0O83ynuLOay-Q86qcj8wqaVH9MTxI42Hh0iEC3tmS60ZyJVP8ZppwdJcEMq18uLemDH2cxr2p1_Zm52pEVWBYd0__STnZNsYN0IgfRUHF3VLecPZoTBBlx3FbvcHui7CMAJUw_bhQbhG5IIEdmqeu4_EXmeLOqvjmCUo4i8ea037AEuMqdQDtULEDfriFVa4OhRtSbQ_f1X75vCJMZoEMtteMLvzs7n-_RCgHCTHY2gVNqlbM1-XhXI5QbnOkCExxs_VThOfVTfoyzQcPIHemWhpWOpUvPkXQIxxbslyU9jazO94BCwOvV_WnJc2Vq7aaXgRp7AIDcJN0aBulZPScFlNpWEgrqdLN7Zk0hkfe2yDmsIyObw0OF3lbPwiuYXVtUyfrXJST-_XQZ4YDJ0wZF4IYTfaOlncTefV9med2oZNLATkSDyJLgeimPIGNzTc4T6vY6JvVBoIBiYKE07tQqdR77McrsXv8KOzBY4Cj9FH2EFAAgLyusgR1Z4O-8jnCfzMj9JuEilJVBy0-yWk33viN8xAJg2lYHgktVoyC6ngr8BEIMc9L-IXZ1DWEjsLLmbomTcAQX9tNwZaKOlX5XBup_8DchFCIAPyp2Sn4r2ajbeknbz58TSeS4BIKinHwCUSN17y4DIm4AMEFJDEG4QoLdydHRUeElCO7VBhzWqD3sqV45QzbKyBD9uHDFRGBzHALFgmNKl4Fo2okOPx6_gj9O2r1qzE71qd3_7OfhQAX2olAXBH8uhCquCwuj6n-1-pOdEqF3GxZIXe3U2jTKjncBWmWC_1e_W9yqj0elnT3ICOBo9JqaWYDyi_MDpMm_JUqXPdmWMt9Dpzu3U8YNmd9zKB4oP-1w6pNMyyAA6oc7QC5MILuvjO_UV9C1cz1NwjgqLQJuub_owA7_3OfNCpUYi76u1PlP0OQxnj1diPnHlhOf-mVLPdF8i5i60IbJQ3YHIMI2DMwN2o6KNz2i-LTqhA2VGPdUirEB0u1GAi8hm-MQ9OjYNFv37cCRLgDknz3SIFM1bdjyjyATEzW2V4fdlqLX1fcfNxSxfIYDbAhemfrVXSHWbc4XPDEtzGA5ufg6ELO-DmfIsdMa-j8isG_IgLCadJyWJiMQlj40Fd4mfCoAFK-IPAdZ7ERj-VBcrzrbiFNpuGkoc6KVCJSf1T63llNfSYko2seLc_a7wbUxS8Ka9awrZ5a-zHVVanyBgxrOhWDxYOKgExxO0GSZPBR6MIXGNZUtHdhJ1V0OjituG_7e9go1-enxuYeK6NBTv4f-D31lzJu-X2vdCBDT4SuYDYne9if71FnfC5Lb2o2ZkIvNfpUPzX75Epx91zQXGxSshboQGENA8t9VohJF9sfFz39iNRrYzMemPhAow6YaM5obFds8-D1eTVD7lsuxq-Bqc7SrQzxTf4J9UgyOXZYAx2qWl3MevKqAXcA4Cm9Sildt5ghh-MD2elc2WAtEfsfeXJ1rgvSz6IoQa8Fwje_OoWzsH6l7oUjbfqMpUtRmSLjT_HTR-dtl0o3EJRMXQ-w-g3FHrr3ae0PGX9bvOgUamLcK--p5hykSlzmvvO89VkGAfWlgeyvb7G3G8vXXmMFWTqC7zCpuKAIWkwxO_IcpSs-yq0PBHT0EJKYzUkviMiuDD-SBR9NlFHZtkav4lpArpMUEZaemQwWNkm9lZVJ8AnkzSR8j9y-QrzO0dOD6Yk8hvqoD8LHtxG8WeXLKbE0mbZ8fu4TYWatgmofeMYu_47FYZR8ab70HBDvXsF3lBX11_UefQF_GunPwt4DV4P-qm-EQxsbJIE9t5IKQn3K3Ixp3yd3Y-ELXvGaJRMxDwhdKeAq7XJZHoTwInj9uFRL-byOaUuFztIQ2u6n3ma61oaTuIaGsbDdY4Fn9Ma2MrglZv2r26lZv1vkVHhgNTylHZxlyYY_-kx6qawaT7yU076ynUmf0mD-k98BiYLZHQiAjfBHUgpFbipvGLmQhJ1ssjoFF-cv2EShnfeWosN8sytxy_lvqwklk0ZHgfeJ3knluA6wznLXArQeyI7TzgIFsfFbGoQcBt0Dr903y1UOoUVezMYiwZAzhQlVFAYMsDw8qdSyZEPIhsMXQsEvKJAN1mpMc3w6S-vGOe9Xxz3w0eaMIVpZ4RbBOovDleszA6Xy_hi13vb-0v8J24bUaxn_00mOtghhsSiIVPLD69dCH3xFmKLc6oObB3hZYhrPvjLo5bhGocY20niFMhCApMGQik7SyRE33ZooWeWiWf5UlJTZbjkarL--HoBQwzHEn9RRAmAkNZzaailNgX01Zn_yPYE1gHWH3y4J-OK5wvejzmFfz3Rwf0Tcq9haSXTp08Qqxjg0BeZKw_hUeb7jpj6pGGcydNHBXraFDOUS-8T5a0YLF_xBcblw_3c0ApedCEje2t6ugujIh4fiYcG2XwsPyatHV89DzwrEbfeSmEaGZrDaZYbobgeG2Y0qfdQnjmjIxIq8pJVy7DhzcASpeejRJKtoZ6WOL6skuLt86UwibLw2ZuXpJzOxBhA-aPmfq3nKBbbqhVTdR5QLfNjgOMQDu759Hv3xJVkLG5TY1Ys8wG4E8VykoujQpAeAggvPsUr7q9-fGpboXbqF6Iao8224pqu8M3BOc9zJFu4lS5xNvDW8aQzhF2CcMg0OrpvIhH6Q6ezBo--ranN4C5oJUcEn5RDkttnIlZVQyIOkArVwqba0r-mbj-bCX8PimxJaOJn2BzNQMwZpOnPG3_Y7oX8QVUUv1YATNVCNn9sIgQHvw8lUrQhhynUUSxbGaGVlUKu9hoeHbjrDAfGt9QQymIrDojO5BX8LrBZchuGASNqeMImIYPuDssQhUjsvJq1ZLoXL5oMIo0GMpJ_wIRCf3ymWWYMRBLUsn5Ea1XsbbFuKGVnjt-DM6sHqZuMU1MsAEcazwtaTE1OzJJS6rf1muEnjs3lfTUqbHu3uKiL_DEqT-7V-Jl77tqXbUfLRjIcWheqS2yU2nW2yl1OEYuhCiZoc2Mjg41S7HWummAD4qVx1YH9d8vjvzm3uDAFS1-qBy7JXwHx4W0NXWLGaasUnOFV42hYyQptxy9H9fdBUSY3mB9UZ3JEkZvsd4uUTEXgIbQpnwXerwA_RiFTE42pVMJZAp6fE5gzrxNySDj75fDSyhh0luIgBxRyvmjkeW7BejOI&cid=CAASEuRoPoMXakBkbGN_xpKwb5Dh-A&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 526d6b03f978eb2a121d004165f29fcdde997d321203eb7cd04ddab145cd1e56 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25230 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame C99C	42 B 63 B	40ms 38ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Asbt9H3MW8yAtZoO5IkRUoLKuOmI9_73YHNILjt9JY5YElSGBlSHgQGPKyNsN_qczItzvdD0lxagL-d67B09SW0NDEiAx-AUXl4h_HjdluVe-QLT4 Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame C99C	46 KB 13 KB	63ms 61ms	Script application/javascript	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 1f3428ccc8aab3538984426ffd10df4ca9803282abc747927e9eb1e0165c81ff Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-server-name app39.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame C99C	2 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:12 GMT content-encoding gzip x-content-type-options nosniff age 249 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:12 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame C99C	121 KB 37 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:21 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame C99C	13 KB 6 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:19:37 GMT content-encoding gzip x-content-type-options nosniff age 44 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5635 x-xss-protection 0 server cafe etag 1091097466425408374 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:19:37 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame C99C	0 0	20ms 19ms	Image text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTd2IqN66hJGqC_JajJ_bQaGuZ35ondw7y6fCsBVAJNqb12KUXi4XJI_z0VA3BeQioRFBdjqC-O8wjmM6jtx5MxRDZJEg Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame 4A83	107 B 122 B	27ms 27ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame 4A83	107 B 122 B	28ms 27ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 4A83	48 KB 12 KB	611ms 611ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4480004174339888&correlator=1309942541680703&output=ldjh&impl=fifs&eid=31061018%2C31061359%2C31061368%2C31060990%2C44740386&vrg=2021052601&ptt=17&gdpr_consent=CPHSFTsPHSFTsAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830821&dt=1622830821297&dlt=1622830820060&idt=1210&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=1016&adys=233&adks=1942579207&ucis=iiab4bx6l01g&ifi=1&ifk=166261927&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x0&ga_vid=518567973.1622830821&ga_sid=1622830821&ga_hid=77767311&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 2cd55bb0d8cc59a886f7999a706fc2a93a73c2795d02935d88efef843bc55d77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11838 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 7d8fd7388d1bf59a0ca9738617288938.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4A83	0 0	93ms 51ms	Other text/html	2a00:1450:400d:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7d8fd7388d1bf59a0ca9738617288938.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 3640	284 B 536 B	39ms 39ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame AAF0	107 B 122 B	30ms 28ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame AAF0	107 B 122 B	28ms 27ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame AAF0	25 KB 11 KB	449ms 449ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3238563335466385&correlator=2967810000608783&output=ldjh&impl=fifs&eid=31061223%2C31061369%2C31061143%2C31060889&vrg=2021060201&ptt=17&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830821&dt=1622830821334&dlt=1622830820069&idt=1244&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=1029&adys=620&adks=1942592566&ucis=pl2zasgk09iu&ifi=1&ifk=166261927&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x0&ga_vid=1150384949.1622830821&ga_sid=1622830821&ga_hid=579624942&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash 0897d3d74cee320fa4c05ab18a562da40d7c9a2b9ebb48f48b40c8b4ee317ab9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11408 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AAF0	0 0	106ms 52ms	Other text/html	2a00:1450:400d:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame 893F	107 B 122 B	29ms 29ms	Script application/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame 893F	107 B 122 B	28ms 28ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.gool-sport.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 893F	14 KB 8 KB	467ms 467ms	XHR text/plain	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3620277852996231&correlator=869815703587027&output=ldjh&impl=fifs&eid=31061368&vrg=2021052601&ptt=17&gdpr_consent=CPHSFTuPHSFTuAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&sc=1&sfv=1-0-38&ecs=20210604&iu_parts=147246189%2Cgool-sport.com_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=www.gool-sport.com&bc=31&abxe=1&lmt=1622830821&dt=1622830821408&dlt=1622830820101&idt=1285&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=1029&adys=1418&adks=1893273288&ucis=stsy1gibnr5k&ifi=1&ifk=166261927&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&top=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x0&ga_vid=162728233.1622830821&ga_sid=1622830821&ga_hid=28279233&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash c890a9099b36d45d75c0956bc9fc83aa5f267c5187cbc67a4ec4d3d088a516e2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8246 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gool-sport.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 893F	0 0	82ms 53ms	Other text/html	2a00:1450:400d:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame A7DD	284 B 536 B	44ms 42ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length 284 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Content-Type image/jpg
GET H2	200	sca.17.5.5.js Show response static.adsafeprotected.com/ Frame 477D	82 KB 21 KB	51ms 51ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.5.js Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip last-modified Thu, 29 Apr 2021 15:29:23 GMT server nginx/1.16.1 age 2846999 etag W/"5356fa8b6073c3eb408487be61ef7d77" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	mon pixel.adsafeprotected.com/ Frame AE04	43 B 216 B	59ms 58ms	Image image/gif	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html&adsafe_url=https%3A%2F%2Fwww.gool-sport.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.gool-sport.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&adsafe_type=d&adsafe_jsinfo=,id:1cc2cf6f-eb09-1612-e6ec-46fc734f08f0,c:eBb46V,sl:na,em:true,fr:false,mn:app06ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:szokJZv+1111%7C12%7C13%7C14%7C151%7C1521%7C1522%7C15231%7C153%7C154%7C155%7C16%7C1711%7C1811%7C18121%7C18122%7C181231%7C1813%7C18141%7C1815%7C1911%7C1a11%7C1a12*.925113%7C1a121%7C1a122%7C1a123%7C1a13%7C1a14%7C1a15%7C1b11%7C1b121%7C1b122%7C1b13%7C1b14%7C1b15%7C1c%7C1d%7C1e11%7C1e121%7C1e13%7C1e14%7C1e15%7C1f%7C1g11%7C1g121%7C1g13%7C1h11%7C1h121%7C1h13%7C1i%7C1j%7C1k1,idMap:1a12*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:605,oid:85369bce-c561-11eb-a011-0a6d0b536c42,v:19.8.206,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT x-server-name app34.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/ Frame 686F	1 KB 610 B	27ms 27ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5122c11c712dd865696a259facba17e7d6d1b90fc386f5f26126bd56de867bca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 585 date Fri, 04 Jun 2021 18:20:21 GMT expires Sat, 05 Jun 2021 18:20:21 GMT cache-control public, max-age=86400 last-modified Mon, 09 Mar 2020 15:51:41 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame F343	0 24 B	97ms 97ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstInX0JhhLhz7EUmIvnsjNw5QUNu0F6c3ldAFAmUusG10ekMdCUilJVtwh803Ol-VgvonwoXRa_lwhtmlS5m-ZiBZATLUp8GydG3FfxbWGlpmBTxaz3YtxVjsW25u2gTU3eq7c_SWj_y07owwMCkXvOUPghqBrUk5YsSieCmrlmcm0dwQsTUGPkkxJYRDmqz7cVbV2_ltn9S3GPLif_SLF9tHXRtDHyyq3qoci8n5J6mKS2PNBkq4iUzmKfvYTzK1AUOwofk6hwO1QM4Jx3cj2VpMaRP8J76N9e47XJKeuG_gn7ksosdIP18W_4uFOt-rZcr72jRuXFElGEsnq3mOzbRJ5tAvTcFVUhoGc_PBwcmdRo9A_G4z97Ky4VgqWlUDE107XMS-L3dy5zze4Mce_3p0T52J9y5F2XK_LA-EDNzc6CWdsw1vyCpAfnxb7oCDh38fX0U0_bDOUWZwc1kAlfMrE9B39HgAaRRoFRxumskp4ULESU5q-Dm8e6H42yElAJV53F6rCoh1Tisdy6DQKDznZXA2GUtfAyFP3HNkeHHR4mzz5EgqbIkRQQwtAi0jSD7du4wMJWHlsa7jdIujl5qKyQ4CNujVtm6e1dZ7H7fBKSvldwUacKDomk-dZBoRz447mYXMzNyieSVEZKi4bGHG6sJuqYFZTqaeAclkYbFjk-aiRyEO14rV6IJlKwcVaYqCEK824h1EO_zv44XQHpklwFJLkBg-342FXo5aZz_YyD1eHrfnOLr-RbquXtByurz2bWeAdkyl9-8EuPT7J_kOw66APMtxqegIoKb3aTaSGbcMh4dJ_rSsmFjf05E0nYfQH11xW6bm4jiUYsbsNRJwAwzIGpYZxgRuJMg_dD9DNB4EDmjRqnfIRlwfCl7GXAooZ-6MAgstYfSg5Yw6lTjlH87ZeGv04736oBV7JgD8fEngdvV2rOupPl6gvwZDaCztKmfQcSiwvQsC1FjrTi7K0ure79giL_-V6KRViINg7NZypfWTQWanB01FhFK0r7UzsUiW6rO7nBKo24UUU6DaKngMWIxSmf3J7gzJkWoh0JHyPMgTxuLUsoMkG3nRva6qWKz3hM7gvjs0mCzJ3Ul6frDXZay7f0u71RxEpGICWtqhzhydHNpd1b3RmqfDr95UP56b2LKbi_Xv5UtAP5dZ-2243MyZ3KRZmx2lUKrvR1gRF1xKixWe-rR5W1HjprdCWeMy7258LoXk2dFovbqHUJAu2lazs6TGZzh9qHgl6zQTHJFuFyJ9IJfnoIVvf7SQpwDztGug&sai=AMfl-YQYEIGyPLObwbjACRC2O-9WQhs-fWVa62_MieyG7gbHrCYyPhTjU5b3LBxTNqTgNXIZhsnwNJhk1_U3n8Gu58IkXjQFrx8D0myCHil1AJl6BdII2TDg2wW6KQEImDGBdFGy6YAKrP-MZsN--BIXBBTcLPyEsQ&sig=Cg0ArKJSzMsKKhMzo6LzEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=439&cbvp=1&cstd=434&cisv=r20210601.82973&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 04 Jun 2021 18:20:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame F343	43 B 1 KB	153ms 46ms	Image image/gif	213.202.235.8 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extLi=25042747&extCr=130146484&extPm=292521141&gdpr_consent=CPHSFTiPHSFTiAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1 Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" Connection close X-ET-Monitoring 1 Content-Length 43 Pragma no-cache X-ET-Code 0 Last-Modified Fr, 04 Jun 2021 06:20:21 GMT Server Microsoft-IIS/8.5 Date Fri, 04 Jun 2021 18:20:21 GMT Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1711 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3-29	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame C99C	176 KB 61 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 14:23:35 GMT content-encoding gzip x-content-type-options nosniff age 14206 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 05 Jun 2021 14:23:35 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame C99C	8 KB 3 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-Qm7TKv29XYEV4TqiyH1kJYfo78FWA7uWum-3v-2MMTIS7CDeOyxvERzBajj_zTbrwWUAnkLIVtF8NeNQwzJH5ZGnd2XLk0lbn-DsngChVlJ6JrUwIZ3_rBjt_F_UPxdtLu9c0Hjkh8bCb7cQYSVPZ22Xaw&dbm_d=AKAmf-BWIMGQiWtTTK_VcLvP6P1ydHALiJIs-RTHn0XxcjmhBayUcRQ3LCa7VGxD7z5hgXfgbZB-he_gGC-G4v5E0YF8mY8WqAvqc2rlSC7VYhwpFzRDMx4gNe9VMoE2aRwoHWV_QQm7cZwY-P6blHLeN1_3fU95uFyZJQ-MxMORoaPHgTeTmDD58AHk8pyzVrXQRLH7uqJjb7wjBkU_DlnBufYo_HHOfeLBMBArBmwmR-YYJ-NIuDjbQ1Pr1J1qZ0ZuukqFZalF1bRtRzddvr0SmGq9SoXwDf3Ts5t04bTn8b2F_wyHR-hR4qaILAHMerXRCoNkj7a2IQYqfuoZDnUzgVLgNDNceceTAzPB0TQIBO3p1N03IZ5jz-wsShsEqGYjT6Jzu5MiSHhDHUPJR34raN0wewt9HfL57d2SYfpLcpjRe0MgG_j0w0fIo9Lv_FMFC9Z0O83ynuLOay-Q86qcj8wqaVH9MTxI42Hh0iEC3tmS60ZyJVP8ZppwdJcEMq18uLemDH2cxr2p1_Zm52pEVWBYd0__STnZNsYN0IgfRUHF3VLecPZoTBBlx3FbvcHui7CMAJUw_bhQbhG5IIEdmqeu4_EXmeLOqvjmCUo4i8ea037AEuMqdQDtULEDfriFVa4OhRtSbQ_f1X75vCJMZoEMtteMLvzs7n-_RCgHCTHY2gVNqlbM1-XhXI5QbnOkCExxs_VThOfVTfoyzQcPIHemWhpWOpUvPkXQIxxbslyU9jazO94BCwOvV_WnJc2Vq7aaXgRp7AIDcJN0aBulZPScFlNpWEgrqdLN7Zk0hkfe2yDmsIyObw0OF3lbPwiuYXVtUyfrXJST-_XQZ4YDJ0wZF4IYTfaOlncTefV9med2oZNLATkSDyJLgeimPIGNzTc4T6vY6JvVBoIBiYKE07tQqdR77McrsXv8KOzBY4Cj9FH2EFAAgLyusgR1Z4O-8jnCfzMj9JuEilJVBy0-yWk33viN8xAJg2lYHgktVoyC6ngr8BEIMc9L-IXZ1DWEjsLLmbomTcAQX9tNwZaKOlX5XBup_8DchFCIAPyp2Sn4r2ajbeknbz58TSeS4BIKinHwCUSN17y4DIm4AMEFJDEG4QoLdydHRUeElCO7VBhzWqD3sqV45QzbKyBD9uHDFRGBzHALFgmNKl4Fo2okOPx6_gj9O2r1qzE71qd3_7OfhQAX2olAXBH8uhCquCwuj6n-1-pOdEqF3GxZIXe3U2jTKjncBWmWC_1e_W9yqj0elnT3ICOBo9JqaWYDyi_MDpMm_JUqXPdmWMt9Dpzu3U8YNmd9zKB4oP-1w6pNMyyAA6oc7QC5MILuvjO_UV9C1cz1NwjgqLQJuub_owA7_3OfNCpUYi76u1PlP0OQxnj1diPnHlhOf-mVLPdF8i5i60IbJQ3YHIMI2DMwN2o6KNz2i-LTqhA2VGPdUirEB0u1GAi8hm-MQ9OjYNFv37cCRLgDknz3SIFM1bdjyjyATEzW2V4fdlqLX1fcfNxSxfIYDbAhemfrVXSHWbc4XPDEtzGA5ufg6ELO-DmfIsdMa-j8isG_IgLCadJyWJiMQlj40Fd4mfCoAFK-IPAdZ7ERj-VBcrzrbiFNpuGkoc6KVCJSf1T63llNfSYko2seLc_a7wbUxS8Ka9awrZ5a-zHVVanyBgxrOhWDxYOKgExxO0GSZPBR6MIXGNZUtHdhJ1V0OjituG_7e9go1-enxuYeK6NBTv4f-D31lzJu-X2vdCBDT4SuYDYne9if71FnfC5Lb2o2ZkIvNfpUPzX75Epx91zQXGxSshboQGENA8t9VohJF9sfFz39iNRrYzMemPhAow6YaM5obFds8-D1eTVD7lsuxq-Bqc7SrQzxTf4J9UgyOXZYAx2qWl3MevKqAXcA4Cm9Sildt5ghh-MD2elc2WAtEfsfeXJ1rgvSz6IoQa8Fwje_OoWzsH6l7oUjbfqMpUtRmSLjT_HTR-dtl0o3EJRMXQ-w-g3FHrr3ae0PGX9bvOgUamLcK--p5hykSlzmvvO89VkGAfWlgeyvb7G3G8vXXmMFWTqC7zCpuKAIWkwxO_IcpSs-yq0PBHT0EJKYzUkviMiuDD-SBR9NlFHZtkav4lpArpMUEZaemQwWNkm9lZVJ8AnkzSR8j9y-QrzO0dOD6Yk8hvqoD8LHtxG8WeXLKbE0mbZ8fu4TYWatgmofeMYu_47FYZR8ab70HBDvXsF3lBX11_UefQF_GunPwt4DV4P-qm-EQxsbJIE9t5IKQn3K3Ixp3yd3Y-ELXvGaJRMxDwhdKeAq7XJZHoTwInj9uFRL-byOaUuFztIQ2u6n3ma61oaTuIaGsbDdY4Fn9Ma2MrglZv2r26lZv1vkVHhgNTylHZxlyYY_-kx6qawaT7yU076ynUmf0mD-k98BiYLZHQiAjfBHUgpFbipvGLmQhJ1ssjoFF-cv2EShnfeWosN8sytxy_lvqwklk0ZHgfeJ3knluA6wznLXArQeyI7TzgIFsfFbGoQcBt0Dr903y1UOoUVezMYiwZAzhQlVFAYMsDw8qdSyZEPIhsMXQsEvKJAN1mpMc3w6S-vGOe9Xxz3w0eaMIVpZ4RbBOovDleszA6Xy_hi13vb-0v8J24bUaxn_00mOtghhsSiIVPLD69dCH3xFmKLc6oObB3hZYhrPvjLo5bhGocY20niFMhCApMGQik7SyRE33ZooWeWiWf5UlJTZbjkarL--HoBQwzHEn9RRAmAkNZzaailNgX01Zn_yPYE1gHWH3y4J-OK5wvejzmFfz3Rwf0Tcq9haSXTp08Qqxjg0BeZKw_hUeb7jpj6pGGcydNHBXraFDOUS-8T5a0YLF_xBcblw_3c0ApedCEje2t6ugujIh4fiYcG2XwsPyatHV89DzwrEbfeSmEaGZrDaZYbobgeG2Y0qfdQnjmjIxIq8pJVy7DhzcASpeejRJKtoZ6WOL6skuLt86UwibLw2ZuXpJzOxBhA-aPmfq3nKBbbqhVTdR5QLfNjgOMQDu759Hv3xJVkLG5TY1Ys8wG4E8VykoujQpAeAggvPsUr7q9-fGpboXbqF6Iao8224pqu8M3BOc9zJFu4lS5xNvDW8aQzhF2CcMg0OrpvIhH6Q6ezBo--ranN4C5oJUcEn5RDkttnIlZVQyIOkArVwqba0r-mbj-bCX8PimxJaOJn2BzNQMwZpOnPG3_Y7oX8QVUUv1YATNVCNn9sIgQHvw8lUrQhhynUUSxbGaGVlUKu9hoeHbjrDAfGt9QQymIrDojO5BX8LrBZchuGASNqeMImIYPuDssQhUjsvJq1ZLoXL5oMIo0GMpJ_wIRCf3ymWWYMRBLUsn5Ea1XsbbFuKGVnjt-DM6sHqZuMU1MsAEcazwtaTE1OzJJS6rf1muEnjs3lfTUqbHu3uKiL_DEqT-7V-Jl77tqXbUfLRjIcWheqS2yU2nW2yl1OEYuhCiZoc2Mjg41S7HWummAD4qVx1YH9d8vjvzm3uDAFS1-qBy7JXwHx4W0NXWLGaasUnOFV42hYyQptxy9H9fdBUSY3mB9UZ3JEkZvsd4uUTEXgIbQpnwXerwA_RiFTE42pVMJZAp6fE5gzrxNySDj75fDSyhh0luIgBxRyvmjkeW7BejOI&cid=CAASEuRoPoMXakBkbGN_xpKwb5Dh-A&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:43 GMT content-encoding gzip x-content-type-options nosniff age 338 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:14:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame C99C	22 KB 8 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-Qm7TKv29XYEV4TqiyH1kJYfo78FWA7uWum-3v-2MMTIS7CDeOyxvERzBajj_zTbrwWUAnkLIVtF8NeNQwzJH5ZGnd2XLk0lbn-DsngChVlJ6JrUwIZ3_rBjt_F_UPxdtLu9c0Hjkh8bCb7cQYSVPZ22Xaw&dbm_d=AKAmf-BWIMGQiWtTTK_VcLvP6P1ydHALiJIs-RTHn0XxcjmhBayUcRQ3LCa7VGxD7z5hgXfgbZB-he_gGC-G4v5E0YF8mY8WqAvqc2rlSC7VYhwpFzRDMx4gNe9VMoE2aRwoHWV_QQm7cZwY-P6blHLeN1_3fU95uFyZJQ-MxMORoaPHgTeTmDD58AHk8pyzVrXQRLH7uqJjb7wjBkU_DlnBufYo_HHOfeLBMBArBmwmR-YYJ-NIuDjbQ1Pr1J1qZ0ZuukqFZalF1bRtRzddvr0SmGq9SoXwDf3Ts5t04bTn8b2F_wyHR-hR4qaILAHMerXRCoNkj7a2IQYqfuoZDnUzgVLgNDNceceTAzPB0TQIBO3p1N03IZ5jz-wsShsEqGYjT6Jzu5MiSHhDHUPJR34raN0wewt9HfL57d2SYfpLcpjRe0MgG_j0w0fIo9Lv_FMFC9Z0O83ynuLOay-Q86qcj8wqaVH9MTxI42Hh0iEC3tmS60ZyJVP8ZppwdJcEMq18uLemDH2cxr2p1_Zm52pEVWBYd0__STnZNsYN0IgfRUHF3VLecPZoTBBlx3FbvcHui7CMAJUw_bhQbhG5IIEdmqeu4_EXmeLOqvjmCUo4i8ea037AEuMqdQDtULEDfriFVa4OhRtSbQ_f1X75vCJMZoEMtteMLvzs7n-_RCgHCTHY2gVNqlbM1-XhXI5QbnOkCExxs_VThOfVTfoyzQcPIHemWhpWOpUvPkXQIxxbslyU9jazO94BCwOvV_WnJc2Vq7aaXgRp7AIDcJN0aBulZPScFlNpWEgrqdLN7Zk0hkfe2yDmsIyObw0OF3lbPwiuYXVtUyfrXJST-_XQZ4YDJ0wZF4IYTfaOlncTefV9med2oZNLATkSDyJLgeimPIGNzTc4T6vY6JvVBoIBiYKE07tQqdR77McrsXv8KOzBY4Cj9FH2EFAAgLyusgR1Z4O-8jnCfzMj9JuEilJVBy0-yWk33viN8xAJg2lYHgktVoyC6ngr8BEIMc9L-IXZ1DWEjsLLmbomTcAQX9tNwZaKOlX5XBup_8DchFCIAPyp2Sn4r2ajbeknbz58TSeS4BIKinHwCUSN17y4DIm4AMEFJDEG4QoLdydHRUeElCO7VBhzWqD3sqV45QzbKyBD9uHDFRGBzHALFgmNKl4Fo2okOPx6_gj9O2r1qzE71qd3_7OfhQAX2olAXBH8uhCquCwuj6n-1-pOdEqF3GxZIXe3U2jTKjncBWmWC_1e_W9yqj0elnT3ICOBo9JqaWYDyi_MDpMm_JUqXPdmWMt9Dpzu3U8YNmd9zKB4oP-1w6pNMyyAA6oc7QC5MILuvjO_UV9C1cz1NwjgqLQJuub_owA7_3OfNCpUYi76u1PlP0OQxnj1diPnHlhOf-mVLPdF8i5i60IbJQ3YHIMI2DMwN2o6KNz2i-LTqhA2VGPdUirEB0u1GAi8hm-MQ9OjYNFv37cCRLgDknz3SIFM1bdjyjyATEzW2V4fdlqLX1fcfNxSxfIYDbAhemfrVXSHWbc4XPDEtzGA5ufg6ELO-DmfIsdMa-j8isG_IgLCadJyWJiMQlj40Fd4mfCoAFK-IPAdZ7ERj-VBcrzrbiFNpuGkoc6KVCJSf1T63llNfSYko2seLc_a7wbUxS8Ka9awrZ5a-zHVVanyBgxrOhWDxYOKgExxO0GSZPBR6MIXGNZUtHdhJ1V0OjituG_7e9go1-enxuYeK6NBTv4f-D31lzJu-X2vdCBDT4SuYDYne9if71FnfC5Lb2o2ZkIvNfpUPzX75Epx91zQXGxSshboQGENA8t9VohJF9sfFz39iNRrYzMemPhAow6YaM5obFds8-D1eTVD7lsuxq-Bqc7SrQzxTf4J9UgyOXZYAx2qWl3MevKqAXcA4Cm9Sildt5ghh-MD2elc2WAtEfsfeXJ1rgvSz6IoQa8Fwje_OoWzsH6l7oUjbfqMpUtRmSLjT_HTR-dtl0o3EJRMXQ-w-g3FHrr3ae0PGX9bvOgUamLcK--p5hykSlzmvvO89VkGAfWlgeyvb7G3G8vXXmMFWTqC7zCpuKAIWkwxO_IcpSs-yq0PBHT0EJKYzUkviMiuDD-SBR9NlFHZtkav4lpArpMUEZaemQwWNkm9lZVJ8AnkzSR8j9y-QrzO0dOD6Yk8hvqoD8LHtxG8WeXLKbE0mbZ8fu4TYWatgmofeMYu_47FYZR8ab70HBDvXsF3lBX11_UefQF_GunPwt4DV4P-qm-EQxsbJIE9t5IKQn3K3Ixp3yd3Y-ELXvGaJRMxDwhdKeAq7XJZHoTwInj9uFRL-byOaUuFztIQ2u6n3ma61oaTuIaGsbDdY4Fn9Ma2MrglZv2r26lZv1vkVHhgNTylHZxlyYY_-kx6qawaT7yU076ynUmf0mD-k98BiYLZHQiAjfBHUgpFbipvGLmQhJ1ssjoFF-cv2EShnfeWosN8sytxy_lvqwklk0ZHgfeJ3knluA6wznLXArQeyI7TzgIFsfFbGoQcBt0Dr903y1UOoUVezMYiwZAzhQlVFAYMsDw8qdSyZEPIhsMXQsEvKJAN1mpMc3w6S-vGOe9Xxz3w0eaMIVpZ4RbBOovDleszA6Xy_hi13vb-0v8J24bUaxn_00mOtghhsSiIVPLD69dCH3xFmKLc6oObB3hZYhrPvjLo5bhGocY20niFMhCApMGQik7SyRE33ZooWeWiWf5UlJTZbjkarL--HoBQwzHEn9RRAmAkNZzaailNgX01Zn_yPYE1gHWH3y4J-OK5wvejzmFfz3Rwf0Tcq9haSXTp08Qqxjg0BeZKw_hUeb7jpj6pGGcydNHBXraFDOUS-8T5a0YLF_xBcblw_3c0ApedCEje2t6ugujIh4fiYcG2XwsPyatHV89DzwrEbfeSmEaGZrDaZYbobgeG2Y0qfdQnjmjIxIq8pJVy7DhzcASpeejRJKtoZ6WOL6skuLt86UwibLw2ZuXpJzOxBhA-aPmfq3nKBbbqhVTdR5QLfNjgOMQDu759Hv3xJVkLG5TY1Ys8wG4E8VykoujQpAeAggvPsUr7q9-fGpboXbqF6Iao8224pqu8M3BOc9zJFu4lS5xNvDW8aQzhF2CcMg0OrpvIhH6Q6ezBo--ranN4C5oJUcEn5RDkttnIlZVQyIOkArVwqba0r-mbj-bCX8PimxJaOJn2BzNQMwZpOnPG3_Y7oX8QVUUv1YATNVCNn9sIgQHvw8lUrQhhynUUSxbGaGVlUKu9hoeHbjrDAfGt9QQymIrDojO5BX8LrBZchuGASNqeMImIYPuDssQhUjsvJq1ZLoXL5oMIo0GMpJ_wIRCf3ymWWYMRBLUsn5Ea1XsbbFuKGVnjt-DM6sHqZuMU1MsAEcazwtaTE1OzJJS6rf1muEnjs3lfTUqbHu3uKiL_DEqT-7V-Jl77tqXbUfLRjIcWheqS2yU2nW2yl1OEYuhCiZoc2Mjg41S7HWummAD4qVx1YH9d8vjvzm3uDAFS1-qBy7JXwHx4W0NXWLGaasUnOFV42hYyQptxy9H9fdBUSY3mB9UZ3JEkZvsd4uUTEXgIbQpnwXerwA_RiFTE42pVMJZAp6fE5gzrxNySDj75fDSyhh0luIgBxRyvmjkeW7BejOI&cid=CAASEuRoPoMXakBkbGN_xpKwb5Dh-A&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:51 GMT content-encoding gzip x-content-type-options nosniff age 210 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8594 x-xss-protection 0 server cafe etag 7958287194716579593 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:51 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame F343	41 KB 15 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41204 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET H2	200	main.gr.19.8.206.js Show response static.adsafeprotected.com/ Frame F343	183 KB 58 KB	54ms 52ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.206.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip last-modified Tue, 01 Jun 2021 22:03:45 GMT server nginx/1.16.1 etag W/"f4d80fb2c423b91d55077116728f6247" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET DATA	200 OK	truncated / Frame F343	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fceaddf487d1161c2d7567976ac09ccb7a348d4ab5f0dd257c0c2302cac07e3f Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame B5F4	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41202 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	container.html Show response a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8BBD	6 KB 3 KB	21ms 21ms	Document text/html	2a00:1450:400d:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 04 Jun 2021 18:20:21 GMT expires Sat, 04 Jun 2022 18:20:21 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 6577	73 KB 27 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656037121142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28114 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:21 GMT
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 6577	10 KB 8 KB	35ms 35ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060301&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8cdb515e3043976e76fa7fa2787d3ea70f5ea405c15c638b43fb20bade396acc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7788 x-xss-protection 0
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame AE04	0 23 B	87ms 87ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5QKeZUjqlZP9XO4nnMJCdd9N7Phubr7D7fqlPWXXnA1VBZEMMWuYCHX6KHTXkBe7Vx9EnS1naRRoqiPMfmh43ieo6GAp0Q1Xkwb73r-JkYfvyK9g3LX4UNTMI3FDMkdY2d78B2Ud9Bawml2bx6gPB1s-gCeB2TYpRCKZjj766InQ1TtYVaJRNj34mAozC7UPKfR1BLFiWOYiU1RMQkh_C3bq6l4iSV7UGASa4Y8_zh5kl8NNJ2tZFnrx5ahbUcF-vEzCj3UbtsyLZ6cEebRKfevhPaH7UrQYwck-MrmPgmAyC5jcFWNp2VDCytn0Gl3Vflgjb4PtFh2sSZd5RPND1qK6Z5N3gomTTXORbgY5tOxDn-wFmIeczwix3jBsQaNyxy_AVpDZK23SJ3jGEB67TZOGCVNaW7rk29IpZn5iGPgepk5lPxDMH-GSWkS1rZAZokeY8ymS5OKOEYAr6z7Aso3QAPILZAMOrio9HA_VOXrpUMJpxLKiifhyAatyvI4s0mtUHXQ90qEISyUpc0o40Mw2SRXCSPgEeLt0swIVQZMQkWophStxO_pg3NF5rXctnN48JI-Obrht1VAk7AaVKmIMH-w9KR2VExrZ-9U4hoWcMu93VbTUgvII4xgzPWCcugJZHtzJhLpw8q0SDM5yuCARfdVCV4-Npidmrki-KXMoVoKbM7hZVeROkg_cGt05Q2GkPMFrKqObyOT9wameTHeKv1Gy0Y1CCkbpRS-TFv9GEizAcHjS045PtFj0D8Lx7InKfaokGSaXvgh9MI5oRQEwVLwL4e2c0UEEzbFhXCKp8K9W5fJFlS52F9CiW5g4qAshDCUohjz4dsD3oyZ-4dc2uXofsnPr0F8GeNB36vVpFgdS2DXZHeBQ57LSF3dBYnHdfPpbaIWx59_-RySA7HCp40MXlEAIXndrPK3h6W_z_EHBcIfLU6rtM0ymoekpaNPb6JZXwAOFQlzCt4_vWIg5lg4KYPoWlbR92W63CnCNO_XX0ieCe5FEZnOyn09-3IpvhiYS7drekhdn6VXKdCzI6AfIGj9JHKqSdJMHTvbh8J0UGuRMLV23H8QJ-RgtPIbp0bHOuh0YH0j2ZWuLEzvOXBGOR6Hc7q5oyvm5lgwMqEesOZE37ADVtCIhnNtX5RV_4Pqt9_7EmRs9_A5oghv2eJhPdqlRgbjznwX-5JEQGK6oaNAn5uou61zY9LFzc58x87OXoUpiaKxufUdLjzBjrQ5efBIQ2wNH8Qhlk4g&sai=AMfl-YTNa-xCSKMjmAwZWtDFLRQbguIUU4aNarhKWCyNP652YU2B8x99NqKoVnl_46GVW7uWi4CObOPh2HF0ZfyEdJSi72UITtUgTGtIXBof2hiPkwIMAw6Z2RN-YXqCFr2HNntgP6BSgx8oAMrX6yuTdO-1YwZUMA&sig=Cg0ArKJSzOvnTng6-7ozEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1360&vt=11&dtpt=923&dett=3&cstd=429&cisv=r20210601.68356&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:21 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	Enabler_01_241.js Show response s0.2mdn.net/879366/ Frame 7041	107 KB 37 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_241.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7cdfd59d0748ea8674458b0c70ac670b5f5f973ddb26b37b2f99b64ddb7a2a06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 19:07:23 GMT content-encoding gzip x-content-type-options nosniff age 83578 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37392 x-xss-protection 0 last-modified Tue, 14 Jan 2020 17:33:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 19:07:23 GMT
GET H3-29	200	preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 7041	64 KB 16 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16579 x-xss-protection 0 last-modified Mon, 12 Feb 2018 18:09:40 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:21 GMT
GET H3-29	200	tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 7041	112 KB 38 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38407 x-xss-protection 0 last-modified Wed, 04 Oct 2017 18:33:56 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:21 GMT
GET H3-29	200	da_DK_polite.js Show response s0.2mdn.net/creatives/assets/2377528/ Frame 7041	86 KB 27 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f4adbb04efcb4683d989d1bdf5ceb15ee481b444f2f1eadc19fb9fa4e5f339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:25 GMT content-encoding gzip x-content-type-options nosniff age 356 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27158 x-xss-protection 0 last-modified Sun, 14 Mar 2021 22:07:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:25 GMT
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/ Frame A7D5	1 KB 610 B	30ms 27ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8fa44a9ebb8748e091c2ea3786bb486ccd01a2ac7560a85232ebfa5c69d5064 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 585 date Fri, 04 Jun 2021 18:20:21 GMT expires Sat, 05 Jun 2021 18:20:21 GMT cache-control public, max-age=86400 last-modified Mon, 09 Mar 2020 15:51:39 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame DE48	0 24 B	99ms 98ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaZg_JEddnUOOMgJRIal6AgAHA4_txyjnEAmik-k_1Y__S24UDP3pLMbGhrKZkqy_0NhVvxQGwfatwoUe76o5mTu_MW8yhxS2zdZLBT618ONcC8MDxCOtuYKa21VompJgZi7RWw6s14NHEggUhTmPDwBI7GmdnwHlGiZlfQVJxEaIFCi0vHKdeIBLp8D005a1Mrl0_p7BHVRL8bRCaySA8bQ04kMCQFwjeZ96VjD23hrEUNz4WcSqWaZkTvwhNiMiQ-g7MjXHdmoIXq8zcuHnm-bP4L77vy6HKoT1kZTYRRuqXmNb0HkGBvM2cdMPDwEG5U7bwq3eP705CECiawr2LXiiNfvLPU29QhY40zb2270PSwS43rcLm6QGePI7KVHprUJH-xrHRL_jJQAjpqwy-YfnZ1q17NuSsPBu_GlB7wn_pUHP67kKgABzYCDRU-0U_WkgNk6ptgM62xcYZxFyMqY5Xy7XN-AW2fsYXOP5p1sC2nAVBDe3oODRR1m_vUKSriY3KbDAlosja_xE8RtSj0od_kEwTm9j00EWhpJMPl-n4QKtctco_-4qm1ryETB1JAsRFg3PwgAIS4ngJjfJoEhDJx7FsUZD0AjtlW7D_Ic81jVdTimXHKquxFUNIlQl_L_uPxEIw3zv7ciizcMGW6dNGGegVXaFcn9dll8PiCaDeVcA9fo9cOdgIKaq35KtghzqLugMU8I4knmU0CywCmysRblKJYvaULSYVlmcEosc_rpoNp5_gEN7gdW-cqQEh2FxGV3oOnOzwFjWoVaNBJZr07nJh6UQ42sPjd9vmWYC2ozxnSWd4eT3MRxv217oZIrGYncTEicsmXsDHJXJEKJ3Xqp6qzWI8WT97WPhxaK4BSn9WetyAdAyl_ZZmcllpn7lqxd_aIkXcWxXz9y396O8PXdTT5Ojek4gGrwuufwZG3zSf8bimVqTq_qBiKAPBt8EOYg63XeyZOaRwq4N1f9xxgMmkifD5nFPTwSiQ3RR8066kyOoQYK4_lmBfgP-6mBig6PWKR2JCjIqxEMptZgCHTW5dxhU4w8NbZ4ZA6QUcTZiSBR4qAHJDrRbh08MguC3yrLwo2v5xRL7ZlHXSfwKykeKGQLHGXM2qwp3WXrJN5I_zPi9Tk4U8u4GJQthqHsKTq-P16CPUzHdKrPWGwJg_aGiRxx4vQRJlJtxXJjwFM37Snvs44NZIghBYAYqOHz9hr3J24sD4IIyIkl6EldsLOiPrajFzQUnG9xFPWh2lr_Cnzre0SGUY8dCZwYaph_eRgtSRkRU&sai=AMfl-YRCmIG-8J2XbpMG6o458ecy6LlW70t5DQ-Bt-lZfIyNM4h7RhFo-pwSK3YtUTDZWJGl89K7wzcAaVi-9l_M38vBIS95W4YPu4YfDwonE_VnFaeshCrMPtDlyzMFoct9NzLQRMfDCY2N-57j5pubKtvwvBlqoQ&sig=Cg0ArKJSzE4Aih797SKEEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=518&cbvp=1&cstd=514&cisv=r20210601.15472&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 04 Jun 2021 18:20:21 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame DE48	43 B 947 B	144ms 47ms	Image image/gif	213.202.235.8 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extLi=25042747&extCr=130146205&extPm=292521135&gdpr_consent=CPHSFTjPHSFTjAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1 Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" Connection close X-ET-Monitoring 1 Content-Length 43 Pragma no-cache X-ET-Code 0 Last-Modified Fr, 04 Jun 2021 06:20:21 GMT Server Microsoft-IIS/8.5 Date Fri, 04 Jun 2021 18:20:21 GMT Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1711 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 426E	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34739 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame AE04	43 B 216 B	335ms 111ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=1cc2cf6f-eb09-1612-e6ec-46fc734f08f0&tv=%7Bc:eBb4b6,pingTime:-2,time:863,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1006,beZ:1007,mfA:1569,cmA:1570,inA:1570,inZ:1575,prA:1575,prZ:1601,si:1611,poA:1611,poZ:1624,cmZ:1624,mfZ:1624,loA:1728,loZ:1730,ltA:1868,ltZ:1868,idA:1624,idZ:1684%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:728,h:90,t:603%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:863,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:603,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B296~1%5D,as:%5B296~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:szokJZv+1111%7C12%7C13%7C14%7C151%7C1521%7C1522%7C15231%7C153%7C154%7C155%7C16%7C1711%7C1811%7C18121%7C18122%7C181231%7C1813%7C18141%7C1815%7C1911%7C1a11%7C1a12*.925113%7C1a121%7C1a122%7C1a123%7C1a13%7C1a14%7C1a15%7C1b11%7C1b121%7C1b122%7C1b13%7C1b14%7C1b15%7C1c%7C1d%7C1e11%7C1e121%7C1e13%7C1e14%7C1e15%7C1f%7C1g11%7C1g121%7C1g13%7C1h11%7C1h121%7C1h13%7C1i%7C1j%7C1k1,idMap:1a12*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:256,readyFired:true%7D&br=u Requested by Host: 7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com URL: https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-server-name dt12.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	sca.17.5.5.js Show response static.adsafeprotected.com/ Frame 4996	82 KB 21 KB	50ms 50ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.5.js Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip last-modified Thu, 29 Apr 2021 15:29:23 GMT server nginx/1.16.1 age 2849309 etag W/"5356fa8b6073c3eb408487be61ef7d77" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	mon pixel.adsafeprotected.com/ Frame BE94	43 B 216 B	55ms 55ms	Image image/gif	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html&adsafe_url=https%3A%2F%2Fwww.gool-sport.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.gool-sport.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fb60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fb60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&adsafe_type=d&adsafe_jsinfo=,id:6da26145-9d4b-0cb9-4f87-f086f5b31bf2,c:eBb4bA,sl:na,em:true,fr:false,mn:app21ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:szokK4o+1111%7C12%7C13%7C14%7C151%7C1521%7C1522%7C15231%7C153%7C154%7C155%7C16%7C1711%7C1811%7C18121%7C18122%7C181231%7C1813%7C18141%7C1815%7C1911%7C1a11%7C1a121%7C1a122%7C1a123%7C1a124%7C1a13%7C1a141%7C1a15%7C1b11%7C1b12*.925113%7C1b121%7C1b122%7C1b123%7C1b13%7C1b14%7C1b15%7C1c%7C1d%7C1e11%7C1e121%7C1e122%7C1e13%7C1e14%7C1e15%7C1f%7C1g11%7C1g121%7C1g122%7C1g13%7C1h11%7C1h121%7C1h13%7C1i%7C1j%7C1k1%7C1k2,idMap:1b12*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:591,oid:85519d15-c561-11eb-95da-0aeb40f66fa8,v:19.8.206,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT x-server-name app16.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 6577	17 KB 6 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060301.js?31061371 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:21 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame DE48	41 KB 15 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41204 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET H2	200	main.gr.19.8.206.js Show response static.adsafeprotected.com/ Frame DE48	183 KB 58 KB	53ms 53ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.206.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324078358&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip last-modified Tue, 01 Jun 2021 22:03:45 GMT server nginx/1.16.1 etag W/"f4d80fb2c423b91d55077116728f6247" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET DATA	200 OK	truncated / Frame DE48	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ad75830c8deafd33b4a53d4c350ec0e395b9179147137a346554a38c1a7adb5c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 7E35 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wj...	43 B 1012 B	81ms 80ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXHOvIwMkVFNpH6vZoMxLzsLxfNctmQLEHoktNEsK8AB75evtl1pPJT0zV9dbvwcyZI1LAf2LABtLNiFLlZItdbgVKHbjYugDnIoB0f00L7ZkL5HfdDhkAHongsdYvTTMYdeWhfRTtu8-KNYpPjd4wrRQUX5Nvqn47VEbFWINjkdphCs1ojt7H0bmyCQV1Bvz24RzpYcdsWxq4XAUQvzzh5KE77G_d7bJv0SbGFjuSXSbTMFf_umTs9BBLYzuspgy7vXTk6kPWOVnzP-eHhlbpLsYlXZHz-QDDCasupIPOz4GT2hAsouX5-L_6u4IRK72AJ_PfxKjZOJwqM9hdfLMnpnWYgUZvxSFo5goRglJzQWqlVh5LpSXbxupxZt-0IjqMJMs62lsGiXfZVi9ZOdms7-bjd_TYfNhqxf1i4e3plEidaRmjJSmogqPWcushrnbNgsXVuerV39FfzYIVWCAzEqp7oIGwW40SKHnplWpdLHzSURm7iL9jrwQGnyyJWcETdnAEFaGqvVVzdijPHbIDGf1nNV1Ppja1Rr-6RLSTPHos1JquOW5K7_8EYbVbhKI1p_J1tenRgG_JVtV18qVZq8FPQuyu8RC-W1SbF-glzVeTP6lI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:22 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 04 Jun 2021 18:20:22 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 686 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 7E35 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkF... https://dsum-sec.casalemedia.com/rrum?addtl_consent=&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhg... https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wj...	43 B 892 B	49ms 49ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXHOvIwMkVFNpH6vZoMxLzsLxfNctmQLEHoktNEsK8AB75evtl1pPJT0zV9dbvwcyZI1LAf2LABtLNiFLlZItdbgVKHbjYugDnIoB0f00L7ZkL5HfdDhkAHongsdYvTTMYdeWhfRTtu8-KNYpPjd4wrRQUX5Nvqn47VEbFWINjkdphCs1ojt7H0bmyCQV1Bvz24RzpYcdsWxq4XAUQvzzh5KE77G_d7bJv0SbGFjuSXSbTMFf_umTs9BBLYzuspgy7vXTk6kPWOVnzP-eHhlbpLsYlXZHz-QDDCasupIPOz4GT2hAsouX5-L_6u4IRK72AJ_PfxKjZOJwqM9hdfLMnpnWYgUZvxSFo5goRglJzQWqlVh5LpSXbxupxZt-0IjqMJMs62lsGiXfZVi9ZOdms7-bjd_TYfNhqxf1i4e3plEidaRmjJSmogqPWcushrnbNgsXVuerV39FfzYIVWCAzEqp7oIGwW40SKHnplWpdLHzSURm7iL9jrwQGnyyJWcETdnAEFaGqvVVzdijPHbIDGf1nNV1Ppja1Rr-6RLSTPHos1JquOW5K7_8EYbVbhKI1p_J1tenRgG_JVtV18qVZq8FPQuyu8RC-W1SbF-glzVeTP6lI Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:22 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 04 Jun 2021 18:20:22 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 667 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7E35	170 B 188 B	67ms 67ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXHOvIwMkVFNpH6vZoMxLzsLxfNctmQLEHoktNEsK8AB75evtl1pPJT0zV9dbvwcyZI1LAf2LABtLNiFLlZItdbgVKHbjYugDnIoB0f00L7ZkL5HfdDhkAHongsdYvTTMYdeWhfRTtu8-KNYpPjd4wrRQUX5Nvqn47VEbFWINjkdphCs1ojt7H0bmyCQV1Bvz24RzpYcdsWxq4XAUQvzzh5KE77G_d7bJv0SbGFjuSXSbTMFf_umTs9BBLYzuspgy7vXTk6kPWOVnzP-eHhlbpLsYlXZHz-QDDCasupIPOz4GT2hAsouX5-L_6u4IRK72AJ_PfxKjZOJwqM9hdfLMnpnWYgUZvxSFo5goRglJzQWqlVh5LpSXbxupxZt-0IjqMJMs62lsGiXfZVi9ZOdms7-bjd_TYfNhqxf1i4e3plEidaRmjJSmogqPWcushrnbNgsXVuerV39FfzYIVWCAzEqp7oIGwW40SKHnplWpdLHzSURm7iL9jrwQGnyyJWcETdnAEFaGqvVVzdijPHbIDGf1nNV1Ppja1Rr-6RLSTPHos1JquOW5K7_8EYbVbhKI1p_J1tenRgG_JVtV18qVZq8FPQuyu8RC-W1SbF-glzVeTP6lI Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:21 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 7E35 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzNTM4MDQyNjI5MTMzNzI4Nw%3D%3D	170 B 188 B	63ms 62ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzNTM4MDQyNjI5MTMzNzI4Nw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXHOvIwMkVFNpH6vZoMxLzsLxfNctmQLEHoktNEsK8AB75evtl1pPJT0zV9dbvwcyZI1LAf2LABtLNiFLlZItdbgVKHbjYugDnIoB0f00L7ZkL5HfdDhkAHongsdYvTTMYdeWhfRTtu8-KNYpPjd4wrRQUX5Nvqn47VEbFWINjkdphCs1ojt7H0bmyCQV1Bvz24RzpYcdsWxq4XAUQvzzh5KE77G_d7bJv0SbGFjuSXSbTMFf_umTs9BBLYzuspgy7vXTk6kPWOVnzP-eHhlbpLsYlXZHz-QDDCasupIPOz4GT2hAsouX5-L_6u4IRK72AJ_PfxKjZOJwqM9hdfLMnpnWYgUZvxSFo5goRglJzQWqlVh5LpSXbxupxZt-0IjqMJMs62lsGiXfZVi9ZOdms7-bjd_TYfNhqxf1i4e3plEidaRmjJSmogqPWcushrnbNgsXVuerV39FfzYIVWCAzEqp7oIGwW40SKHnplWpdLHzSURm7iL9jrwQGnyyJWcETdnAEFaGqvVVzdijPHbIDGf1nNV1Ppja1Rr-6RLSTPHos1JquOW5K7_8EYbVbhKI1p_J1tenRgG_JVtV18qVZq8FPQuyu8RC-W1SbF-glzVeTP6lI Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:22 GMT X-Proxy-Origin 82.102.20.244; 82.102.20.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.56:80 AN-X-Request-Uuid 3585f02d-bb3d-4f9e-9c27-8d08e4efa651 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzNTM4MDQyNjI5MTMzNzI4Nw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	container.html Show response b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE7F	6 KB 3 KB	20ms 20ms	Document text/html	2a00:1450:400d:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 04 Jun 2021 18:20:21 GMT expires Sat, 04 Jun 2022 18:20:21 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame AAF0	73 KB 27 KB	27ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656037121142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28114 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:21 GMT
GET H3-29	200	container.html Show response 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD14	6 KB 3 KB	20ms 20ms	Document text/html	2a00:1450:400d:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 3108 date Fri, 04 Jun 2021 18:20:21 GMT expires Sat, 04 Jun 2022 18:20:21 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame 893F	73 KB 27 KB	29ms 29ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 11d71fc112df3977b9562151e6c75ce860c42779dddcc79af1d0a07366cd44d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:21 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656037121142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28114 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:21 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012105242203000/ Frame 36CC	191 KB 55 KB	43ms 7ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3b90f60459b17f2ddf447768e249c21c662e70bde6148deff13643982f93f9a6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 41654 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55246 x-xss-protection 0 server sffe date Fri, 04 Jun 2021 06:46:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "e9907e100ee706e0" accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:46:08 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012105242203000/v0/ Frame 36CC	12 KB 5 KB	57ms 21ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012105242203000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8de063d7075aa9a9a68120f3eb37178e85777138d4154903a2d4b187b4a893d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 41656 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4568 x-xss-protection 0 server sffe date Fri, 04 Jun 2021 06:46:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "b435c2fa80137a0e" accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:46:06 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012105242203000/v0/ Frame 36CC	87 KB 27 KB	53ms 18ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012105242203000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 12993a139a46e15abb56308ef8656d80812fb748dfa88116ee6e20ad3494ae98 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 41656 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27371 x-xss-protection 0 server sffe date Fri, 04 Jun 2021 06:46:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "6687a81702b10306" accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:46:06 GMT
GET H2	200	amp-animation-0.1.mjs Show response cdn.ampproject.org/rtv/012105242203000/v0/ Frame 36CC	70 KB 16 KB	58ms 23ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012105242203000/v0/amp-animation-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1c5563da3d1d8ffdd50815ecffd1c8549c4c8828429322f53effb7fe69814a0d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 267441 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16346 x-xss-protection 0 server sffe date Tue, 01 Jun 2021 16:03:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "60764f3de0d417cf" accept-ranges bytes timing-allow-origin * expires Wed, 01 Jun 2022 16:03:01 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012105242203000/v0/ Frame 36CC	4 KB 2 KB	57ms 22ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012105242203000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9de4196056e2ffb92e9e6eb78502d3ed77f71a1e8045434a907251ff0b998357 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 41656 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1521 x-xss-protection 0 server sffe date Fri, 04 Jun 2021 06:46:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "5a9e085610d63d0a" accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:46:06 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012105242203000/v0/ Frame 36CC	41 KB 13 KB	57ms 22ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012105242203000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e53b8865f7f1e34e44d14f6ff8789dd7f421e7d3c69e48dab33188ff4d99f4e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 41656 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13132 x-xss-protection 0 server sffe date Fri, 04 Jun 2021 06:46:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "1bd5431ac5ac76b7" accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:46:06 GMT
GET H2	200	css fonts.googleapis.com/ Frame 36CC	2 KB 643 B	28ms 27ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open%20Sans:700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d1f0695ea039dad4be2e16a27c6848658e8301e3967d7c027fe867b759cb1219 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 04 Jun 2021 17:43:25 GMT server ESF date Fri, 04 Jun 2021 18:20:22 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 04 Jun 2021 18:20:22 GMT
GET H2	200	css fonts.googleapis.com/ Frame 36CC	3 KB 625 B	28ms 28ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:700,500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 33b27831ddb8bd0ac8e3335292ed19181632e6da37c6ddd17281b1156c526e09 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 04 Jun 2021 17:45:24 GMT server ESF date Fri, 04 Jun 2021 18:20:22 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 04 Jun 2021 18:20:22 GMT
GET DATA	200 OK	truncated / Frame 36CC	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3c86eb0f03d2a3977abef85e728ab4feb5b4b3f85c82c9801e5f607f39559611 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	ar.png tpc.googlesyndication.com/pagead/images/abg/ Frame 36CC	3 KB 3 KB	8ms 7ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ar.png Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 04:58:24 GMT x-content-type-options nosniff server cafe age 48118 etag 9421415325968714010 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2737 x-xss-protection 0 expires Sat, 05 Jun 2021 04:58:24 GMT
GET H3-29	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 36CC	344 B 368 B	7ms 6ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 06:55:38 GMT x-content-type-options nosniff server cafe age 41084 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Sat, 05 Jun 2021 06:55:38 GMT
GET H3-29	200	adview securepubads.g.doubleclick.net/pagead/ Frame 36CC	0 0	88ms 87ms	Image text/html	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Clqq_5W66YPWVF9PG7_UPvPq9iAHtu_ebYfWvu93oDb_hHhABII3kvSlg0YG5gtAHoAHXuffOA8gBCakCM4sDIerchT7gAgCoAwHIAwiqBIMCT9DT0ououv2LfqWhuht4RQMMLAf7Easeksk9ynmre7nhFA_GAPzGIFmoCxqpXnU9kqDk7Yug4zWBr01VGc7fue3xySQuMMmNDNclTHdUfon5zYFZ7ge2K0MGHpUe1mxds-DVrT1Rz1t9OKCFGsgNsl0h24KyYqGdJRi-hyCT3bdt89sKmZyv38213I3fkqi0oOhZfJGcF3isFX7FTa0n-TI6PhPVcjABMyKWe9lku_H_4qIwg5PStrbpT-jpt3WB65x-4pnCqTjiquKUcCygNPVavA4Lvcm6eEEB-CEA2Q0569tPtlocR9lA4tI0JvtG8wFG0SzE3Mrs5uuAW0TXnKV718AEzfevhK4D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5HGiDGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQqdE10ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05MjYzMDQzNjY1NjY2MzY4gAoDyAsB2BMN0BUBgBcBshcaChgIABIUcHViLTczODMxNzE4MzA2MTQyMTY&sigh=nzgO5pCO-5A&template_id=419 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	5b817c6aedfacb35f2ac5b51cfdcde0e.jpg tpc.googlesyndication.com/sadbundle/16162963437053558872/media/ Frame 36CC	18 KB 18 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/16162963437053558872/media/5b817c6aedfacb35f2ac5b51cfdcde0e.jpg Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ee85891e1f475b55a6c7f0a7beec3d2e8238d8d2c1b907cf379e46edf4ef42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 02 Jun 2021 07:24:04 GMT x-content-type-options nosniff age 212178 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18451 x-xss-protection 0 last-modified Thu, 27 May 2021 11:33:58 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Jun 2022 07:24:04 GMT
GET H3-29	200	91df3e7cc25bf0e83138fb45b9957335.png tpc.googlesyndication.com/sadbundle/16162963437053558872/media/ Frame 36CC	2 KB 2 KB	9ms 8ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/16162963437053558872/media/91df3e7cc25bf0e83138fb45b9957335.png Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 73e4307b0828d61747c3cd54cf29c3852cedbc36564066ab6f15fb35a9ecaa72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 02 Jun 2021 07:24:04 GMT x-content-type-options nosniff age 212178 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2250 x-xss-protection 0 last-modified Thu, 27 May 2021 11:33:58 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Jun 2022 07:24:04 GMT
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 4A83	10 KB 8 KB	35ms 34ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 374a7d6551e031f964e925882dbd5cc0867cf972f1e61fcb1308c1f2c7abecc1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7691 x-xss-protection 0
GET H2	200	dt dt.adsafeprotected.com/ Frame BE94	43 B 215 B	112ms 112ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=6da26145-9d4b-0cb9-4f87-f086f5b31bf2&tv=%7Bc:eBb4fS,pingTime:-2,time:856,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1143,beZ:1145,mfA:1707,cmA:1707,inA:1707,inZ:1708,prA:1708,prZ:1730,si:1734,poA:1734,poZ:1738,cmZ:1738,mfZ:1738,loA:1866,loZ:1867,ltA:1998,ltZ:1998,idA:1738,idZ:1794%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:728,h:90,t:590%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:856,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:590,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B291~1%5D,as:%5B291~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:szokJZv+1111%7C12%7C13%7C14%7C151%7C1521%7C1522%7C15231%7C153%7C154%7C155%7C16%7C1711%7C1811%7C18121%7C18122%7C181231%7C1813%7C18141%7C1815%7C1911%7C1a11%7C1a12.925113%7C1a121%7C1a122%7C1a123%7C1a124%7C1a13%7C1a141%7C1a15%7C1b11%7C1b12*.925113%7C1b121%7C1b122%7C1b123%7C1b13%7C1b14%7C1b15%7C1c%7C1d%7C1e11%7C1e121%7C1e122%7C1e13%7C1e14%7C1e15%7C1f%7C1g11%7C1g121%7C1g122%7C1g13%7C1h11%7C1h121%7C1h13%7C1i%7C1j%7C1k1%7C1k2,idMap:1b12*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:264,readyFired:true%7D&br=u Requested by Host: b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com URL: https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-server-name dt63.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame EBFC	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41203 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/ Frame A080	1 KB 610 B	29ms 29ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5122c11c712dd865696a259facba17e7d6d1b90fc386f5f26126bd56de867bca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 585 date Fri, 04 Jun 2021 18:20:22 GMT expires Sat, 05 Jun 2021 18:20:22 GMT cache-control public, max-age=86400 last-modified Mon, 09 Mar 2020 15:51:41 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame C99C	0 24 B	94ms 93ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3pUzqP4l9l2f30HfUViH3YbWPpiVVRH2u5cXAtr5mPoxD6fUfpHXbw7go2q3Yryls6O9_rdJTGpYp8hzfS8gaBmWuWzDvlXEiO7JeG1Y7E9YIikRqqMhakPLFvLNtI3JcaRe6FKeRKbPE_01-okwI6AwSBygb_XPDCbHd0paA5WiKODp1F_AVTX_UhPbBWsZrsWRRIXD1q5AkT_nESzzdUUe7eDAF-5CgMyoV5-D_L0jyZq8EuqsvlzCWmAwan8WG4-g_rvDAHgC9O8Hxx0JfT8max-lP6jPdH2s-zy5GlPNuu8mTX0adEYGjGbucUyMy7M_bV0ml1RMfnT7gpWcnzSxpd7PYhzfD224nkgqJDCiGgEXopLSoYVc3W7kAyl4ErGjRExn3lRzw9IhPVDhQRpqDPa11G-h9LteH0IkT-K1iwPAZ_xc9wy8ALZG-7S5iz7Twkvlx9fRRhsJrEfKcWoaDuyFlO3sj1D8jxS0vH6Ge1pQOLw38uJJni4QQy2ru_9pAPNIlZcE7ht2puvX68RPH9SXqZB1oGRsckDvFOvl2ZhhO9InxBeiTik5sP8TkPy2UNHubpwB4CFVxM7R2IvsPaYnNRjS1lVCtaNxnKQvmR-PKCZ1OKjvuuqVr-UVwJjsmPEN7u9yw9zBW0ob8k6HIpsS-KsJhLDHdPYhYS_8GtcLZwf3hxgSvBVz5FpMwhCIpg2wuufLZbUQVh4k1hOV9T0v0GG07KCLGuYPTa_d7ERqR4wne7w8BPyIERQ_NMoY2b8FyILiZMOUNlO17A4PYZRB8vK8JL8X2TKm27fl9jXvUc7FHdMGSc3GciCHvrJW7CvCgGEaxac9Bi3bX7nM1d_Y_ADLjHOmiB9KBX_Ri387Z2SD_T5GVTRW4hZPpw0wn3Wb7Jy3Ic1QXENDTCUdkT53I8SwXbppKzh-quCHL7o7PAeG9jN7ms58SjQCII1R6YbIHOBZXNIQqeQkLJBbIyKctYHVe7yZC_0gLuf2s7v8332yq_2_DMKrGrXWL1rt6yA055Vp6fRVTR6B2r2HPH8PW3A_x3ckrNix9jGfoGNxOrNbPw-Uy5c7gN9CABoycRg9H7Wi-ORccPeJ8crvEeC5BzWrJmFVOQfnapubbvCVilXJCfcIXhPhZDYUXDx7ACE70mLvM0NMemmZ9MRTq2aNkrlCVQTbLOnpkdU219ak-KnyGU10-VQiKxxdjQJS73eJxxdjy4bdwJSnfNFKyY5B-yULV3qDtInmNjg2tM-NxX4peRhR_D1IeHIDANC8bi8KiUwG5gw&sai=AMfl-YSb9MLJhFmI3UZfRs1D8wWolWwjrTc9T7GzX98xYyLmM4UAbe2FFa_5GZQkDapYHNGpxGsHDLvCJarDHjC30U1LSl89Qek6lAbD4_aVbVMWXrHwWb6gUmUQ78SfhFUVJ4VUF_DJQwRuzlOq_FU4HP5G09A4GA&sig=Cg0ArKJSzPuUKnuSpUREEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=431&cbvp=1&cstd=426&cisv=r20210601.46455&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 04 Jun 2021 18:20:22 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame C99C	43 B 947 B	157ms 55ms	Image image/gif	213.202.235.8 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extLi=25042747&extCr=130146484&extPm=292521141&gdpr_consent=CPHSFTmPHSFTmAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1 Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" Connection close X-ET-Monitoring 1 Content-Length 43 Pragma no-cache X-ET-Code 0 Last-Modified Fr, 04 Jun 2021 06:20:22 GMT Server Microsoft-IIS/8.5 Date Fri, 04 Jun 2021 18:20:21 GMT Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1711 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3-29	200	Enabler_01_241.js Show response s0.2mdn.net/879366/ Frame 686F	107 KB 37 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_241.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7cdfd59d0748ea8674458b0c70ac670b5f5f973ddb26b37b2f99b64ddb7a2a06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 19:07:23 GMT content-encoding gzip x-content-type-options nosniff age 83579 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37392 x-xss-protection 0 last-modified Tue, 14 Jan 2020 17:33:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 19:07:23 GMT
GET H3-29	200	preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 686F	64 KB 16 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16579 x-xss-protection 0 last-modified Mon, 12 Feb 2018 18:09:40 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:22 GMT
GET H3-29	200	tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 686F	112 KB 38 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38407 x-xss-protection 0 last-modified Wed, 04 Oct 2017 18:33:56 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:22 GMT
GET H3-29	200	da_DK_polite.js Show response s0.2mdn.net/creatives/assets/2377528/ Frame 686F	86 KB 27 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f4adbb04efcb4683d989d1bdf5ceb15ee481b444f2f1eadc19fb9fa4e5f339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:25 GMT content-encoding gzip x-content-type-options nosniff age 357 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27158 x-xss-protection 0 last-modified Sun, 14 Mar 2021 22:07:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:25 GMT
GET H2	200	sca.17.5.5.js Show response static.adsafeprotected.com/ Frame 86AF	82 KB 21 KB	54ms 54ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.5.js Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip last-modified Thu, 29 Apr 2021 15:29:23 GMT server nginx/1.16.1 age 2846999 etag W/"5356fa8b6073c3eb408487be61ef7d77" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	mon pixel.adsafeprotected.com/ Frame F343	43 B 215 B	58ms 57ms	Image image/gif	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html&adsafe_url=https%3A%2F%2Fwww.gool-sport.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.gool-sport.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&adsafe_type=d&adsafe_jsinfo=,id:e39bf9d7-563b-6e16-7914-ad60be97eb74,c:eBb4ht,sl:na,em:true,fr:false,mn:app15ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:szokKbx+1111%7C1112%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C153%7C154%7C155%7C16%7C1711%7C1712%7C1811%7C18121%7C18122%7C181231%7C1813%7C1814%7C1815%7C1911%7C1912%7C1a11%7C1a121%7C1a122%7C1a123%7C1a124%7C1a13%7C1a141%7C1a15%7C1b11%7C1b121%7C1b122%7C1b123%7C1b124%7C1b13%7C1b141%7C1b15%7C1c%7C1d%7C1e11%7C1e121%7C1e122%7C1e13%7C1e14%7C1e15%7C1f%7C1g11%7C1g12*.925113%7C1g121%7C1g122%7C1g123%7C1g13%7C1h11%7C1h121%7C1h122%7C1h13%7C1i%7C1j%7C1k1%7C1k2%7C1k3,idMap:1g12*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:513,oid:8595f9ab-c561-11eb-bd9f-0a320acf4edc,v:19.8.206,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-server-name app21.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame BE94	0 23 B	88ms 87ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuUdyV3K7cBVHaiefX1W9mmTLfPr7wHXLAeEp9F4uXmKVMRC4DVfZZech5ZmoosFVa2lymjZy-kwuh5nkjeKmQIIwuFmTil33Ye0xl3x3IBUJNZvmgypg-m5cybTpFGOllU0OJYCUUKTPRVUifLOYJxWAv9Qga7BQmBaW0t6TaHB8AsR7ejos78MGEI4TlR8a9-kioUKaD_NhRHC4RNTK4RNZNGsexnEMIcocPOz8gJjvJC_ewbw8JcweCxu5yHclCTQVTuUZ_mIiRjXrkrGkVjQWlSQiFiyGYSojsmlrzZapyq-CiOeRAYXiEmZReWRfvMICXMF2Ofeax75TFGT0O9VBmF8alDif-tfoWS8ogtSh5sLERlIPJ2c39kN1piZeLNKrH24b6bOxyS95HQV9P7SQVr58VoAoi7mUxDmvOLTxj8M72JO4FE-pXhm28WF2UXEcdkYNDa4pwvvFQPG6aulvhTHWCd6tOJB72v1LW350GNIw4YrmxfIlTgSH72P3X07lq0da20CWNDRxYSeK9wfxi4UYtKxED_9T8x_TUkZ6K6KUfz99VgczsJfGEns1Kt09u3nUsis7InpaGdfnMzif4uCtFz8f0btcOJiGoDxK5q2bRYVMyMkwxOq_pPPdCAZb--b_RHBn5dDUankbn2oQGs0-h0MHmg5cxQXSJEbG3NswsFG6enlbsz5IboihpyKnoIGtGQ9sJk7GyXIvkI97s3acNGbGZ0L7XD21W6K7kx52quOj_ZhtmG64mHVGIqVbVj-ZuqUJC8kIUtLe2ZoFpJB6BuTlikKnJZC1F-yxxZ7qFs_ZfN8RUWiAor-NvSewwCZW5YHrDBRZAJ5Kps-C6OeH7jxbkQkuLCoD-daxB_UwXZrD_gdACrgJBZwkgqNDcGGMyfu4My-9fhuaswczk2KgPX9VPqFT_7qL7CChT3pcnJa80s5ROP6Vm11evvO2xXa4-VTRutodznDRXh4AGlj6ECJ5fakuKbhJMtGloaL9eNxYbjMBm9OQjieQPoWhMcPR6tjbgeIVvGuJr5pK2wgpLUv3p9O_wZC6HRyIiHjZpHpU0Ag2qEXDRLFOQe9wYG9xwH-7x5wzewGruSrPU9wPQQlk-lDAp7BFEj__xtFRxn2Plm_E_hToNsAImSPFNvIQKTSYB8KLGBs16pp9gBPc1dYaEsW3tAd7OaiTzNZHhYpP2-3YpnK7GUj26VvG-CsePIDsHLgC5vS7zs40Qai6FKCxfw73wOp2YExg&sai=AMfl-YSpL4v-wnhNEGA_0-cdQ1DIYCp6DOEpRLr1PT7-06pP36wccxlEptrK1mZC57uagPPd98Gkti2I2VCdScp0FY3mVecs6uv8yHD-D_rWyz4iCEARV-Bz0hwRW1nDGDnTr3H6mQF6UgT-gYUZ8iSo1pQqddyetQ&sig=Cg0ArKJSzM12QDEqL-TKEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1355&vt=11&dtpt=1037&dett=3&cstd=313&cisv=r20210601.72752&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:22 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BABA	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021060301&jk=3000484437559475&bg=!CwilCEzNAAY6sG-_OrA7ACkAdvg8WkHQ1qfKP_E_6vTNdUzH0vhpbM1-Z6aV2ztnJFSW9J4-UOwk-AIAAATwUgAAARtoAQcKAIUzWiE0kSVLZeDHRhj665IKg3640e8gPjTN7QndpOguJtuyvlzc6EXEiTILxfBswtntHOCHWSn9MxQUVm2bx8iFxbYZzwLGIugtHqC-baKEvvxRbVQTKwe0alv4jLHTjYZIeF1qdcA8fjlZo_EdDaB9tfxd1eIrpT-6UKCSGZCW7Jly4E3xmQJZXxuvyxK2-4hSwpfX9pJglpZ51V0onyGqUTedmA4HGuw0B4VM_ZpQJYo-l9G2qCOCuH13BAsUl6kvMxmctNaB9_b2XV7qRx3rDzGFm6Q0NFTzz0YPOwdBr3w8cqAYgUwl9mQ3s1Qav9oEcy3WBIjZMO6FumFfw9UVqOwFkrAlp6WJKa5Z3huLItoa3QYemOWFpW0svzVGNN7R62rvTd7ZZp3pB4pS66jHJjII5wyh_-nG8kdrGYF7cEXt6TJ87YztjYO3FflKFteNpZPUPsn1xEB_picfH4hgmxD0UgrRWO33qkUATDnfcYcKNnfPSvL92mBxLYzDEIjujjiKc3ZSJouREdo3pxmbKDLDGrCn8__Tm9dSDU6bX9ITTtDsw7hooMWaobIKMIlpIdLH4vmqoTKQXon6hbh9pvjIzzY9NlMj_C8tY9MLPhjWciobDPLlVnvutI-DzC8ycT5NnQLW-u0pKj54hxH7hER2Aped1fAzUdC_0K8FL6kacdi-r0k6x3Fmo7hXeM9z9-Rm1Gjsa8kRSzLt0BTYPcbal3Py9MlIUbhBj4HdpKsOWy8cvsCLRXgKEHL0LdJFU4aT09RRJkV9CY_HoWqwyvv939odDVRIfIUBp6qCTHAo-IH0y6NCKvV8Py3SaeF44vCJlutkYXDJRv3pZfSxl50XhxkCOttabXC_CQbUWIyjE0a-BaW5LDHTFbJ9LzYI95jdbPfCu6RJqquLS6Bxc-vuUTKPhdWru19zE9-PFV__7o8cClj6_ckpHBV8-ZXthkrqK88afHfr9DXvvs7y0A Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 1DAF	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34740 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame C99C	41 KB 15 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41205 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET H2	200	main.gr.19.8.206.js Show response static.adsafeprotected.com/ Frame C99C	183 KB 58 KB	54ms 53ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.206.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip last-modified Tue, 01 Jun 2021 22:03:45 GMT server nginx/1.16.1 etag W/"f4d80fb2c423b91d55077116728f6247" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET DATA	200 OK	truncated / Frame C99C	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 18c744b6430125c33a4bd5468536f72b69d0c386883133be596a79cc3c144ed1 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v15/ Frame 36CC	19 KB 19 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:700,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.gool-sport.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 18:36:08 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:10:46 GMT server sffe age 258254 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19480 x-xss-protection 0 expires Wed, 01 Jun 2022 18:36:08 GMT
GET H2	200	mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 fonts.gstatic.com/s/opensans/v20/ Frame 36CC	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.gool-sport.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 07:46:46 GMT x-content-type-options nosniff last-modified Tue, 18 May 2021 21:21:50 GMT server sffe age 297216 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15112 x-xss-protection 0 expires Wed, 01 Jun 2022 07:46:46 GMT
GET H2	200	JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 fonts.gstatic.com/s/montserrat/v15/ Frame 36CC	19 KB 19 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:700,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.gool-sport.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 01 Jun 2021 05:02:07 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:11:03 GMT server sffe age 307095 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19272 x-xss-protection 0 expires Wed, 01 Jun 2022 05:02:07 GMT
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 4A83	17 KB 6 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:22 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 0125	14 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34740 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 803D	2 KB 591 B	30ms 30ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXv79zgQyDUTMmBtg0OLZmjiaGX7Iy0q63nj7VCd49jLKRLBjj365y002cKmmCyQZjH1MSEeovD4Sdf4vL6DrczX8SlqOCoD9E2TaJhVbg67msyVVPk_N1tt7LPrzpZ7C3XmLs8MRqovWODBliB6QGNnLBc9PDhm01q7WjYVP2SLR9lkUd_4gFWzpBf1YrJrJ_9kKddpuIhYv1c9N8rLQPmTEowttSS1aEXS3tQkDokxKy7h_9WdA4qM1Bd3tifG6gYvAvfAhDx6sNKT1is3WWbKZp6NZTZ2trtMDHnYt4dBDJ4orb7UIPxeXocbbTyJ0G0Um-hpRqjEY4_Yep0YXd_OwNN4w46AlB1fg6ZjEykC-d4qzjkxTWpeaHuFq_AfGKVS6zeU5rvubPsW-igwvcgmWpEftmhs9xaB-zS8moouwFT1fW6AehRl_dYXAIc2Q43p4IbGOWC5zbNI0ZS85sSFzQRnO2inMp3V2U7eapu5obl_DQGUBnMUmgyxNzdOOo1Uao_OkIuHTctDDLzMzjZQzl7NRFUYBAYKEaCXWR6xamcCb21SJT5NqYxZrVVEyygaCwAyJWO4yvRglNhtMsaTs4x1oYzzGgI7n9AEDzreqVN-QQ Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bccc7e00273d57817b1362768e7609b7895243dc2579b64f58bafcd410b0f207 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXv79zgQyDUTMmBtg0OLZmjiaGX7Iy0q63nj7VCd49jLKRLBjj365y002cKmmCyQZjH1MSEeovD4Sdf4vL6DrczX8SlqOCoD9E2TaJhVbg67msyVVPk_N1tt7LPrzpZ7C3XmLs8MRqovWODBliB6QGNnLBc9PDhm01q7WjYVP2SLR9lkUd_4gFWzpBf1YrJrJ_9kKddpuIhYv1c9N8rLQPmTEowttSS1aEXS3tQkDokxKy7h_9WdA4qM1Bd3tifG6gYvAvfAhDx6sNKT1is3WWbKZp6NZTZ2trtMDHnYt4dBDJ4orb7UIPxeXocbbTyJ0G0Um-hpRqjEY4_Yep0YXd_OwNN4w46AlB1fg6ZjEykC-d4qzjkxTWpeaHuFq_AfGKVS6zeU5rvubPsW-igwvcgmWpEftmhs9xaB-zS8moouwFT1fW6AehRl_dYXAIc2Q43p4IbGOWC5zbNI0ZS85sSFzQRnO2inMp3V2U7eapu5obl_DQGUBnMUmgyxNzdOOo1Uao_OkIuHTctDDLzMzjZQzl7NRFUYBAYKEaCXWR6xamcCb21SJT5NqYxZrVVEyygaCwAyJWO4yvRglNhtMsaTs4x1oYzzGgI7n9AEDzreqVN-QQ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUnSzAWnPbiLBpHhYWKGXkbaF88a39tmh6TfePrZSMw9aAE4hJZ5EoG-SkboZDI Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 04 Jun 2021 18:20:22 GMT server cafe cache-control private content-length 570 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 8BBD	64 KB 25 KB	100ms 100ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTEXUD-cq0mKXlbwoS7WZhIJDKgHIMGGRETavF_XWGwG0b8qqv51P0ToUmQmIZwLP3KICGgdoK27xskmbTXHO1_GcaGoMxdHKse2cQxwK8v8eF1W7K8fu-LR_y2lkIb-Fy1l9d7Olp8tIgszdXTuPk20PAEQ&dbm_d=AKAmf-B5V37GxqhjbEU2hL1INQIKm6qbOI3JVM1Pvzjc-Lcxe35EQmgohgF3wLj0Ygvf2OiO2a2lJVgzoYqBOpiwEMTkDR2_yTNn964jALr_0jzwKYq6bxDYOBYx7kJXkr8XPHXIXTkUmLGxDx_6Y3vbiAaqTp2hqkp8lqfM67zc9Q2ST4bkwe8asnc0MHAQEnZIVlyEET4DdfAadKJgoDadbWX2B6Gm16FbvApVf-kbYU3kBHgNY4PCmvf5hcLozfs9xlviLVYuDOB0-MeDAuf4lyVUXn6JCNbzxIAPYy11PXuBnr5agDx0cLJTUEkn9NEZMDO4Hw62mynG7rsTbfVR2FSelZgNVXdjgXpDM0uVGEMLm5j6NmXrlVXnSyQBrjBJknNZGcEKfo98VPmQko6Nw6GeIVkSjgPbz3nI4cUCtmYRXjlep-uzzxbaZDUyDg5osBG6WBxumpcvLX5D4MADFNQfWEElqQ3rIjl2qD8V6GxJxG1DtmegcRiDTITN8_MJx6o-65_bBFaXmXfBbG8E3nTCaF_O5dFr1sZrqR7a-UdeyIv7dYOp4SdX-2SciI9ZC43GdipRnHpEyCSOHHJ_6P2cXV6is0FQBn3oc7Lb5ddl8ZEYMBlBNg4JRUaxVP8_r1eiymoLS2jx3Jc7wcpo3XupRSHdMMCzOGcTiaz4aj-MKQJoDFNtNyPj8DDzH4rozaHJasyuOebB7viG3r3H4YyHvespgT0n1woFt_WtMUDq1FQhMD3IZO5r6-Wps56rLo0fk8kqJtvtm_xZswA-mSZlAIYiOLJITEJctcCk9QdhRtiGvHNNCJJVqGLcvupdicu73QhGjXN-272ZQIY7NH4mdX2SrO1bdJeYcj6h3DUOAbKZmSILOWWSqTvxhx9KDdBCPUQJ_I-V3GfK04bO5xhp6FGqtsv15xefOzZSbZ5zcvpusbVmQtJzaotueTyyva8D9zaEATo4ZXTTfKCgEGk6GAzMkr_z7a7btJ6xAkONiSspGtbZDItEdg_t3z5SD2rDOqlaElcRXaTFdSAyWdYPLSyM9fyfC1tQQlJfyJO2Cy8bVSleYa0PdsDrSDO67uK_2fAjv8F-VAUG0lPtWIcNFWu4OuB0vowfBsm5k5yO_ceq2apH6ZSFqlf_mLxOuHu25G-ilDRj-8Dlvb37083SVwSjnj69AOEizxYuiGatC-go7964U119z267kE-8TFnEXZUeswn_HhfRoe6nLK5UDJV6mw27AWuwR_RtkHwxpeuI8G7DIP8Mvo_krtJmyZlonx3neUSW0W67xAp0HDU_fTt87ai_yju9QU3NGD5tA77sTDEVdFH50aLI-EqSIBT50imSYwHnUzRfFL-vsln5chKNzqdOP8nzmwiuM6lc2ABVjw9g-80cJ4bQzg8Pkn-CazH1vUwjXLkyYmkcAFftUYsF7dKHHonvKeSt5g6C88Eu4A5j9O6ljG1iddt42uf0XKsJx1Mx44aHWptXXHRYS8K6cxo3AeFjK1pnuPCBeXO6iiNV-w8_CbxzvgX8EMH9TZetfU9fUtGgeml7b_5npJI5BuTrBGTj6M7S-DrTS-E5ioBwdy4NKLtDoEMUhPtmljiJSvsGvzqlp4jTtkoTOhHl71Fnzv0arNEBUJlZRtzVlAd03uGmXZ8VA7QdurXoRZhpi2hrAZbDq4tkfWgiDKANKMS9moTbGENEVEtnCaAr5vPaRrbG8Vt44Toqog2Af-qD4mOEeVqDBYlzPS2PogG8jDZnwDpayfaakBjyzh2qfOp3xku-dKnrrahx-7YnPS2IGiafbKtIZDEBb1JcS4vXBQKA-Fvw9IUEUaNO4ztisDvScxZOUTyyo-yIR-UrnYEfxVnaL-1Jaq4jIHHEjSAPVnKIr98CjFUduPF6P-KNDi-A7UDGO03G21OYmc6Lj9ZORB9ZgJ-k_CeDb0IeebbEvSkRF3FcTskTNx6cE4y6WCEKbMi0i9KH-YeU5jrLl-NQd7xDmSb467GODBPbQwNcx3-uu00wwLhhqHgJssAYvj__PUke0Bd0lzNvZB9cN59q6uuwQKYHmdhuZAhWAez4v6JGLlkbhd-kUtGUsX2DugXipcOoDs5DNdWYgOzSNQaHTH8Rg1ShQMMcQJyBnCwWktB2WjsK1eKAFx3SqUNt7_PVqhQB9qOkBLiuOnnazJpHajG-NL27cH7jiBVzVFRneq9kkeNlkgCWFViCkO7wvq2ZJ_bLlBRvwlkqHawKmBalkfxRZS5PUcMPOGAok9pH_gpBOZQB8PyYtkjaBjLyJSpUIEjYKZUeX8JrvtwNfHQwwQ1jDMMkWrG5-LDrn6OGAULjmvEVNAStJTJo2EjReUZTYF8Cm8mWL8RARqCmY2hsme2ITsnLBzxIiVfrKZ_OXzFPTQZT3uDMkJ9OskDLue6c39EMO1-mv9cC-W-ghxGVKsXCi-uTUw0JE-P3PxXROEDC0UfwsgfQ9tjdqQ0qUSd3UcWDnFyUCVo1hiD7dcx_QAPxiRFuecj-cOfqOW09O7DHNjZP3FxhRSYa5-knsb_S3-dlZU8lGUbU3cJvFzguz-PeH6ZQsxBn7XD-lUmkptwMbxNoYFDfeSLZug4dQQEZst2VqDG2OZBx-qRlKor_KwWrnomTXEzOp6NQm5UVp6zm-CmRBfiuMIP8OMMkayLzbNEkypeoIcW-bNRjXPBy6M3ZPxnfNEksO-M0JelRVDLnyATBtBZBHGF5elmqN5gv217J4dPvG4J85XZB_7XetXbu6IjusKnxvFNU0F_xOpSbCNjf9KxCqn6-MH3DgGZNlmf3l3V4nMtcavEURtEFNbwDCDevCWkh6W_Ju_g1MtNgLpy7AU2VQ2pEquHWaMI4I9lT7DQDs-FqnXayGIdYfbk0ClrmAnMdpdd1YZvlBGGzwjAy3KE0zm58_jiH46tCEegccVFPOokTJWovc-FjzP2Bvuv-ebwPaCZzpTDFkFrZSn0_jUq-imNVKMWSVQ9V56QsZScjsaYandWUvQ8D4sBvDmgH2cokCBPfqeOK-4Ti77rxou-rdtoduD0WrXkzzcOXubndticA67_A6TxPfzXTSpL_xWgUznFywTo7Ls5YlPupzMe9GIduVsWU2oySVE9nSQx2s0km6xlb21G9AFq2SklcwexV19Y2at34aTZEQ99oqnsQveZ3aeoLUZnKoG8vo7APTzDVWL_45vG5y-fdl7jXsVc-zny77T2oCl34r8pK5EzK4Dg8c_thSIcKdwyWvy6vIX5C5NnQE1kf2YV3qvyvQ1t2UhfPbp8J1ayNSNNtlBXowhr2vfU125XqK7knmIue-WwYM7d1WaF_kDDjE8_IPXtXI6rwqpPWtYbwiiTAhM9oYaybZZ-nitwkXlULkUpLPSzYlvcNm2KRzumvLZmG50Ig-rpct0HXArWtFEzYj9UwfSs8gZh8jZnGbbwCW2lAMBBP-qBgM-fPBRWxhv6g6CAt-lErRfKkAqCpaa3CUAxtmjv05jQuE7LUkN_lTLwHRZliGHkSN_C-t5EBzMgJSz6WtAimMkDT4Blt1e8Ehr3N8CqbDrjRSKlCeaoGcBlkYaonE9lkPHw4qH3922cgL4K5Bktdpy2iNs0OM9SQZ0aAt0Gc7oWzOI0&cid=CAASEuRoLv-BQgwyfZjn6J-yxQ9dSA&rfl=2%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7c057afbb5f833ef017c2af9c51eb13eb4d219186ce485dc172dcd9edad69eb6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25215 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 8BBD	42 B 63 B	40ms 39ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C7sw2J459Okq5o6CAyzjerMAbWZizaCWLOSFF2dLkxs7IL3Hp_CrXEGexr5oWezUZLdpm-0Zsd7M8NVI4hW-VfZ7YVaQb8kr8MEsNydUpUD1EVi6w Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame 8BBD	46 KB 13 KB	58ms 57ms	Script application/javascript	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197042&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash ae94e3975ce21428e1f93229730b9c4d177d7fd5f05df6d9ce8159c59e41ed29 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip x-server-name app27.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 8BBD	2 KB 1 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:12 GMT content-encoding gzip x-content-type-options nosniff age 250 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:12 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8BBD	121 KB 37 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:22 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 8BBD	13 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:19:37 GMT content-encoding gzip x-content-type-options nosniff age 45 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5635 x-xss-protection 0 server cafe etag 1091097466425408374 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:19:37 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame 8BBD	0 0	20ms 19ms	Image text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJOPbuMXD274SaP2t2tilT-aTlb2rdV2mIdOzI7IsLWg3RPCWcj19IN2PSh8HjpYz02eSxprFFaTkwvpL8oSlVgGtKYQ Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 325E	12 KB 5 KB	6ms 5ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4637 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame 762B	783 B 531 B	32ms 28ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e1024b0626e8e9316bea1eff6ad94e0795ef197752671093924620b7d454d988 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-db8xgDvGxersUIC0pXmzNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:22 GMT date Fri, 04 Jun 2021 18:20:22 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-db8xgDvGxersUIC0pXmzNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 5B7A	22 KB 8 KB	6ms 5ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41203 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	Enabler_01_241.js Show response s0.2mdn.net/879366/ Frame A7D5	107 KB 37 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_241.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7cdfd59d0748ea8674458b0c70ac670b5f5f973ddb26b37b2f99b64ddb7a2a06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 19:07:23 GMT content-encoding gzip x-content-type-options nosniff age 83579 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37392 x-xss-protection 0 last-modified Tue, 14 Jan 2020 17:33:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 19:07:23 GMT
GET H3-29	200	preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame A7D5	64 KB 16 KB	29ms 29ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16579 x-xss-protection 0 last-modified Mon, 12 Feb 2018 18:09:40 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:22 GMT
GET H3-29	200	tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame A7D5	112 KB 38 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38407 x-xss-protection 0 last-modified Wed, 04 Oct 2017 18:33:56 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:22 GMT
GET H3-29	200	da_DK_polite.js Show response s0.2mdn.net/creatives/assets/2377528/ Frame A7D5	86 KB 27 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f4adbb04efcb4683d989d1bdf5ceb15ee481b444f2f1eadc19fb9fa4e5f339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:25 GMT content-encoding gzip x-content-type-options nosniff age 357 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27158 x-xss-protection 0 last-modified Sun, 14 Mar 2021 22:07:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:25 GMT
GET H2	200	sca.17.5.5.js Show response static.adsafeprotected.com/ Frame 8A60	82 KB 21 KB	51ms 51ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.5.js Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip last-modified Thu, 29 Apr 2021 15:29:23 GMT server nginx/1.16.1 age 2847460 etag W/"5356fa8b6073c3eb408487be61ef7d77" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	mon pixel.adsafeprotected.com/ Frame DE48	43 B 216 B	59ms 59ms	Image image/gif	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324078358&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html&adsafe_url=https%3A%2F%2Fwww.gool-sport.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.gool-sport.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&adsafe_type=d&adsafe_jsinfo=,id:f6d54b1a-4e0d-3725-abd7-66cf37221397,c:eBb4kr,sl:na,em:true,fr:false,mn:app27ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:szokKeV+1111%7C1112%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C153%7C154%7C16%7C1711%7C1712%7C1811%7C18121%7C18122%7C181231%7C1813%7C1814%7C1815%7C1911%7C1912%7C1a11%7C1a121%7C1a122%7C1a123%7C1a124%7C1a13%7C1a141%7C1a15%7C1b11%7C1b121%7C1b122%7C1b123%7C1b124%7C1b13%7C1b141%7C1b15%7C1c%7C1d%7C1e11%7C1e12*.925113%7C1e121%7C1e122%7C1e123%7C1e13%7C1e14%7C1e15%7C1f%7C1g11%7C1g121%7C1g122%7C1g123%7C1g124%7C1g13%7C1h11%7C1h121%7C1h122%7C1h13%7C1i%7C1j%7C1k1%7C1k21%7C1k3%7C1k4%7C1k5,idMap:1e12*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:486,oid:85a8be21-c561-11eb-8d84-02617d9e854e,v:19.8.206,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-server-name app29.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
POST H2	200	node.php Show response node.setupad.com/node/ Frame 1767	0 208 B	41ms 41ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H2	200	dt dt.adsafeprotected.com/ Frame F343	43 B 215 B	115ms 114ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=e39bf9d7-563b-6e16-7914-ad60be97eb74&tv=%7Bc:eBb4lG,pingTime:-2,time:773,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1348,beZ:1349,mfA:1836,cmA:1836,inA:1836,inZ:1838,prA:1838,prZ:1856,si:1861,poA:1861,poZ:1866,cmZ:1866,mfZ:1866,loA:1968,loZ:1970,ltA:2121,ltZ:2121,idA:1866,idZ:1924%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:728,h:90,t:512%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:774,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:512,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B285~1%5D,as:%5B285~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:szokJZv+1111%7C1112%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C153%7C154%7C155%7C16%7C1711%7C1712%7C1811%7C18121%7C18122%7C181231%7C1813%7C1814%7C1815%7C1911%7C1912%7C1a11%7C1a12.925113%7C1a121%7C1a122%7C1a123%7C1a124%7C1a13%7C1a141%7C1a15%7C1b11%7C1b12.925113%7C1b121%7C1b122%7C1b123%7C1b124%7C1b13%7C1b141%7C1b15%7C1c%7C1d%7C1e11%7C1e121%7C1e122%7C1e13%7C1e14%7C1e15%7C1f%7C1g11%7C1g12*.925113%7C1g121%7C1g122%7C1g123%7C1g13%7C1h11%7C1h121%7C1h122%7C1h13%7C1i%7C1j%7C1k1%7C1k2%7C1k3,idMap:1g12*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:260,readyFired:true%7D&br=u Requested by Host: c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com URL: https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-server-name dt42.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame AE04	43 B 215 B	118ms 118ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=1cc2cf6f-eb09-1612-e6ec-46fc734f08f0&tv=%7Bc:eBb4n6,pingTime:-10,time:1607,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622830822494%7C%7Cd4337beb289b1b0dc91fd2feb54504f9%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cf9901be23595895c50e013082399e9f6%7C%7C38fa8aabec0e85a8a11a227ffff11899%7C%7C5d71a8679de3c3493637cab3205314ae%7C%7Cac6d865a9c82bded53aa0ca5254529e8%7C%7Cdf30617f6092bae8df552ec833a6fd91%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-server-name dt27.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 0042	2 KB 613 B	30ms 29ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjD8-CZATAB&v=APEucNU5u2WeeHonWd_YjWszz1eeLYg32_jnQZkdMeeUJnQLcizasOZ56m_iYUw_Gfq9-DAy8_l2521mU8CWdQoXQgXdYkpo62KdWa6-T3QfloRQ0iO7821K47sKo5OXy18iVq4l-UdLb8AfkwAgBt4yjkyXemGIoboqMv-xU4A2E3kIAIBfSQZMgqb9bjH3Il7hDHNrwRZ5FmZu9uT8voNGy5AA9jKtHm6BlKp1qBRv_6ZyA5Qyq3jpO8WqDLpLm7Tv7-XxLIm2EqsLUpBuH7h1OuxQW3ZKYu5ASeIqVCA76jPwuHECqHmYa-uqbU0n0TPpLxlXZTH9esoRLp6UtQBIYhMHKxBuOO4M2YnqX_X_ZjnVEHvT1PDgkq2HCEgOhS6qMRitHNlTDEzz-VFEikqsF4VQUxackLMS_0cLTjzM1hxQUAaylOyGUy5VN2LK-_Kelklom10B9ZyqmQh6RxuHoU18k5ah8Bz6uFt1ecN7dHcI_VDfulkx5YLOSsfx9ZJhMuoCNwdqBzkwDKjSBA_yI7GCLV92CrJ-b-zXZtN4VUHk4PkYNsGuWrOloZeBHYnSAJ9eRsTMfmWijunOCKAu4rxK-msLgGo9vYeY_y8doWyazLVMeUc Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8fef4e2da5e436d01e2e2844d095042c6bdda082cf99c2ae168765fbf893d744 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CJfnugEQw7j0ARjD8-CZATAB&v=APEucNU5u2WeeHonWd_YjWszz1eeLYg32_jnQZkdMeeUJnQLcizasOZ56m_iYUw_Gfq9-DAy8_l2521mU8CWdQoXQgXdYkpo62KdWa6-T3QfloRQ0iO7821K47sKo5OXy18iVq4l-UdLb8AfkwAgBt4yjkyXemGIoboqMv-xU4A2E3kIAIBfSQZMgqb9bjH3Il7hDHNrwRZ5FmZu9uT8voNGy5AA9jKtHm6BlKp1qBRv_6ZyA5Qyq3jpO8WqDLpLm7Tv7-XxLIm2EqsLUpBuH7h1OuxQW3ZKYu5ASeIqVCA76jPwuHECqHmYa-uqbU0n0TPpLxlXZTH9esoRLp6UtQBIYhMHKxBuOO4M2YnqX_X_ZjnVEHvT1PDgkq2HCEgOhS6qMRitHNlTDEzz-VFEikqsF4VQUxackLMS_0cLTjzM1hxQUAaylOyGUy5VN2LK-_Kelklom10B9ZyqmQh6RxuHoU18k5ah8Bz6uFt1ecN7dHcI_VDfulkx5YLOSsfx9ZJhMuoCNwdqBzkwDKjSBA_yI7GCLV92CrJ-b-zXZtN4VUHk4PkYNsGuWrOloZeBHYnSAJ9eRsTMfmWijunOCKAu4rxK-msLgGo9vYeY_y8doWyazLVMeUc pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUnSzAWnPbiLBpHhYWKGXkbaF88a39tmh6TfePrZSMw9aAE4hJZ5EoG-SkboZDI Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 04 Jun 2021 18:20:22 GMT server cafe cache-control private content-length 592 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame DE7F	24 KB 12 KB	56ms 55ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAvQ6Ccz4zX8Oy8AqrVU8k_za0XWHQW9dgv_q0M1BOotvZFGoao38q02_x6KLR_eDGsJVLqDf42w8fQi860isoGutF2jmxE9lDfjo4gXBsqIwOREtDqLbjAuLdch30VJ4R7xuvd3xF-xzkTfFKdhYEH3STTg&cry=1&dbm_d=AKAmf-BqG23wDiTF802bb5JdHR3A9o57dbmni6NBrNdnNRq37keHD6tNaxV6eOR9jRHp9ET5AAhWorb1gt9kUoPFM18M2kKdSuQmGWf8k60frFPrRp5teF8U1nCGkoZe4o8A2CAawubqgGW_C5b_M4Sf_xmQgQpI77U1R-zNMClmn5WqYquR5uUQqaPI67MKstwyzJc4LD0_Ulya7Fg1MEvfcP0a73CLUULJExc53jsqs44-7gRQMRYz7xv1RAwDNUnIrSQlVVUKPAJv8gYlyulhfWqmvSxn_TJZJYIU6SyugxRizs80AZhtjM8K4SJK-tOwYIZWaBgkKNpe0a-5Q4gbuuQkrfkVbkq3M7NmIU4yh-hTmj25msChpyj_zpdfr11leJzZBxFvQ67JNzB_d5YmYRvmUVbqhDHAgSvsSPTPypS8JfnCpLWPU6oi2AJtInyyJayD6WR74qsGMX162ZBX9enXfYfia67nHohowpRIwwHnMd3LUxgxSqmE6Thc36Ku7-wCD93g672zMe1F24bn6mUC7wc6A-PP5BHImFiHSRnk7Eam-sfll80Eo7YnRRAG8TEhD7UX6lra3pj0gQesbvQhmc8JQLOl6TtPIjBlrdevPSw_cPqZNtd7K3i4I6WjBt0RpAT28AZwyHgrIb0-oEchLvfCn7OMJAud7C1yi5bcppKfGxncjG2kWR_oZgUWfLUxvGDIP3pncQCSeUSgAoepcII06DAzeJWmzkkFh3UFQ00W_mYXILS6NQqsQTvpyzlZXkbQ7788PXMJAFmlqLKgs9YYsGryHtH7AhPjhz2bxNH2S3Q4yriYvckK8aqKoQHxxq8R-byAZc5_F7UHX2-yPyVF_LqjPci_jl9W2zgw9pUMks2KdMcIYlJL3aYg1bUPni5LQjTZAzID8HIZ304jJuDpqSS7i67aZoutfxPN_Aafh86C7HK-Cw0Z61jbOV8g4j4Bo9LvectQOck4JkV-f-J8lj6-dKlkrsAJBHT7P8TsY7dt-C1FcHhJgWPjwJfKpZT0PIUCOLv88cJ6G2khaIKWYIAmtkt3JLLUzZI3Hm7XRFnMARy7GLRHAPxrJCIuBw5f__OnYmbT1EVlBOEJOJILxE_LjzGCrahePAXok0Q2Ujvzcselm9ynvDb8DmwcXEAmPN9LW1mTEyEt775FX7_BSR33XOB3kuASQOE0nEsg4ip1QPHsCpI4JN3VGKpBaMgd8VSOkAKuhX3vr84Iv8er8E7wGoShh0kbG0pZI58b_tKEYG21GVU0gqdpZyfP4U_X2sIZquvrtJWsI-bNms0_C78M6iL7Rdhar843-bgcveL4AUVoz3aHySVoLi0yakGEmh5U1SJoMU1_i475yZ5UtEEkzmT7naU97R6hmUXpK2zUGLvCdVr-hrO12JtjEDGmgu-p6H0KbIfSm4Gla9Uh2mEQPKj-larmPWwBKfHan8Io5tosudTUX-D_bqwDnQZ3jmVU3Vg-0__7hnInGTSXI2sd6M5id4DNc40wz99zrEMeIxEHCiT-Py7lNl7-J6t6KnJnvx6mGyHveggvwycFU-BinXDvOBRQlPhhhzuTqDY9_tBAaRBhF1BsoEJar-sR_Gt2YQHyZlFmeSEQQMKPo4bRzmNLSbSD4q3cjuQbrK6wYMvcWHpHCV1Dr_Q_tRQf6MrSsAntX_aEA6yG_srBVD6Y6KJ46mcs5ets_6aDlgP22RmJ8mzwyyhLZvSUGBZ7cmlq6Eqg0g1gxkFVWQw3_NzUKhX5wJ1rcn03GDAshx9y7aiQkXNPElSgBjKuxID6yn7IFe1FvFTksRIsz6xzMHrjaEprDhlaDIR4qacSpU03SS5i3UkLgkx_KHpeqv2Qsm6nqZGZmV2uA4N4AMkLQ-cHYTRrvQApO2wyark7CMPNqMV1bdLTpw8Fq6Ot5KhuewBE6jgMk1feMdF9Wyg_nsfpaN9Nk1mSUrU__NRTc2YOiQl7ZrLgA8OyoFb10dy5a3sh_4Mga1PzyTLuRUELTM_WkGSzvFA20cnfCRx8Sg0HtBgtv3PH2t4_C47PWfc1JXM_9-889_HeTVYVmjFjJv9J6VvgJ-8xNGObWvLz9_QLkNcW2dgUvRyGvQcUUzOiy1W_wY_M4a7FmLe9Dv4Q3g_2mhalnefhchgZQMZr2j-Dk4_F8CTn1qvdhb7WV0Db7EPqYQvulToxunph4m8dx5jAyOnqsV4WxJ5TgDPQJaHsnsIVbfgxXZZByuc6HvsdP3yQ-I7mwdwIeepa-6jbOCn2b5ktSkEJgngv0f1I2RJ9zcWD97U-a6PVu_NGbidAiica1Rc_jtWR9JP0rOFaUt93an7mbESO49ksxvw5RPDOkeEIHL5R-3DXntQZOjquouyDTKCMZgW0EXN_fECqAX-yCRPCHY2gc-EtIyoS57P7FUH9pP86-2_1zkkE8emEa3fqxGCDL9PWcVrWWdInn_Wtcf5t9pkTvDMEIXcaQ2VI2LvKq-3Gh5vuFeY1GN6FGUtIObVsgz4omQhpoo76yz4uqPcPBWfLDJYzD6-KcBQ2v5oiEDJA942grOEaXWoGwTSUtAfasD4UuACUm7tZ_R46jyC6sJZc7hzgMUKIsqq-EuRDu36xbwyEWeBChRmer3YJBRbg54UMmzwyWHkWbcn9ppqdDE2vAKnJP8a0aXliXIH5Hz-qAEIOWDYE1MdQyHJN_fVNnviFLSooLo2yQNmajAXK0zIi_xXNAPcTZZzxPUgnraYWMFWrlxbPF2GX6y71AgwdPPkK4tX3CZ73e6MaZFpwv8hBGETANEnakpK1SbOfm9-Z0U-YUCgNyyYlBpToO4lScce4TRxM3y00BB0D3U-k6yH6hfi7RcdsMWELgRSplUc6L3abidXaRuPo1aiei7TmJ8KhdkkZgk-bf_Gt69RttqXJ__Bj87yxVTgnATA98CtQ-_p42fnXIyXJNBVtrToIQNQrqEqbR6OQ3h0ywoVL4Dik9i2O7IN4AAPoRIhk0ceAz-M-TZof3VVaZm29_xfNEdhEAwqkDgL6aVcDMgUUkPc5nF8ZVwlwAbcgH4h6ViYFSCkAqGyJIMR6Yw-GFshcQ_krw9pr8-T84qORKsNkGYJgUMwVkuPRy3TyZK6FsaL2wNrrRpzP9TJ8z_HxuxHHA_JyVNU2Pmn0ImYVanx-eipD0HYd1VADIlKYLjcJf3M1NSkXgl6MyeOD4ZUmMOiiTrB3sxZVeFcUEXwVuyowC8TNkEclwIauFX7J1nbKSmTzOaGW-FwLGgXxEv57QHDOfShbRH9b9WheB4FTI3DJlPcfbPry1QlkIMKyTu0wg3WQnI-K2MtNFkQn-zmRBY8MzaLFIkjqyCWQTqlZDTP4fnTDDs4UGsLJRsXyZE8enpNg_b2WKlnt8nk0o4LgQhSn5pvlt1i4lSv94xOTHmkABe630Uf3NEkNxdV6EWv71mhRo5uoYG3rs0Nb_R5otwSxXDQmUGxEQ6HfRpDHGg-VcY-YVNU0xMtojYxPVgnoXWkNVbPXo1KUrzDvcSOgyfgrKpyCpStIpxR9TtceQiAE9-hTouvXyC8d-q7yk5_YCRsVNyDQhCG4rz3D9ojX3jLcP9rhSNfit6P1ZkS-34TTWfQ15RHJv7rMYMC7ntnL094Yt-4D8JeglemcruCFhd6r6K_-NYJYRqVavhMmsCG9kQ2iYwxXd8wgOL353bXelvXi85gKSPp8Do1ZdjI4ljW8YJOx7ls6h9p06qMRCUiJsStLxYorRO7XpBG73AcGaE81zN5I1BcKtGvPCkI_3Z8h5fsht4p9qFpEG6rOEIUEpbm1Ywf1QU11nw9Rj5Dzbypj3xTtX-Aiw4lVxAPxTiP5ihoq6CiIDtJLqj6ywKmdbwrBbPWaQa07npkH6hkFkV0v5rK2V0zxdctATNArHgqe6ar4pj8V8qRQLqqii4fkamS3teAnBPHk2zShI8aRPhwuf0UDiH8N3G-fO7sWCppiVhjtBSwhOTYj7X6d3j1a2A-k4BeqVgUg9fTK0RtQmaxFxuETen6bPn3TuUhaXFc_-w2T6SEhL0HNiA&cid=CAASEuRoBiQ5ngVsgsO_y1f8XYOqVw&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 72f5fb64d67eed1b1362a4ba47164059ea71e43825c8532f8fb6a6b9d650813a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12242 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame DE7F	42 B 63 B	41ms 39ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cr3cRxaOsIC4Qa3O6vXTpG8c_TPVr3azoWKB8B1HUep7MZfpWJ_HrMhPKkXO4Urnj-j6HyJq68_nMYLWJ3ansI7x5u8kd08sGkSE2IBerMjbM7zdk Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dvbs_src.js Show response cdn.doubleverify.com/ Frame DE7F	2 KB 2 KB	21ms 6ms	Script application/javascript	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4230020&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0g6Su8w3u5UCarJRZNGJ4ht&DVP_DBM_1=3060631&DVP_DBM_2=11817067&DVP_DBM_3=32228463&DVP_DBM_4=322451907&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1143429364715&turl=https://www.gool-sport.com/p/redirect.html&DVP_PP_BUNDLE_ID= Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash b6b0cae917b7cab30c559158025a1bbd5d2a026aa792934722b30e075abdf65f Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:22 GMT Content-Encoding gzip Last-Modified Mon, 31 May 2021 11:07:16 GMT Server Microsoft-IIS/10.0 ETag "11a0951dd56d71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 1338
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame DE7F	7 KB 3 KB	24ms 6ms	Script application/javascript	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0g6Su8w3u5UCarJRZNGJ4ht&DVP_DBM_1=3060631&DVP_DBM_2=11817067&DVP_DBM_3=32228463&DVP_DBM_4=322451907&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1143429364715&turl=https://www.gool-sport.com/p/redirect.html&DVP_PP_BUNDLE_ID= Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash b7f66a926061e968da66d7fb4d87e45c24dc934a20ff0abfa636a1b3ecd91cec Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:22 GMT Content-Encoding gzip Last-Modified Thu, 03 Jun 2021 13:21:45 GMT Server Microsoft-IIS/10.0 ETag "80ba39667b58d71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 3195
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame DE7F	2 KB 1 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:12 GMT content-encoding gzip x-content-type-options nosniff age 250 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:12 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame DE7F	121 KB 37 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:22 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame DE7F	13 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:19:37 GMT content-encoding gzip x-content-type-options nosniff age 45 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5635 x-xss-protection 0 server cafe etag 1091097466425408374 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:19:37 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame DE7F	0 0	21ms 20ms	Image text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAt2v0pOVn31KuDXf0WEQPlyZfZ-02if9fzyi99gMLdaCwmXXeUiVmSZjXpmik-OuhoHdmhXRpOXxoPQ7hZFTUTC4ebg Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
POST H2	200	node.php Show response node.setupad.com/node/ Frame 7B91	0 208 B	43ms 43ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H3-29	200	728x90_G_WD_Corona.jpg Show response s0.2mdn.net/creatives/assets/2373736/ Frame BE7A	6 KB 6 KB	9ms 8ms	XHR image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2373736/728x90_G_WD_Corona.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87c161b2701b2efa2b6651fc7c5f2d159b8038b9f67b7a5ecaf5df441b751ddd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:11:18 GMT x-content-type-options nosniff last-modified Tue, 26 Jan 2021 10:25:48 GMT server sffe age 544 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6572 x-xss-protection 0 expires Fri, 04 Jun 2021 18:26:18 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A515	0 20 B	40ms 39ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=2312845205890520&bg=!DwylDEjNAAY6sG-_OrA7ACkAdvg8WuBjVWVN-FKF4TbrsQHOBz_kAH1V-rB2IAdLb89US6mdmy1B8QIAAAS6UgAAAShoAQcKAA6w5YrqOTVZR9-Cq14ySJkCgfmn30y8QiuzziquCmrotDA-Xk1HDq31L1gtkZFDqXP3do4FtqauEZvmlyWtipmNT2AweJ3TTpq-fKXCDVq-ZIaqpqSEuvn498yh1KsQM4dJSO18JNxB5KWC3z0rbT6gLbCnZGHjIdz1ThKEx1tFF05cSGvVgEu9P7SmcjoUWNcQOeAU636MHkElLwzZFNg0ifQhjs9MDuB6XGvYYHGSkO2GPx9rz571ZQao6n1BJV3EH_71Gzid8_zB337OA64WO6zAl_tU-Xw89Y-K3gmoJv-FK7OvJeWIfdUmuFuHLzJo1Ok41CI0SU8Pj6UKqOthK0TDwDaMbJI0f3quQZQ8wIA5toZPDmrMN-9WwBdFX-QX1m3tQxl9VQgk0CMJxusxEwutn-7iEpc3iIxBADjX8JJArRZrpSbj9DNN3Egh89s6UwJG3W74nLIbmXtTbX7jtU2xiUnMsQYJUSSnDCw66Hebv7GaPUYtVMqGwE-F5ywoR935NmDjvQGXqEh2YQITOzuGTMqf13qHzyJgDzMcuqwP6LawAvWSljUJz-7A7iyByAz9FBEImj57halwfILY62bR__Co6NunDlDH7iLsH13Slaoh9JA5S3bCSXYCf41KJmlozyfStQTp2-37_5m_gYl_AfjeuDbhU45WhHHkAxoA-TP6s58jjtparLFTVk1w2R561qiGyyoEKxGOOjlzK60c_iW5sPNibHGKudoScT145qOIPCqPJkzXDQ6ty9ydc6cYPmIsQFJjXyA7Pg7KkVpZtccutMnlrPPE5edMXl5vJQyqUcY3PPzQHCxudVF_4TOoEBFf9AoX57abr2aY3AODhTmOCH7WDirrvzxRm1F3 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame F343	0 23 B	89ms 88ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstInX0JhhLhz7EUmIvnsjNw5QUNu0F6c3ldAFAmUusG10ekMdCUilJVtwh803Ol-VgvonwoXRa_lwhtmlS5m-ZiBZATLUp8GydG3FfxbWGlpmBTxaz3YtxVjsW25u2gTU3eq7c_SWj_y07owwMCkXvOUPghqBrUk5YsSieCmrlmcm0dwQsTUGPkkxJYRDmqz7cVbV2_ltn9S3GPLif_SLF9tHXRtDHyyq3qoci8n5J6mKS2PNBkq4iUzmKfvYTzK1AUOwofk6hwO1QM4Jx3cj2VpMaRP8J76N9e47XJKeuG_gn7ksosdIP18W_4uFOt-rZcr72jRuXFElGEsnq3mOzbRJ5tAvTcFVUhoGc_PBwcmdRo9A_G4z97Ky4VgqWlUDE107XMS-L3dy5zze4Mce_3p0T52J9y5F2XK_LA-EDNzc6CWdsw1vyCpAfnxb7oCDh38fX0U0_bDOUWZwc1kAlfMrE9B39HgAaRRoFRxumskp4ULESU5q-Dm8e6H42yElAJV53F6rCoh1Tisdy6DQKDznZXA2GUtfAyFP3HNkeHHR4mzz5EgqbIkRQQwtAi0jSD7du4wMJWHlsa7jdIujl5qKyQ4CNujVtm6e1dZ7H7fBKSvldwUacKDomk-dZBoRz447mYXMzNyieSVEZKi4bGHG6sJuqYFZTqaeAclkYbFjk-aiRyEO14rV6IJlKwcVaYqCEK824h1EO_zv44XQHpklwFJLkBg-342FXo5aZz_YyD1eHrfnOLr-RbquXtByurz2bWeAdkyl9-8EuPT7J_kOw66APMtxqegIoKb3aTaSGbcMh4dJ_rSsmFjf05E0nYfQH11xW6bm4jiUYsbsNRJwAwzIGpYZxgRuJMg_dD9DNB4EDmjRqnfIRlwfCl7GXAooZ-6MAgstYfSg5Yw6lTjlH87ZeGv04736oBV7JgD8fEngdvV2rOupPl6gvwZDaCztKmfQcSiwvQsC1FjrTi7K0ure79giL_-V6KRViINg7NZypfWTQWanB01FhFK0r7UzsUiW6rO7nBKo24UUU6DaKngMWIxSmf3J7gzJkWoh0JHyPMgTxuLUsoMkG3nRva6qWKz3hM7gvjs0mCzJ3Ul6frDXZay7f0u71RxEpGICWtqhzhydHNpd1b3RmqfDr95UP56b2LKbi_Xv5UtAP5dZ-2243MyZ3KRZmx2lUKrvR1gRF1xKixWe-rR5W1HjprdCWeMy7258LoXk2dFovbqHUJAu2lazs6TGZzh9qHgl6zQTHJFuFyJ9IJfnoIVvf7SQpwDztGug&sai=AMfl-YQYEIGyPLObwbjACRC2O-9WQhs-fWVa62_MieyG7gbHrCYyPhTjU5b3LBxTNqTgNXIZhsnwNJhk1_U3n8Gu58IkXjQFrx8D0myCHil1AJl6BdII2TDg2wW6KQEImDGBdFGy6YAKrP-MZsN--BIXBBTcLPyEsQ&sig=Cg0ArKJSzMsKKhMzo6LzEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1650&vt=11&dtpt=1211&dett=3&cstd=434&cisv=r20210601.82973&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:22 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame E0AC	2 KB 622 B	30ms 29ms	Document text/html	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsY47LEmgEwAQ&v=APEucNXCy8KZr0fOZlEh9jEPYmDbKIFF7Uj4EGg_iyfgZfgyMIIcHZOh1t-GQ_InzJf3qYK9eP0i05XUiLOPpLfu47fHfbUszEJDnlqAjeJT__178vUX-ap33GtmyUGrVU4NmpKqJTCMRoL3RHLxj_qb5uc9V958uGvUXWGcl_36HfhnodS9z4oIRBrfoM62KCh2BR2kSVYa2WDZM3jpbxtavJE_eeewpib94ikwtvu9CID-Z-WMvNsvyMTwWuBtk3-OknRY5t2JwQlkl_qztPy4viD-M8DiCxwdmVuwandh6TpumgrDpP1wQsCYUP3D_s3T30duL8x9faZH7POOw7aPiF3RkPwzkNYX1wz-LCd08CdVrCvHGyS03oTDcTVB1uHHsVP8W7kN-m_f6Gcg2aqsvGRdDhSCNJlz2AZQ3kVHKdx-cFwTw09mejILUoz83td32uysJYis5kwCn2YjHoXyQVfnb6WfA0_ejCGapZj980xbkxrMycukCAIWZw_KeZxix1v0kXMMUQ-rtwuG1tBov6k9wxmO-K6kHSHP0YpuLzZVBFJsb2XDs6OsKbBHcuPWDBGRZEiW22KQFDw207VCuA2VdkMZM8de_kW4msKq8PkR1uZKLes Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 839562de35cf2cf79c3aaf80142c43fa3c19fc806e9c0f0a651afae60275e7d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CKCQWhCPwFsY47LEmgEwAQ&v=APEucNXCy8KZr0fOZlEh9jEPYmDbKIFF7Uj4EGg_iyfgZfgyMIIcHZOh1t-GQ_InzJf3qYK9eP0i05XUiLOPpLfu47fHfbUszEJDnlqAjeJT__178vUX-ap33GtmyUGrVU4NmpKqJTCMRoL3RHLxj_qb5uc9V958uGvUXWGcl_36HfhnodS9z4oIRBrfoM62KCh2BR2kSVYa2WDZM3jpbxtavJE_eeewpib94ikwtvu9CID-Z-WMvNsvyMTwWuBtk3-OknRY5t2JwQlkl_qztPy4viD-M8DiCxwdmVuwandh6TpumgrDpP1wQsCYUP3D_s3T30duL8x9faZH7POOw7aPiF3RkPwzkNYX1wz-LCd08CdVrCvHGyS03oTDcTVB1uHHsVP8W7kN-m_f6Gcg2aqsvGRdDhSCNJlz2AZQ3kVHKdx-cFwTw09mejILUoz83td32uysJYis5kwCn2YjHoXyQVfnb6WfA0_ejCGapZj980xbkxrMycukCAIWZw_KeZxix1v0kXMMUQ-rtwuG1tBov6k9wxmO-K6kHSHP0YpuLzZVBFJsb2XDs6OsKbBHcuPWDBGRZEiW22KQFDw207VCuA2VdkMZM8de_kW4msKq8PkR1uZKLes pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUnSzAWnPbiLBpHhYWKGXkbaF88a39tmh6TfePrZSMw9aAE4hJZ5EoG-SkboZDI Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Fri, 04 Jun 2021 18:20:22 GMT server cafe cache-control private content-length 601 x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame CD14	64 KB 25 KB	73ms 72ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPvm_hYu1WnixNU3VGYmCitJtBKdJHIFieS9r9mGG5_YDfPHfxOjkCGQdXnVH0bE6_qCjtEz_TqWB8yeSCp-m5nvfrXJrmi8HZncjwoLeKvwSKxVuAPXLkxqwkX5xgHtrKknPRUKcU6t9oRGA8QE6Dvze_QA&dbm_d=AKAmf-Ars881fPE4ypjlLdcJbI7dEv4Ucg8DVSmZkwR6_EEfS3QhBM7TFHOy486sgxmIxuEuobVr3-jH3k3iJDW7LAqnGAOFGUQxBsMBOpC4_mSjNojClM3ev2wl6snwpPURvmjDuZ6RJ6LRlHFWDdp6YoJ9F12PGEBRRnU8M9PD_cQNhIMLkxuIgn3PhvV2ek-qRsSVBp1vstKN_C-4iCPmXI7cDBeDQxWmarWS5EhB3d4BzNxmAyAIXyFcXJl6VDbJL_sZZKCcTCA3iNMcuJnxkNI8rwCafGtS3v5BgOBi9io5f1-q5NhkyyUDhVJEvrGwj1GjuiezNN0ezLsrhMzviXsQ_Z7kLde1qEOY-6GRVOt6_tCR2HO9Hr0teRMr_h0X-PzcA7ZUKo-LutdJF2lSdprLBUknFrYEIWwl-_IXGE4VrOD7bSHQb6GMJ4Jq-FGZfeigak8hnzz8kNIvNZooKIG-GsoTfywovIOEIQw7XIAPJnZHQk_lSvyxoObP5iHbRGMMEXPoRdGYvJub4NIyMz4fSMP2G7JVWAEJOnK8y4Matl5I0kHq4cY9dN0F1cMCkUuuOERi9-vV_S7fAZkpLyLklQNAjqjE8QRlHpvajBIRwj93kwj3HUJqBYeQWbKL7cqULTSdLEB17yg5ur4PnWRn98kK5alCVCHFcsP88H6dEiDMfBELevinIjKM7GJWmTzGXdC5jzHKuuI5D2SHOb72V6xdp3MN_gQgL0wjO0Zia4V8L_XvkrhUHF1ov6BVhe4gbXqyis1zd0pKyB9oU1kqEDyA207Nz4lwcMqno5kRWEP0LWr1WlaQBpTu9qTceHBJoZR1GIO2vb7BR68-lFJI8Rpou_WmAyOYRqFz5lFKPeCJ7M_mwccoaBsufbBogEbo0xfv7apPtWdBUqsngCkJccBxmgEd3XsihksvT7ZHXH1iQhd-SU5urO-wBVWaHf3vx2CFyII5M-Wd6trIRgfD0TOXZxtagCd6_6qcCsXTArzV71lWynr3rKecoVpqdUQDg1Kko4mck1znmGrrjXBX9PCvLjO_5lT8uV-rj7pfOrIurho1Abe3_8-oxzn2Wps5M7a7VgFgMyGr8715uJY_rlZPYOQo3YND2BfOqMBPwk9CZvZTWl_vswsn2w22baypizifRQ0SYAqudoSuIckv3SqnakSq02g67p8A8d21jisK0PyYkP9mkLn6KoGEsllwwAKiP4g8P0vr66YOpKNk6aGif1va8wAx4kJj0FWtnk334ztB84ublKR8-vGLp3t3NeCVw04PzFlgpwVCDD5f_WMveaUeE18XHDXA_tdfKxEbL8ENZGzPYrCJqDC4tMTP2S6C8vMrSXyFAiDRqxD2hre9ystb_-njuCDOaqQncg87Aiv1DokV310RNW_j44YeDsxopHcVdS9I6ttVWkCltid5uiMOxPZd_oFeBsPlcdqCEr_qNsvXeDHeOHpvFCWJ3D7GtZgw_pTFJlpaUaIT2ISssQIP10x3gpYZP-qigxhwdQ46BuI_YkTAZK-mVwkKZAnbD3mOju3PNpCOyKnkByh2Lr3wg9i2jrp6gDFiLLuUZXvAvFfVShFl4_y5Myfio_39PJG2wfJHdOVpLj3ndvu_B9IW6DlUUtOf0sE9oTcgpL9c5HedsRlZohP-Nbb1agYElq8tkGufTkcCq_Q4xyV8cCGKYo2wVCFw-SBJivIWUMjCGMDZdNjC3BWc8ExWp9YNJWQ5JdDgi5IuAkBt_Z4iijNUHdsdOy4aprX1jenELuzDnN_SiKa6Ct46AAtzztVZJofxs_FdFwlSizGZQ2iTF1sDT79ZF_hDshrIeil5gfMtCnu6CNihQgbgExxLyH1nD9M-YKO_F0frJVWHqNniyyNVA7jZcA_s5IMSk8N9tZAYMA1LSjuUmFlD6Vs_eARd7UWVdNQUkQxPDCTse3NBB_BpJ1S14bK3x6nMpXCEbu8khp-2-p3V44afAqzbr3AHOBuW4C35QL3DEO1vpJRH-dmIBY-1Jy2meRPFGt0eP3GSC0ttnu2pZpnc_2W7TOieZ-DjGz5H-q3tJUMtYrK6KfKEXr5rw0kbvaui7Lmu2bH_pL9R1qNpMuldzoXZFekfgx36LL5FTcfe0lVEpLzKfGmaNOX5m6rQIt_0ybwWfoqHjxPKMr5t95-mTm098AinAIh7a_wwyryV8WpqsEqBeK1G4exrJ7aPaS9_JcSJMCkomrhEbgFYOh3VfIN_-oKPwzkVarpSGYO3fMq_rTZtVi4q8f3DmU1lJNspFsC6inxr1DTxyI5jLOkch0GLwwklv8djNQaCaqIoKvtvu5JxAEEy6JEoEPg99ixDWfymK6hF9iWAYPIc8BiAh7QzXPR2L96x1ueL4M6_5Mlskg_JWeyu_LhKvN9XqJJgen7-xu9yTfcryqgOjqXtcznpSc2x365Mc6GDfSxwfXNEQOvA3TX53mRUuXGynjlvscVxRna_fFAKx4109T7uSVgGhwJieMd_6p4Xqe43-f0W2a8cr-rtn3XP8qFnUAGvGhfQFBUOvemtJyQY-zudvmGrCJnANqkw-zGJyfen5SBlxJ_AIMJ3jwNwncHL5CyG9XbUiTKW9K5AdR8bPzfJEFlWKa5-rT4dPVOXrTFfn-a3sTR81yfbWlgCe1Cvr3y8GnE903jszj2eNL2ATwziGaLyidioa72g33zAORbuPM-mQ7mvWXERMcZVXt47aNP0m-_mmeyHSYMvaaMorF6wkeaLeo9X8RA88DtP63faGhQiNAsASByWXQKsyAySGUa0KauIm1sxSu4c9XpxA9WZmcO7-XZ3Dl_NJSA4kIJuWrbbeKu-FaD23W84T4FUJ46iPoNpKmIPKmXYE-UHoaScI2Byp3vclhMIWyUCABEuRDmJc_KEQ6fd6xQxd81rjD_ni9rySq9ke0ckNugy-khQFPebGFc1n0M2tw1Nn_V8cFr6073xA05Hz6tIRxUEsW9zyQEIsIs6g6Lpm7Dw9op5m72scyZc7II8x_2G6FP1oxybX1OJZ1Mpcy0uCrh4YB3gqT6rTYH_w2jHbNEIlCyxG-6CysQNFYpYM1KqUiHb5Vv_Mwr3r8yoOnhxH9cIKUGPx-hRu68NQETs-j5nKC1pVMcdAhDH0A07n1Q5uVz_ZIZRbUhEjhypwp-1r8nDeMufyBvhvzeU3NN8nNMTHQfu60Z0Ilrn7YbzRg3ewfs25srvQH880j4PlyzqtyIxmodVeB2RknxvJBx4gXp50WrcqQWwIIOdKZZHDjzPHLjAHz8d4awjKJBYSI5oUhp-8ioCMzwyvqGt1l7fh3jOL1sgPgG-2OlHjJ9YJQRkrCD4ijEYL_KIln22sT_f5v5ucdjPklPbasUByr2OMEO8Bp29LTE91Q_6n7TfWIiMjKwd8YQRiTsHrHW9NIF9BAPhf_6gsqqYL-lmmjCQcDT_5o5l9_ElnBOQUE5hlapaOtCOA7uVgRYao3IJMY7g3vHy1QzZ90r4aQZ_wzMNt9Zi4pnfyCOg3Bb4iZlTnQ_TBNT6_bir1UpDiQ7qMMz3KDLuFzKT7-hQDvFf-9xJ_pYYTpKV9fU_UlvR4AlWYI1-yykqrf2syua8_5kNgdN0F0vwImYr4aN0w4sE9nu_RkaRvYwVf3aycqUPSdiiO9sUpxEf57_hDDJ21fgNi76FGD-liwOoboYLXhvBsA6FFlJvhY_4saZ7xUNtvR_YtohU7TiID9JRv63zmKA86jJtcxt-GoBSVVwNjmaUdplsBqgSOwL7GfKpAjL8&cid=CAASEuRoOruKHowLfVEZPKj8Fzautw&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e768d11879720e7710ba497c249f2d02e7be79e380eac3b2ff552f508a5383f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25181 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame CD14	42 B 63 B	40ms 39ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKO3xeNzd8-I7tSiyANNsz9U_XF2GHL94FHyYr0-1MYrlefHz33MzmhW2lUjkeSZDP0h-3ERaFSb0pa13Uzy4KeZ8pAyVhhnn4fndQckiF4Ciix60 Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	jload Show response pixel.adsafeprotected.com/ Frame CD14	46 KB 13 KB	60ms 59ms	Script application/javascript	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324082019&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/redirect.html Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash fe1d336d1eee5f1ee259ead3e976c6f712bc008dd6d624b303f1e2f2132707c1 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip x-server-name app33.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame CD14	2 KB 1 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:12 GMT content-encoding gzip x-content-type-options nosniff age 250 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1303 x-xss-protection 0 server cafe etag 14729628269804859526 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:12 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame CD14	121 KB 37 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:22 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame CD14	13 KB 6 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 27466895d3e9250f3d0ae0e726f72b8a5c23e2aa83f9caaaf99dcb9f18fcac4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:19:37 GMT content-encoding gzip x-content-type-options nosniff age 45 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5635 x-xss-protection 0 server cafe etag 1091097466425408374 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:19:37 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 4F57	22 KB 8 KB	6ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41203 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame 8BBD	176 KB 61 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 14:23:35 GMT content-encoding gzip x-content-type-options nosniff age 14207 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 05 Jun 2021 14:23:35 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame 8BBD	8 KB 3 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTEXUD-cq0mKXlbwoS7WZhIJDKgHIMGGRETavF_XWGwG0b8qqv51P0ToUmQmIZwLP3KICGgdoK27xskmbTXHO1_GcaGoMxdHKse2cQxwK8v8eF1W7K8fu-LR_y2lkIb-Fy1l9d7Olp8tIgszdXTuPk20PAEQ&dbm_d=AKAmf-B5V37GxqhjbEU2hL1INQIKm6qbOI3JVM1Pvzjc-Lcxe35EQmgohgF3wLj0Ygvf2OiO2a2lJVgzoYqBOpiwEMTkDR2_yTNn964jALr_0jzwKYq6bxDYOBYx7kJXkr8XPHXIXTkUmLGxDx_6Y3vbiAaqTp2hqkp8lqfM67zc9Q2ST4bkwe8asnc0MHAQEnZIVlyEET4DdfAadKJgoDadbWX2B6Gm16FbvApVf-kbYU3kBHgNY4PCmvf5hcLozfs9xlviLVYuDOB0-MeDAuf4lyVUXn6JCNbzxIAPYy11PXuBnr5agDx0cLJTUEkn9NEZMDO4Hw62mynG7rsTbfVR2FSelZgNVXdjgXpDM0uVGEMLm5j6NmXrlVXnSyQBrjBJknNZGcEKfo98VPmQko6Nw6GeIVkSjgPbz3nI4cUCtmYRXjlep-uzzxbaZDUyDg5osBG6WBxumpcvLX5D4MADFNQfWEElqQ3rIjl2qD8V6GxJxG1DtmegcRiDTITN8_MJx6o-65_bBFaXmXfBbG8E3nTCaF_O5dFr1sZrqR7a-UdeyIv7dYOp4SdX-2SciI9ZC43GdipRnHpEyCSOHHJ_6P2cXV6is0FQBn3oc7Lb5ddl8ZEYMBlBNg4JRUaxVP8_r1eiymoLS2jx3Jc7wcpo3XupRSHdMMCzOGcTiaz4aj-MKQJoDFNtNyPj8DDzH4rozaHJasyuOebB7viG3r3H4YyHvespgT0n1woFt_WtMUDq1FQhMD3IZO5r6-Wps56rLo0fk8kqJtvtm_xZswA-mSZlAIYiOLJITEJctcCk9QdhRtiGvHNNCJJVqGLcvupdicu73QhGjXN-272ZQIY7NH4mdX2SrO1bdJeYcj6h3DUOAbKZmSILOWWSqTvxhx9KDdBCPUQJ_I-V3GfK04bO5xhp6FGqtsv15xefOzZSbZ5zcvpusbVmQtJzaotueTyyva8D9zaEATo4ZXTTfKCgEGk6GAzMkr_z7a7btJ6xAkONiSspGtbZDItEdg_t3z5SD2rDOqlaElcRXaTFdSAyWdYPLSyM9fyfC1tQQlJfyJO2Cy8bVSleYa0PdsDrSDO67uK_2fAjv8F-VAUG0lPtWIcNFWu4OuB0vowfBsm5k5yO_ceq2apH6ZSFqlf_mLxOuHu25G-ilDRj-8Dlvb37083SVwSjnj69AOEizxYuiGatC-go7964U119z267kE-8TFnEXZUeswn_HhfRoe6nLK5UDJV6mw27AWuwR_RtkHwxpeuI8G7DIP8Mvo_krtJmyZlonx3neUSW0W67xAp0HDU_fTt87ai_yju9QU3NGD5tA77sTDEVdFH50aLI-EqSIBT50imSYwHnUzRfFL-vsln5chKNzqdOP8nzmwiuM6lc2ABVjw9g-80cJ4bQzg8Pkn-CazH1vUwjXLkyYmkcAFftUYsF7dKHHonvKeSt5g6C88Eu4A5j9O6ljG1iddt42uf0XKsJx1Mx44aHWptXXHRYS8K6cxo3AeFjK1pnuPCBeXO6iiNV-w8_CbxzvgX8EMH9TZetfU9fUtGgeml7b_5npJI5BuTrBGTj6M7S-DrTS-E5ioBwdy4NKLtDoEMUhPtmljiJSvsGvzqlp4jTtkoTOhHl71Fnzv0arNEBUJlZRtzVlAd03uGmXZ8VA7QdurXoRZhpi2hrAZbDq4tkfWgiDKANKMS9moTbGENEVEtnCaAr5vPaRrbG8Vt44Toqog2Af-qD4mOEeVqDBYlzPS2PogG8jDZnwDpayfaakBjyzh2qfOp3xku-dKnrrahx-7YnPS2IGiafbKtIZDEBb1JcS4vXBQKA-Fvw9IUEUaNO4ztisDvScxZOUTyyo-yIR-UrnYEfxVnaL-1Jaq4jIHHEjSAPVnKIr98CjFUduPF6P-KNDi-A7UDGO03G21OYmc6Lj9ZORB9ZgJ-k_CeDb0IeebbEvSkRF3FcTskTNx6cE4y6WCEKbMi0i9KH-YeU5jrLl-NQd7xDmSb467GODBPbQwNcx3-uu00wwLhhqHgJssAYvj__PUke0Bd0lzNvZB9cN59q6uuwQKYHmdhuZAhWAez4v6JGLlkbhd-kUtGUsX2DugXipcOoDs5DNdWYgOzSNQaHTH8Rg1ShQMMcQJyBnCwWktB2WjsK1eKAFx3SqUNt7_PVqhQB9qOkBLiuOnnazJpHajG-NL27cH7jiBVzVFRneq9kkeNlkgCWFViCkO7wvq2ZJ_bLlBRvwlkqHawKmBalkfxRZS5PUcMPOGAok9pH_gpBOZQB8PyYtkjaBjLyJSpUIEjYKZUeX8JrvtwNfHQwwQ1jDMMkWrG5-LDrn6OGAULjmvEVNAStJTJo2EjReUZTYF8Cm8mWL8RARqCmY2hsme2ITsnLBzxIiVfrKZ_OXzFPTQZT3uDMkJ9OskDLue6c39EMO1-mv9cC-W-ghxGVKsXCi-uTUw0JE-P3PxXROEDC0UfwsgfQ9tjdqQ0qUSd3UcWDnFyUCVo1hiD7dcx_QAPxiRFuecj-cOfqOW09O7DHNjZP3FxhRSYa5-knsb_S3-dlZU8lGUbU3cJvFzguz-PeH6ZQsxBn7XD-lUmkptwMbxNoYFDfeSLZug4dQQEZst2VqDG2OZBx-qRlKor_KwWrnomTXEzOp6NQm5UVp6zm-CmRBfiuMIP8OMMkayLzbNEkypeoIcW-bNRjXPBy6M3ZPxnfNEksO-M0JelRVDLnyATBtBZBHGF5elmqN5gv217J4dPvG4J85XZB_7XetXbu6IjusKnxvFNU0F_xOpSbCNjf9KxCqn6-MH3DgGZNlmf3l3V4nMtcavEURtEFNbwDCDevCWkh6W_Ju_g1MtNgLpy7AU2VQ2pEquHWaMI4I9lT7DQDs-FqnXayGIdYfbk0ClrmAnMdpdd1YZvlBGGzwjAy3KE0zm58_jiH46tCEegccVFPOokTJWovc-FjzP2Bvuv-ebwPaCZzpTDFkFrZSn0_jUq-imNVKMWSVQ9V56QsZScjsaYandWUvQ8D4sBvDmgH2cokCBPfqeOK-4Ti77rxou-rdtoduD0WrXkzzcOXubndticA67_A6TxPfzXTSpL_xWgUznFywTo7Ls5YlPupzMe9GIduVsWU2oySVE9nSQx2s0km6xlb21G9AFq2SklcwexV19Y2at34aTZEQ99oqnsQveZ3aeoLUZnKoG8vo7APTzDVWL_45vG5y-fdl7jXsVc-zny77T2oCl34r8pK5EzK4Dg8c_thSIcKdwyWvy6vIX5C5NnQE1kf2YV3qvyvQ1t2UhfPbp8J1ayNSNNtlBXowhr2vfU125XqK7knmIue-WwYM7d1WaF_kDDjE8_IPXtXI6rwqpPWtYbwiiTAhM9oYaybZZ-nitwkXlULkUpLPSzYlvcNm2KRzumvLZmG50Ig-rpct0HXArWtFEzYj9UwfSs8gZh8jZnGbbwCW2lAMBBP-qBgM-fPBRWxhv6g6CAt-lErRfKkAqCpaa3CUAxtmjv05jQuE7LUkN_lTLwHRZliGHkSN_C-t5EBzMgJSz6WtAimMkDT4Blt1e8Ehr3N8CqbDrjRSKlCeaoGcBlkYaonE9lkPHw4qH3922cgL4K5Bktdpy2iNs0OM9SQZ0aAt0Gc7oWzOI0&cid=CAASEuRoLv-BQgwyfZjn6J-yxQ9dSA&rfl=2%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:43 GMT content-encoding gzip x-content-type-options nosniff age 339 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:14:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame 8BBD	22 KB 8 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BTEXUD-cq0mKXlbwoS7WZhIJDKgHIMGGRETavF_XWGwG0b8qqv51P0ToUmQmIZwLP3KICGgdoK27xskmbTXHO1_GcaGoMxdHKse2cQxwK8v8eF1W7K8fu-LR_y2lkIb-Fy1l9d7Olp8tIgszdXTuPk20PAEQ&dbm_d=AKAmf-B5V37GxqhjbEU2hL1INQIKm6qbOI3JVM1Pvzjc-Lcxe35EQmgohgF3wLj0Ygvf2OiO2a2lJVgzoYqBOpiwEMTkDR2_yTNn964jALr_0jzwKYq6bxDYOBYx7kJXkr8XPHXIXTkUmLGxDx_6Y3vbiAaqTp2hqkp8lqfM67zc9Q2ST4bkwe8asnc0MHAQEnZIVlyEET4DdfAadKJgoDadbWX2B6Gm16FbvApVf-kbYU3kBHgNY4PCmvf5hcLozfs9xlviLVYuDOB0-MeDAuf4lyVUXn6JCNbzxIAPYy11PXuBnr5agDx0cLJTUEkn9NEZMDO4Hw62mynG7rsTbfVR2FSelZgNVXdjgXpDM0uVGEMLm5j6NmXrlVXnSyQBrjBJknNZGcEKfo98VPmQko6Nw6GeIVkSjgPbz3nI4cUCtmYRXjlep-uzzxbaZDUyDg5osBG6WBxumpcvLX5D4MADFNQfWEElqQ3rIjl2qD8V6GxJxG1DtmegcRiDTITN8_MJx6o-65_bBFaXmXfBbG8E3nTCaF_O5dFr1sZrqR7a-UdeyIv7dYOp4SdX-2SciI9ZC43GdipRnHpEyCSOHHJ_6P2cXV6is0FQBn3oc7Lb5ddl8ZEYMBlBNg4JRUaxVP8_r1eiymoLS2jx3Jc7wcpo3XupRSHdMMCzOGcTiaz4aj-MKQJoDFNtNyPj8DDzH4rozaHJasyuOebB7viG3r3H4YyHvespgT0n1woFt_WtMUDq1FQhMD3IZO5r6-Wps56rLo0fk8kqJtvtm_xZswA-mSZlAIYiOLJITEJctcCk9QdhRtiGvHNNCJJVqGLcvupdicu73QhGjXN-272ZQIY7NH4mdX2SrO1bdJeYcj6h3DUOAbKZmSILOWWSqTvxhx9KDdBCPUQJ_I-V3GfK04bO5xhp6FGqtsv15xefOzZSbZ5zcvpusbVmQtJzaotueTyyva8D9zaEATo4ZXTTfKCgEGk6GAzMkr_z7a7btJ6xAkONiSspGtbZDItEdg_t3z5SD2rDOqlaElcRXaTFdSAyWdYPLSyM9fyfC1tQQlJfyJO2Cy8bVSleYa0PdsDrSDO67uK_2fAjv8F-VAUG0lPtWIcNFWu4OuB0vowfBsm5k5yO_ceq2apH6ZSFqlf_mLxOuHu25G-ilDRj-8Dlvb37083SVwSjnj69AOEizxYuiGatC-go7964U119z267kE-8TFnEXZUeswn_HhfRoe6nLK5UDJV6mw27AWuwR_RtkHwxpeuI8G7DIP8Mvo_krtJmyZlonx3neUSW0W67xAp0HDU_fTt87ai_yju9QU3NGD5tA77sTDEVdFH50aLI-EqSIBT50imSYwHnUzRfFL-vsln5chKNzqdOP8nzmwiuM6lc2ABVjw9g-80cJ4bQzg8Pkn-CazH1vUwjXLkyYmkcAFftUYsF7dKHHonvKeSt5g6C88Eu4A5j9O6ljG1iddt42uf0XKsJx1Mx44aHWptXXHRYS8K6cxo3AeFjK1pnuPCBeXO6iiNV-w8_CbxzvgX8EMH9TZetfU9fUtGgeml7b_5npJI5BuTrBGTj6M7S-DrTS-E5ioBwdy4NKLtDoEMUhPtmljiJSvsGvzqlp4jTtkoTOhHl71Fnzv0arNEBUJlZRtzVlAd03uGmXZ8VA7QdurXoRZhpi2hrAZbDq4tkfWgiDKANKMS9moTbGENEVEtnCaAr5vPaRrbG8Vt44Toqog2Af-qD4mOEeVqDBYlzPS2PogG8jDZnwDpayfaakBjyzh2qfOp3xku-dKnrrahx-7YnPS2IGiafbKtIZDEBb1JcS4vXBQKA-Fvw9IUEUaNO4ztisDvScxZOUTyyo-yIR-UrnYEfxVnaL-1Jaq4jIHHEjSAPVnKIr98CjFUduPF6P-KNDi-A7UDGO03G21OYmc6Lj9ZORB9ZgJ-k_CeDb0IeebbEvSkRF3FcTskTNx6cE4y6WCEKbMi0i9KH-YeU5jrLl-NQd7xDmSb467GODBPbQwNcx3-uu00wwLhhqHgJssAYvj__PUke0Bd0lzNvZB9cN59q6uuwQKYHmdhuZAhWAez4v6JGLlkbhd-kUtGUsX2DugXipcOoDs5DNdWYgOzSNQaHTH8Rg1ShQMMcQJyBnCwWktB2WjsK1eKAFx3SqUNt7_PVqhQB9qOkBLiuOnnazJpHajG-NL27cH7jiBVzVFRneq9kkeNlkgCWFViCkO7wvq2ZJ_bLlBRvwlkqHawKmBalkfxRZS5PUcMPOGAok9pH_gpBOZQB8PyYtkjaBjLyJSpUIEjYKZUeX8JrvtwNfHQwwQ1jDMMkWrG5-LDrn6OGAULjmvEVNAStJTJo2EjReUZTYF8Cm8mWL8RARqCmY2hsme2ITsnLBzxIiVfrKZ_OXzFPTQZT3uDMkJ9OskDLue6c39EMO1-mv9cC-W-ghxGVKsXCi-uTUw0JE-P3PxXROEDC0UfwsgfQ9tjdqQ0qUSd3UcWDnFyUCVo1hiD7dcx_QAPxiRFuecj-cOfqOW09O7DHNjZP3FxhRSYa5-knsb_S3-dlZU8lGUbU3cJvFzguz-PeH6ZQsxBn7XD-lUmkptwMbxNoYFDfeSLZug4dQQEZst2VqDG2OZBx-qRlKor_KwWrnomTXEzOp6NQm5UVp6zm-CmRBfiuMIP8OMMkayLzbNEkypeoIcW-bNRjXPBy6M3ZPxnfNEksO-M0JelRVDLnyATBtBZBHGF5elmqN5gv217J4dPvG4J85XZB_7XetXbu6IjusKnxvFNU0F_xOpSbCNjf9KxCqn6-MH3DgGZNlmf3l3V4nMtcavEURtEFNbwDCDevCWkh6W_Ju_g1MtNgLpy7AU2VQ2pEquHWaMI4I9lT7DQDs-FqnXayGIdYfbk0ClrmAnMdpdd1YZvlBGGzwjAy3KE0zm58_jiH46tCEegccVFPOokTJWovc-FjzP2Bvuv-ebwPaCZzpTDFkFrZSn0_jUq-imNVKMWSVQ9V56QsZScjsaYandWUvQ8D4sBvDmgH2cokCBPfqeOK-4Ti77rxou-rdtoduD0WrXkzzcOXubndticA67_A6TxPfzXTSpL_xWgUznFywTo7Ls5YlPupzMe9GIduVsWU2oySVE9nSQx2s0km6xlb21G9AFq2SklcwexV19Y2at34aTZEQ99oqnsQveZ3aeoLUZnKoG8vo7APTzDVWL_45vG5y-fdl7jXsVc-zny77T2oCl34r8pK5EzK4Dg8c_thSIcKdwyWvy6vIX5C5NnQE1kf2YV3qvyvQ1t2UhfPbp8J1ayNSNNtlBXowhr2vfU125XqK7knmIue-WwYM7d1WaF_kDDjE8_IPXtXI6rwqpPWtYbwiiTAhM9oYaybZZ-nitwkXlULkUpLPSzYlvcNm2KRzumvLZmG50Ig-rpct0HXArWtFEzYj9UwfSs8gZh8jZnGbbwCW2lAMBBP-qBgM-fPBRWxhv6g6CAt-lErRfKkAqCpaa3CUAxtmjv05jQuE7LUkN_lTLwHRZliGHkSN_C-t5EBzMgJSz6WtAimMkDT4Blt1e8Ehr3N8CqbDrjRSKlCeaoGcBlkYaonE9lkPHw4qH3922cgL4K5Bktdpy2iNs0OM9SQZ0aAt0Gc7oWzOI0&cid=CAASEuRoLv-BQgwyfZjn6J-yxQ9dSA&rfl=2%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:51 GMT content-encoding gzip x-content-type-options nosniff age 211 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8594 x-xss-protection 0 server cafe etag 7958287194716579593 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:51 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame DE48	43 B 215 B	119ms 114ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=f6d54b1a-4e0d-3725-abd7-66cf37221397&tv=%7Bc:eBb4sx,pingTime:-2,time:988,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1444,beZ:1445,mfA:1889,cmA:1889,inA:1889,inZ:1891,prA:1891,prZ:1926,si:1931,poA:1931,poZ:1935,cmZ:1935,mfZ:1935,loA:2039,loZ:2041,ltA:2432,ltZ:2432,idA:1936,idZ:1995%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:160,h:600,t:486%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:988,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:486,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B542~1%5D,as:%5B542~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:szokJZv+1111%7C1112%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C153%7C154%7C16%7C1711%7C1712%7C1811%7C18121%7C18122%7C181231%7C1813%7C1814%7C1815%7C1911%7C1912%7C1a11%7C1a12.925113%7C1a121%7C1a122%7C1a123%7C1a124%7C1a13%7C1a141%7C1a15%7C1b11%7C1b12.925113%7C1b121%7C1b122%7C1b123%7C1b124%7C1b13%7C1b141%7C1b15%7C1c%7C1d%7C1e11%7C1e12*.925113%7C1e121%7C1e122%7C1e123%7C1e13%7C1e14%7C1e15%7C1f%7C1g11%7C1g12.925113%7C1g121%7C1g122%7C1g123%7C1g124%7C1g13%7C1h11%7C1h121%7C1h122%7C1h13%7C1i%7C1j%7C1k1%7C1k21%7C1k3%7C1k4%7C1k5,idMap:1e12*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:501,readyFired:true%7D&br=u Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-server-name dt67.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame BE94	43 B 215 B	119ms 118ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=6da26145-9d4b-0cb9-4f87-f086f5b31bf2&tv=%7Bc:eBb4t8,pingTime:-10,time:1678,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622830822868%7C%7Cb9693185f8e77d402cc60767945ed696%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cb7414d5837200ce1ef3c6e0e7d7baffd%7C%7Ce5b5aebdc53b32f52ca5b57642ff6d72%7C%7Cb72d2fd7bcc1fc18c0aa44fe4e110d77%7C%7C91292f0d76689b08ef05172d2b2b9b5b%7C%7C9e50bf068d2d4e20833da243ddae2931%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-server-name dt56.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
POST H2	200	node.php Show response node.setupad.com/node/ Frame 4A83	0 208 B	48ms 48ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H3-29	200	ar.png tpc.googlesyndication.com/pagead/images/abg/ Frame 36CC	3 KB 3 KB	6ms 5ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ar.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 04:58:24 GMT x-content-type-options nosniff server cafe age 48118 etag 9421415325968714010 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2737 x-xss-protection 0 expires Sat, 05 Jun 2021 04:58:24 GMT
GET H3-29	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 36CC	344 B 368 B	6ms 6ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 06:55:38 GMT x-content-type-options nosniff server cafe age 41084 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control public, max-age=86400 cross-origin-resource-policy cross-origin content-type image/png alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Sat, 05 Jun 2021 06:55:38 GMT
GET H3-29	200	5b817c6aedfacb35f2ac5b51cfdcde0e.jpg tpc.googlesyndication.com/sadbundle/16162963437053558872/media/ Frame 36CC	18 KB 18 KB	7ms 6ms	Image image/jpeg	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/16162963437053558872/media/5b817c6aedfacb35f2ac5b51cfdcde0e.jpg Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78ee85891e1f475b55a6c7f0a7beec3d2e8238d8d2c1b907cf379e46edf4ef42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 02 Jun 2021 07:24:04 GMT x-content-type-options nosniff age 212178 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18451 x-xss-protection 0 last-modified Thu, 27 May 2021 11:33:58 GMT server sffe content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Jun 2022 07:24:04 GMT
GET H3-29	200	91df3e7cc25bf0e83138fb45b9957335.png tpc.googlesyndication.com/sadbundle/16162963437053558872/media/ Frame 36CC	2 KB 2 KB	8ms 7ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/16162963437053558872/media/91df3e7cc25bf0e83138fb45b9957335.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012105242203000/amp4ads-v0.mjs Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 73e4307b0828d61747c3cd54cf29c3852cedbc36564066ab6f15fb35a9ecaa72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 02 Jun 2021 07:24:04 GMT x-content-type-options nosniff age 212178 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2250 x-xss-protection 0 last-modified Thu, 27 May 2021 11:33:58 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 02 Jun 2022 07:24:04 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame B5F4	14 KB 6 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34740 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	728x90_G_WD_Corona.jpg Show response s0.2mdn.net/creatives/assets/2373736/ Frame 7041	6 KB 6 KB	7ms 7ms	XHR image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2373736/728x90_G_WD_Corona.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87c161b2701b2efa2b6651fc7c5f2d159b8038b9f67b7a5ecaf5df441b751ddd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:11:18 GMT x-content-type-options nosniff last-modified Tue, 26 Jan 2021 10:25:48 GMT server sffe age 544 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6572 x-xss-protection 0 expires Fri, 04 Jun 2021 18:26:18 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D4B8	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8zrY4266YKC8E4Sn3gO50KGoBQAAAAA4AeAEAg&bg=!o6CloOTNAAY6sG-_OrA7ACkAdvg8WsPXaxT7r5JTT6gsUO6Iunj46KBgMAiyUGEX-Gy1QOqHVoU54AIAAAVSUgAAAf9oAQcKAE7NvitH1_19yQZ1cFockIIQywfmBECvudsaTA_x-ieInrKPjkGdpbeYINmYH3SGBX8PpPrIam2oHlgAg_zvgbHhmUM4yQnCRnGIGvuA6omZAq-hnsyV0Ff26vLEqsXX3PXHhHRkMEGM_MJIm8jnao_Rb1Rgq-18R-srK1OBPotPYJPCwJiuGemJ75XC79L8atKNVrqgFDsodDn4vxoGLr87O5xTIpk4V2274DcJB0WKqH8rk0OJZSeRB2hnqTKsoCmDQafQh93eKjEL38FlGieucoaspNtRNPfObUCGKOBnYvuAb-5XoWtnViJM0arvDK_9ZdlJc18o5_VkHsmggnpz6yiag4GILsTG_33ztpgzmazJ_v4Ju01n4tjgyYEyys9FbwOhiTp9DtheujHTJmbNtBPVXTGANl35pt1XlE7_xSPiVkD1XJ4vtA1sR4X3KbF1IcQZfJmAjifafRWYD8TCb7MA0Gzng3ZdDBcG15B5SNVeMkU4LYQbbKy8fbH1WgWV9aaUB5T2WkiERm-_vylnF702qeFxzn1Qx7ZapZiXFpgqnfScBmt9lGr_zrBzNIXJ2WB3xq3wekpzOHUH_TpuHPq56rHb5VAyZYCT9gp82Edo9UeXpInZMYugqf3_p-MxeOTQYQA7wFWO6zNakpG--dlCsbD9LaHNXFyeUD2Hnvbre5BxkLDxPpVBgrNqg73Mem0yZvvI6Rucm43hoSRhyDPx364ZHykeNylshjFMng-B3u8pRAaIKDEQahzD_kSVLGLlYAn0S8OyRtDXdc9K6CEzONSXK3T2HsT51bqjI7pStsI2JHT0-uc-8sNdQkjmJcdSYoosozg6dDK3MHl764_uXu-LpAlU-12VNRMw393h0zG-UoowrPcXzcI1-WDAmts2j0n9Y004iDq4dl-sCrZfghA7VBR3Q23VP8Wx_A58-6RhSCF4UQMBMTdsKt8ol_Tgi0gAbfLC-6fceAiva5YzMwjYHSKBIBIalWLMVMBylmwQ8V9KqTJ5O8rH8OA Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	Enabler_01_241.js Show response s0.2mdn.net/879366/ Frame A080	107 KB 37 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_241.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7cdfd59d0748ea8674458b0c70ac670b5f5f973ddb26b37b2f99b64ddb7a2a06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 19:07:23 GMT content-encoding gzip x-content-type-options nosniff age 83579 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37392 x-xss-protection 0 last-modified Tue, 14 Jan 2020 17:33:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 19:07:23 GMT
GET H3-29	200	preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame A080	64 KB 16 KB	28ms 26ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16579 x-xss-protection 0 last-modified Mon, 12 Feb 2018 18:09:40 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:22 GMT
GET H3-29	200	tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame A080	112 KB 38 KB	29ms 27ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:22 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38407 x-xss-protection 0 last-modified Wed, 04 Oct 2017 18:33:56 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:22 GMT
GET H3-29	200	da_DK_polite.js Show response s0.2mdn.net/creatives/assets/2377528/ Frame A080	86 KB 27 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f4adbb04efcb4683d989d1bdf5ceb15ee481b444f2f1eadc19fb9fa4e5f339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:25 GMT content-encoding gzip x-content-type-options nosniff age 357 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27158 x-xss-protection 0 last-modified Sun, 14 Mar 2021 22:07:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:25 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8C61	12 KB 5 KB	7ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4637 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame 96DB	783 B 534 B	30ms 29ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 73b6f42bf98960f3881d38158204b6308fb9bf6a2ad335dd9236c5a21586eac6 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-YeW8lRqktHK3UgRHx6umGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:22 GMT date Fri, 04 Jun 2021 18:20:22 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-YeW8lRqktHK3UgRHx6umGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 515 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	sca.17.5.5.js Show response static.adsafeprotected.com/ Frame 6015	82 KB 21 KB	54ms 54ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.5.js Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:23 GMT content-encoding gzip last-modified Thu, 29 Apr 2021 15:29:23 GMT server nginx/1.16.1 age 2847926 etag W/"5356fa8b6073c3eb408487be61ef7d77" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	mon pixel.adsafeprotected.com/ Frame C99C	43 B 216 B	62ms 62ms	Image image/gif	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html&adsafe_url=https%3A%2F%2Fwww.gool-sport.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.gool-sport.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&adsafe_type=d&adsafe_jsinfo=,id:10a19026-9b45-a9a8-7b76-f92d5f6c1f4a,c:eBb4uW,sl:na,em:true,fr:false,mn:app39ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:szokKke+1111%7C1112%7C1113%7C1114%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C153%7C154%7C16%7C1711%7C17121%7C1713%7C1811%7C18121%7C18122%7C181231%7C1813%7C1814%7C1911%7C19121%7C1913%7C1a11%7C1a121%7C1a122%7C1a1231%7C1a124%7C1a13%7C1a141%7C1a15%7C1b11%7C1b121%7C1b122%7C1b123%7C1b124%7C1b13%7C1b141%7C1b15%7C1c%7C1d%7C1e11%7C1e121%7C1e122%7C1e123%7C1e124%7C1e13%7C1e141%7C1e15%7C1f%7C1g11%7C1g121%7C1g122%7C1g123%7C1g124%7C1g13%7C1h11%7C1h12*.925113%7C1h121%7C1h122%7C1h123%7C1h13%7C1i%7C1j%7C1k1%7C1k21%7C1k3%7C1k4%7C1k5,idMap:1h12*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:809,oid:85d6f995-c561-11eb-af60-06d058ac3535,v:19.8.206,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT x-server-name app16.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame DE48	0 23 B	92ms 92ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaZg_JEddnUOOMgJRIal6AgAHA4_txyjnEAmik-k_1Y__S24UDP3pLMbGhrKZkqy_0NhVvxQGwfatwoUe76o5mTu_MW8yhxS2zdZLBT618ONcC8MDxCOtuYKa21VompJgZi7RWw6s14NHEggUhTmPDwBI7GmdnwHlGiZlfQVJxEaIFCi0vHKdeIBLp8D005a1Mrl0_p7BHVRL8bRCaySA8bQ04kMCQFwjeZ96VjD23hrEUNz4WcSqWaZkTvwhNiMiQ-g7MjXHdmoIXq8zcuHnm-bP4L77vy6HKoT1kZTYRRuqXmNb0HkGBvM2cdMPDwEG5U7bwq3eP705CECiawr2LXiiNfvLPU29QhY40zb2270PSwS43rcLm6QGePI7KVHprUJH-xrHRL_jJQAjpqwy-YfnZ1q17NuSsPBu_GlB7wn_pUHP67kKgABzYCDRU-0U_WkgNk6ptgM62xcYZxFyMqY5Xy7XN-AW2fsYXOP5p1sC2nAVBDe3oODRR1m_vUKSriY3KbDAlosja_xE8RtSj0od_kEwTm9j00EWhpJMPl-n4QKtctco_-4qm1ryETB1JAsRFg3PwgAIS4ngJjfJoEhDJx7FsUZD0AjtlW7D_Ic81jVdTimXHKquxFUNIlQl_L_uPxEIw3zv7ciizcMGW6dNGGegVXaFcn9dll8PiCaDeVcA9fo9cOdgIKaq35KtghzqLugMU8I4knmU0CywCmysRblKJYvaULSYVlmcEosc_rpoNp5_gEN7gdW-cqQEh2FxGV3oOnOzwFjWoVaNBJZr07nJh6UQ42sPjd9vmWYC2ozxnSWd4eT3MRxv217oZIrGYncTEicsmXsDHJXJEKJ3Xqp6qzWI8WT97WPhxaK4BSn9WetyAdAyl_ZZmcllpn7lqxd_aIkXcWxXz9y396O8PXdTT5Ojek4gGrwuufwZG3zSf8bimVqTq_qBiKAPBt8EOYg63XeyZOaRwq4N1f9xxgMmkifD5nFPTwSiQ3RR8066kyOoQYK4_lmBfgP-6mBig6PWKR2JCjIqxEMptZgCHTW5dxhU4w8NbZ4ZA6QUcTZiSBR4qAHJDrRbh08MguC3yrLwo2v5xRL7ZlHXSfwKykeKGQLHGXM2qwp3WXrJN5I_zPi9Tk4U8u4GJQthqHsKTq-P16CPUzHdKrPWGwJg_aGiRxx4vQRJlJtxXJjwFM37Snvs44NZIghBYAYqOHz9hr3J24sD4IIyIkl6EldsLOiPrajFzQUnG9xFPWh2lr_Cnzre0SGUY8dCZwYaph_eRgtSRkRU&sai=AMfl-YRCmIG-8J2XbpMG6o458ecy6LlW70t5DQ-Bt-lZfIyNM4h7RhFo-pwSK3YtUTDZWJGl89K7wzcAaVi-9l_M38vBIS95W4YPu4YfDwonE_VnFaeshCrMPtDlyzMFoct9NzLQRMfDCY2N-57j5pubKtvwvBlqoQ&sig=Cg0ArKJSzE4Aih797SKEEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1818&vt=11&dtpt=1300&dett=3&cstd=514&cisv=r20210601.15472&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:23 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame DE7F	22 KB 8 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAvQ6Ccz4zX8Oy8AqrVU8k_za0XWHQW9dgv_q0M1BOotvZFGoao38q02_x6KLR_eDGsJVLqDf42w8fQi860isoGutF2jmxE9lDfjo4gXBsqIwOREtDqLbjAuLdch30VJ4R7xuvd3xF-xzkTfFKdhYEH3STTg&cry=1&dbm_d=AKAmf-BqG23wDiTF802bb5JdHR3A9o57dbmni6NBrNdnNRq37keHD6tNaxV6eOR9jRHp9ET5AAhWorb1gt9kUoPFM18M2kKdSuQmGWf8k60frFPrRp5teF8U1nCGkoZe4o8A2CAawubqgGW_C5b_M4Sf_xmQgQpI77U1R-zNMClmn5WqYquR5uUQqaPI67MKstwyzJc4LD0_Ulya7Fg1MEvfcP0a73CLUULJExc53jsqs44-7gRQMRYz7xv1RAwDNUnIrSQlVVUKPAJv8gYlyulhfWqmvSxn_TJZJYIU6SyugxRizs80AZhtjM8K4SJK-tOwYIZWaBgkKNpe0a-5Q4gbuuQkrfkVbkq3M7NmIU4yh-hTmj25msChpyj_zpdfr11leJzZBxFvQ67JNzB_d5YmYRvmUVbqhDHAgSvsSPTPypS8JfnCpLWPU6oi2AJtInyyJayD6WR74qsGMX162ZBX9enXfYfia67nHohowpRIwwHnMd3LUxgxSqmE6Thc36Ku7-wCD93g672zMe1F24bn6mUC7wc6A-PP5BHImFiHSRnk7Eam-sfll80Eo7YnRRAG8TEhD7UX6lra3pj0gQesbvQhmc8JQLOl6TtPIjBlrdevPSw_cPqZNtd7K3i4I6WjBt0RpAT28AZwyHgrIb0-oEchLvfCn7OMJAud7C1yi5bcppKfGxncjG2kWR_oZgUWfLUxvGDIP3pncQCSeUSgAoepcII06DAzeJWmzkkFh3UFQ00W_mYXILS6NQqsQTvpyzlZXkbQ7788PXMJAFmlqLKgs9YYsGryHtH7AhPjhz2bxNH2S3Q4yriYvckK8aqKoQHxxq8R-byAZc5_F7UHX2-yPyVF_LqjPci_jl9W2zgw9pUMks2KdMcIYlJL3aYg1bUPni5LQjTZAzID8HIZ304jJuDpqSS7i67aZoutfxPN_Aafh86C7HK-Cw0Z61jbOV8g4j4Bo9LvectQOck4JkV-f-J8lj6-dKlkrsAJBHT7P8TsY7dt-C1FcHhJgWPjwJfKpZT0PIUCOLv88cJ6G2khaIKWYIAmtkt3JLLUzZI3Hm7XRFnMARy7GLRHAPxrJCIuBw5f__OnYmbT1EVlBOEJOJILxE_LjzGCrahePAXok0Q2Ujvzcselm9ynvDb8DmwcXEAmPN9LW1mTEyEt775FX7_BSR33XOB3kuASQOE0nEsg4ip1QPHsCpI4JN3VGKpBaMgd8VSOkAKuhX3vr84Iv8er8E7wGoShh0kbG0pZI58b_tKEYG21GVU0gqdpZyfP4U_X2sIZquvrtJWsI-bNms0_C78M6iL7Rdhar843-bgcveL4AUVoz3aHySVoLi0yakGEmh5U1SJoMU1_i475yZ5UtEEkzmT7naU97R6hmUXpK2zUGLvCdVr-hrO12JtjEDGmgu-p6H0KbIfSm4Gla9Uh2mEQPKj-larmPWwBKfHan8Io5tosudTUX-D_bqwDnQZ3jmVU3Vg-0__7hnInGTSXI2sd6M5id4DNc40wz99zrEMeIxEHCiT-Py7lNl7-J6t6KnJnvx6mGyHveggvwycFU-BinXDvOBRQlPhhhzuTqDY9_tBAaRBhF1BsoEJar-sR_Gt2YQHyZlFmeSEQQMKPo4bRzmNLSbSD4q3cjuQbrK6wYMvcWHpHCV1Dr_Q_tRQf6MrSsAntX_aEA6yG_srBVD6Y6KJ46mcs5ets_6aDlgP22RmJ8mzwyyhLZvSUGBZ7cmlq6Eqg0g1gxkFVWQw3_NzUKhX5wJ1rcn03GDAshx9y7aiQkXNPElSgBjKuxID6yn7IFe1FvFTksRIsz6xzMHrjaEprDhlaDIR4qacSpU03SS5i3UkLgkx_KHpeqv2Qsm6nqZGZmV2uA4N4AMkLQ-cHYTRrvQApO2wyark7CMPNqMV1bdLTpw8Fq6Ot5KhuewBE6jgMk1feMdF9Wyg_nsfpaN9Nk1mSUrU__NRTc2YOiQl7ZrLgA8OyoFb10dy5a3sh_4Mga1PzyTLuRUELTM_WkGSzvFA20cnfCRx8Sg0HtBgtv3PH2t4_C47PWfc1JXM_9-889_HeTVYVmjFjJv9J6VvgJ-8xNGObWvLz9_QLkNcW2dgUvRyGvQcUUzOiy1W_wY_M4a7FmLe9Dv4Q3g_2mhalnefhchgZQMZr2j-Dk4_F8CTn1qvdhb7WV0Db7EPqYQvulToxunph4m8dx5jAyOnqsV4WxJ5TgDPQJaHsnsIVbfgxXZZByuc6HvsdP3yQ-I7mwdwIeepa-6jbOCn2b5ktSkEJgngv0f1I2RJ9zcWD97U-a6PVu_NGbidAiica1Rc_jtWR9JP0rOFaUt93an7mbESO49ksxvw5RPDOkeEIHL5R-3DXntQZOjquouyDTKCMZgW0EXN_fECqAX-yCRPCHY2gc-EtIyoS57P7FUH9pP86-2_1zkkE8emEa3fqxGCDL9PWcVrWWdInn_Wtcf5t9pkTvDMEIXcaQ2VI2LvKq-3Gh5vuFeY1GN6FGUtIObVsgz4omQhpoo76yz4uqPcPBWfLDJYzD6-KcBQ2v5oiEDJA942grOEaXWoGwTSUtAfasD4UuACUm7tZ_R46jyC6sJZc7hzgMUKIsqq-EuRDu36xbwyEWeBChRmer3YJBRbg54UMmzwyWHkWbcn9ppqdDE2vAKnJP8a0aXliXIH5Hz-qAEIOWDYE1MdQyHJN_fVNnviFLSooLo2yQNmajAXK0zIi_xXNAPcTZZzxPUgnraYWMFWrlxbPF2GX6y71AgwdPPkK4tX3CZ73e6MaZFpwv8hBGETANEnakpK1SbOfm9-Z0U-YUCgNyyYlBpToO4lScce4TRxM3y00BB0D3U-k6yH6hfi7RcdsMWELgRSplUc6L3abidXaRuPo1aiei7TmJ8KhdkkZgk-bf_Gt69RttqXJ__Bj87yxVTgnATA98CtQ-_p42fnXIyXJNBVtrToIQNQrqEqbR6OQ3h0ywoVL4Dik9i2O7IN4AAPoRIhk0ceAz-M-TZof3VVaZm29_xfNEdhEAwqkDgL6aVcDMgUUkPc5nF8ZVwlwAbcgH4h6ViYFSCkAqGyJIMR6Yw-GFshcQ_krw9pr8-T84qORKsNkGYJgUMwVkuPRy3TyZK6FsaL2wNrrRpzP9TJ8z_HxuxHHA_JyVNU2Pmn0ImYVanx-eipD0HYd1VADIlKYLjcJf3M1NSkXgl6MyeOD4ZUmMOiiTrB3sxZVeFcUEXwVuyowC8TNkEclwIauFX7J1nbKSmTzOaGW-FwLGgXxEv57QHDOfShbRH9b9WheB4FTI3DJlPcfbPry1QlkIMKyTu0wg3WQnI-K2MtNFkQn-zmRBY8MzaLFIkjqyCWQTqlZDTP4fnTDDs4UGsLJRsXyZE8enpNg_b2WKlnt8nk0o4LgQhSn5pvlt1i4lSv94xOTHmkABe630Uf3NEkNxdV6EWv71mhRo5uoYG3rs0Nb_R5otwSxXDQmUGxEQ6HfRpDHGg-VcY-YVNU0xMtojYxPVgnoXWkNVbPXo1KUrzDvcSOgyfgrKpyCpStIpxR9TtceQiAE9-hTouvXyC8d-q7yk5_YCRsVNyDQhCG4rz3D9ojX3jLcP9rhSNfit6P1ZkS-34TTWfQ15RHJv7rMYMC7ntnL094Yt-4D8JeglemcruCFhd6r6K_-NYJYRqVavhMmsCG9kQ2iYwxXd8wgOL353bXelvXi85gKSPp8Do1ZdjI4ljW8YJOx7ls6h9p06qMRCUiJsStLxYorRO7XpBG73AcGaE81zN5I1BcKtGvPCkI_3Z8h5fsht4p9qFpEG6rOEIUEpbm1Ywf1QU11nw9Rj5Dzbypj3xTtX-Aiw4lVxAPxTiP5ihoq6CiIDtJLqj6ywKmdbwrBbPWaQa07npkH6hkFkV0v5rK2V0zxdctATNArHgqe6ar4pj8V8qRQLqqii4fkamS3teAnBPHk2zShI8aRPhwuf0UDiH8N3G-fO7sWCppiVhjtBSwhOTYj7X6d3j1a2A-k4BeqVgUg9fTK0RtQmaxFxuETen6bPn3TuUhaXFc_-w2T6SEhL0HNiA&cid=CAASEuRoBiQ5ngVsgsO_y1f8XYOqVw&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:51 GMT content-encoding gzip x-content-type-options nosniff age 212 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8594 x-xss-protection 0 server cafe etag 7958287194716579593 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:51 GMT
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame DE7F	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AAvQ6Ccz4zX8Oy8AqrVU8k_za0XWHQW9dgv_q0M1BOotvZFGoao38q02_x6KLR_eDGsJVLqDf42w8fQi860isoGutF2jmxE9lDfjo4gXBsqIwOREtDqLbjAuLdch30VJ4R7xuvd3xF-xzkTfFKdhYEH3STTg&cry=1&dbm_d=AKAmf-BqG23wDiTF802bb5JdHR3A9o57dbmni6NBrNdnNRq37keHD6tNaxV6eOR9jRHp9ET5AAhWorb1gt9kUoPFM18M2kKdSuQmGWf8k60frFPrRp5teF8U1nCGkoZe4o8A2CAawubqgGW_C5b_M4Sf_xmQgQpI77U1R-zNMClmn5WqYquR5uUQqaPI67MKstwyzJc4LD0_Ulya7Fg1MEvfcP0a73CLUULJExc53jsqs44-7gRQMRYz7xv1RAwDNUnIrSQlVVUKPAJv8gYlyulhfWqmvSxn_TJZJYIU6SyugxRizs80AZhtjM8K4SJK-tOwYIZWaBgkKNpe0a-5Q4gbuuQkrfkVbkq3M7NmIU4yh-hTmj25msChpyj_zpdfr11leJzZBxFvQ67JNzB_d5YmYRvmUVbqhDHAgSvsSPTPypS8JfnCpLWPU6oi2AJtInyyJayD6WR74qsGMX162ZBX9enXfYfia67nHohowpRIwwHnMd3LUxgxSqmE6Thc36Ku7-wCD93g672zMe1F24bn6mUC7wc6A-PP5BHImFiHSRnk7Eam-sfll80Eo7YnRRAG8TEhD7UX6lra3pj0gQesbvQhmc8JQLOl6TtPIjBlrdevPSw_cPqZNtd7K3i4I6WjBt0RpAT28AZwyHgrIb0-oEchLvfCn7OMJAud7C1yi5bcppKfGxncjG2kWR_oZgUWfLUxvGDIP3pncQCSeUSgAoepcII06DAzeJWmzkkFh3UFQ00W_mYXILS6NQqsQTvpyzlZXkbQ7788PXMJAFmlqLKgs9YYsGryHtH7AhPjhz2bxNH2S3Q4yriYvckK8aqKoQHxxq8R-byAZc5_F7UHX2-yPyVF_LqjPci_jl9W2zgw9pUMks2KdMcIYlJL3aYg1bUPni5LQjTZAzID8HIZ304jJuDpqSS7i67aZoutfxPN_Aafh86C7HK-Cw0Z61jbOV8g4j4Bo9LvectQOck4JkV-f-J8lj6-dKlkrsAJBHT7P8TsY7dt-C1FcHhJgWPjwJfKpZT0PIUCOLv88cJ6G2khaIKWYIAmtkt3JLLUzZI3Hm7XRFnMARy7GLRHAPxrJCIuBw5f__OnYmbT1EVlBOEJOJILxE_LjzGCrahePAXok0Q2Ujvzcselm9ynvDb8DmwcXEAmPN9LW1mTEyEt775FX7_BSR33XOB3kuASQOE0nEsg4ip1QPHsCpI4JN3VGKpBaMgd8VSOkAKuhX3vr84Iv8er8E7wGoShh0kbG0pZI58b_tKEYG21GVU0gqdpZyfP4U_X2sIZquvrtJWsI-bNms0_C78M6iL7Rdhar843-bgcveL4AUVoz3aHySVoLi0yakGEmh5U1SJoMU1_i475yZ5UtEEkzmT7naU97R6hmUXpK2zUGLvCdVr-hrO12JtjEDGmgu-p6H0KbIfSm4Gla9Uh2mEQPKj-larmPWwBKfHan8Io5tosudTUX-D_bqwDnQZ3jmVU3Vg-0__7hnInGTSXI2sd6M5id4DNc40wz99zrEMeIxEHCiT-Py7lNl7-J6t6KnJnvx6mGyHveggvwycFU-BinXDvOBRQlPhhhzuTqDY9_tBAaRBhF1BsoEJar-sR_Gt2YQHyZlFmeSEQQMKPo4bRzmNLSbSD4q3cjuQbrK6wYMvcWHpHCV1Dr_Q_tRQf6MrSsAntX_aEA6yG_srBVD6Y6KJ46mcs5ets_6aDlgP22RmJ8mzwyyhLZvSUGBZ7cmlq6Eqg0g1gxkFVWQw3_NzUKhX5wJ1rcn03GDAshx9y7aiQkXNPElSgBjKuxID6yn7IFe1FvFTksRIsz6xzMHrjaEprDhlaDIR4qacSpU03SS5i3UkLgkx_KHpeqv2Qsm6nqZGZmV2uA4N4AMkLQ-cHYTRrvQApO2wyark7CMPNqMV1bdLTpw8Fq6Ot5KhuewBE6jgMk1feMdF9Wyg_nsfpaN9Nk1mSUrU__NRTc2YOiQl7ZrLgA8OyoFb10dy5a3sh_4Mga1PzyTLuRUELTM_WkGSzvFA20cnfCRx8Sg0HtBgtv3PH2t4_C47PWfc1JXM_9-889_HeTVYVmjFjJv9J6VvgJ-8xNGObWvLz9_QLkNcW2dgUvRyGvQcUUzOiy1W_wY_M4a7FmLe9Dv4Q3g_2mhalnefhchgZQMZr2j-Dk4_F8CTn1qvdhb7WV0Db7EPqYQvulToxunph4m8dx5jAyOnqsV4WxJ5TgDPQJaHsnsIVbfgxXZZByuc6HvsdP3yQ-I7mwdwIeepa-6jbOCn2b5ktSkEJgngv0f1I2RJ9zcWD97U-a6PVu_NGbidAiica1Rc_jtWR9JP0rOFaUt93an7mbESO49ksxvw5RPDOkeEIHL5R-3DXntQZOjquouyDTKCMZgW0EXN_fECqAX-yCRPCHY2gc-EtIyoS57P7FUH9pP86-2_1zkkE8emEa3fqxGCDL9PWcVrWWdInn_Wtcf5t9pkTvDMEIXcaQ2VI2LvKq-3Gh5vuFeY1GN6FGUtIObVsgz4omQhpoo76yz4uqPcPBWfLDJYzD6-KcBQ2v5oiEDJA942grOEaXWoGwTSUtAfasD4UuACUm7tZ_R46jyC6sJZc7hzgMUKIsqq-EuRDu36xbwyEWeBChRmer3YJBRbg54UMmzwyWHkWbcn9ppqdDE2vAKnJP8a0aXliXIH5Hz-qAEIOWDYE1MdQyHJN_fVNnviFLSooLo2yQNmajAXK0zIi_xXNAPcTZZzxPUgnraYWMFWrlxbPF2GX6y71AgwdPPkK4tX3CZ73e6MaZFpwv8hBGETANEnakpK1SbOfm9-Z0U-YUCgNyyYlBpToO4lScce4TRxM3y00BB0D3U-k6yH6hfi7RcdsMWELgRSplUc6L3abidXaRuPo1aiei7TmJ8KhdkkZgk-bf_Gt69RttqXJ__Bj87yxVTgnATA98CtQ-_p42fnXIyXJNBVtrToIQNQrqEqbR6OQ3h0ywoVL4Dik9i2O7IN4AAPoRIhk0ceAz-M-TZof3VVaZm29_xfNEdhEAwqkDgL6aVcDMgUUkPc5nF8ZVwlwAbcgH4h6ViYFSCkAqGyJIMR6Yw-GFshcQ_krw9pr8-T84qORKsNkGYJgUMwVkuPRy3TyZK6FsaL2wNrrRpzP9TJ8z_HxuxHHA_JyVNU2Pmn0ImYVanx-eipD0HYd1VADIlKYLjcJf3M1NSkXgl6MyeOD4ZUmMOiiTrB3sxZVeFcUEXwVuyowC8TNkEclwIauFX7J1nbKSmTzOaGW-FwLGgXxEv57QHDOfShbRH9b9WheB4FTI3DJlPcfbPry1QlkIMKyTu0wg3WQnI-K2MtNFkQn-zmRBY8MzaLFIkjqyCWQTqlZDTP4fnTDDs4UGsLJRsXyZE8enpNg_b2WKlnt8nk0o4LgQhSn5pvlt1i4lSv94xOTHmkABe630Uf3NEkNxdV6EWv71mhRo5uoYG3rs0Nb_R5otwSxXDQmUGxEQ6HfRpDHGg-VcY-YVNU0xMtojYxPVgnoXWkNVbPXo1KUrzDvcSOgyfgrKpyCpStIpxR9TtceQiAE9-hTouvXyC8d-q7yk5_YCRsVNyDQhCG4rz3D9ojX3jLcP9rhSNfit6P1ZkS-34TTWfQ15RHJv7rMYMC7ntnL094Yt-4D8JeglemcruCFhd6r6K_-NYJYRqVavhMmsCG9kQ2iYwxXd8wgOL353bXelvXi85gKSPp8Do1ZdjI4ljW8YJOx7ls6h9p06qMRCUiJsStLxYorRO7XpBG73AcGaE81zN5I1BcKtGvPCkI_3Z8h5fsht4p9qFpEG6rOEIUEpbm1Ywf1QU11nw9Rj5Dzbypj3xTtX-Aiw4lVxAPxTiP5ihoq6CiIDtJLqj6ywKmdbwrBbPWaQa07npkH6hkFkV0v5rK2V0zxdctATNArHgqe6ar4pj8V8qRQLqqii4fkamS3teAnBPHk2zShI8aRPhwuf0UDiH8N3G-fO7sWCppiVhjtBSwhOTYj7X6d3j1a2A-k4BeqVgUg9fTK0RtQmaxFxuETen6bPn3TuUhaXFc_-w2T6SEhL0HNiA&cid=CAASEuRoBiQ5ngVsgsO_y1f8XYOqVw&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41206 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET BLOB	200 OK	8e77543f-5a25-40d0-a7bb-2a246b4e2c61 https://s0.2mdn.net/ Frame BE7A	6 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/8e77543f-5a25-40d0-a7bb-2a246b4e2c61 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 87c161b2701b2efa2b6651fc7c5f2d159b8038b9f67b7a5ecaf5df441b751ddd Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 6572 Content-Type image/jpeg
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 803D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wj...	43 B 892 B	55ms 54ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXv79zgQyDUTMmBtg0OLZmjiaGX7Iy0q63nj7VCd49jLKRLBjj365y002cKmmCyQZjH1MSEeovD4Sdf4vL6DrczX8SlqOCoD9E2TaJhVbg67msyVVPk_N1tt7LPrzpZ7C3XmLs8MRqovWODBliB6QGNnLBc9PDhm01q7WjYVP2SLR9lkUd_4gFWzpBf1YrJrJ_9kKddpuIhYv1c9N8rLQPmTEowttSS1aEXS3tQkDokxKy7h_9WdA4qM1Bd3tifG6gYvAvfAhDx6sNKT1is3WWbKZp6NZTZ2trtMDHnYt4dBDJ4orb7UIPxeXocbbTyJ0G0Um-hpRqjEY4_Yep0YXd_OwNN4w46AlB1fg6ZjEykC-d4qzjkxTWpeaHuFq_AfGKVS6zeU5rvubPsW-igwvcgmWpEftmhs9xaB-zS8moouwFT1fW6AehRl_dYXAIc2Q43p4IbGOWC5zbNI0ZS85sSFzQRnO2inMp3V2U7eapu5obl_DQGUBnMUmgyxNzdOOo1Uao_OkIuHTctDDLzMzjZQzl7NRFUYBAYKEaCXWR6xamcCb21SJT5NqYxZrVVEyygaCwAyJWO4yvRglNhtMsaTs4x1oYzzGgI7n9AEDzreqVN-QQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:23 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 04 Jun 2021 18:20:23 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 686 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 803D Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkF... https://cm.g.doubleclick.net/pixel?gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wj...	43 B 892 B	48ms 47ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXv79zgQyDUTMmBtg0OLZmjiaGX7Iy0q63nj7VCd49jLKRLBjj365y002cKmmCyQZjH1MSEeovD4Sdf4vL6DrczX8SlqOCoD9E2TaJhVbg67msyVVPk_N1tt7LPrzpZ7C3XmLs8MRqovWODBliB6QGNnLBc9PDhm01q7WjYVP2SLR9lkUd_4gFWzpBf1YrJrJ_9kKddpuIhYv1c9N8rLQPmTEowttSS1aEXS3tQkDokxKy7h_9WdA4qM1Bd3tifG6gYvAvfAhDx6sNKT1is3WWbKZp6NZTZ2trtMDHnYt4dBDJ4orb7UIPxeXocbbTyJ0G0Um-hpRqjEY4_Yep0YXd_OwNN4w46AlB1fg6ZjEykC-d4qzjkxTWpeaHuFq_AfGKVS6zeU5rvubPsW-igwvcgmWpEftmhs9xaB-zS8moouwFT1fW6AehRl_dYXAIc2Q43p4IbGOWC5zbNI0ZS85sSFzQRnO2inMp3V2U7eapu5obl_DQGUBnMUmgyxNzdOOo1Uao_OkIuHTctDDLzMzjZQzl7NRFUYBAYKEaCXWR6xamcCb21SJT5NqYxZrVVEyygaCwAyJWO4yvRglNhtMsaTs4x1oYzzGgI7n9AEDzreqVN-QQ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:23 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Fri, 04 Jun 2021 18:20:23 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG5Fw2_aQvW5Ih-JV3WBXgs&google_cver=1&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 667 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 803D	170 B 188 B	90ms 89ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXv79zgQyDUTMmBtg0OLZmjiaGX7Iy0q63nj7VCd49jLKRLBjj365y002cKmmCyQZjH1MSEeovD4Sdf4vL6DrczX8SlqOCoD9E2TaJhVbg67msyVVPk_N1tt7LPrzpZ7C3XmLs8MRqovWODBliB6QGNnLBc9PDhm01q7WjYVP2SLR9lkUd_4gFWzpBf1YrJrJ_9kKddpuIhYv1c9N8rLQPmTEowttSS1aEXS3tQkDokxKy7h_9WdA4qM1Bd3tifG6gYvAvfAhDx6sNKT1is3WWbKZp6NZTZ2trtMDHnYt4dBDJ4orb7UIPxeXocbbTyJ0G0Um-hpRqjEY4_Yep0YXd_OwNN4w46AlB1fg6ZjEykC-d4qzjkxTWpeaHuFq_AfGKVS6zeU5rvubPsW-igwvcgmWpEftmhs9xaB-zS8moouwFT1fW6AehRl_dYXAIc2Q43p4IbGOWC5zbNI0ZS85sSFzQRnO2inMp3V2U7eapu5obl_DQGUBnMUmgyxNzdOOo1Uao_OkIuHTctDDLzMzjZQzl7NRFUYBAYKEaCXWR6xamcCb21SJT5NqYxZrVVEyygaCwAyJWO4yvRglNhtMsaTs4x1oYzzGgI7n9AEDzreqVN-QQ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 803D Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzNTM4MDQyNjI5MTMzNzI4Nw%3D%3D	170 B 188 B	97ms 96ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzNTM4MDQyNjI5MTMzNzI4Nw%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsYxazEmgEwAQ&v=APEucNXv79zgQyDUTMmBtg0OLZmjiaGX7Iy0q63nj7VCd49jLKRLBjj365y002cKmmCyQZjH1MSEeovD4Sdf4vL6DrczX8SlqOCoD9E2TaJhVbg67msyVVPk_N1tt7LPrzpZ7C3XmLs8MRqovWODBliB6QGNnLBc9PDhm01q7WjYVP2SLR9lkUd_4gFWzpBf1YrJrJ_9kKddpuIhYv1c9N8rLQPmTEowttSS1aEXS3tQkDokxKy7h_9WdA4qM1Bd3tifG6gYvAvfAhDx6sNKT1is3WWbKZp6NZTZ2trtMDHnYt4dBDJ4orb7UIPxeXocbbTyJ0G0Um-hpRqjEY4_Yep0YXd_OwNN4w46AlB1fg6ZjEykC-d4qzjkxTWpeaHuFq_AfGKVS6zeU5rvubPsW-igwvcgmWpEftmhs9xaB-zS8moouwFT1fW6AehRl_dYXAIc2Q43p4IbGOWC5zbNI0ZS85sSFzQRnO2inMp3V2U7eapu5obl_DQGUBnMUmgyxNzdOOo1Uao_OkIuHTctDDLzMzjZQzl7NRFUYBAYKEaCXWR6xamcCb21SJT5NqYxZrVVEyygaCwAyJWO4yvRglNhtMsaTs4x1oYzzGgI7n9AEDzreqVN-QQ Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:23 GMT X-Proxy-Origin 82.102.20.244; 82.102.20.244; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.136:80 AN-X-Request-Uuid d6412300-db5f-4edb-85b7-cf58bd06f070 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDgzNTM4MDQyNjI5MTMzNzI4Nw%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3-29	200	html_inpage_rendering_lib_200_271.js Show response s0.2mdn.net/879366/ Frame CD14	176 KB 61 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 14:23:35 GMT content-encoding gzip x-content-type-options nosniff age 14208 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62241 x-xss-protection 0 last-modified Wed, 14 Oct 2020 18:02:47 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Sat, 05 Jun 2021 14:23:35 GMT
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame CD14	8 KB 3 KB	9ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPvm_hYu1WnixNU3VGYmCitJtBKdJHIFieS9r9mGG5_YDfPHfxOjkCGQdXnVH0bE6_qCjtEz_TqWB8yeSCp-m5nvfrXJrmi8HZncjwoLeKvwSKxVuAPXLkxqwkX5xgHtrKknPRUKcU6t9oRGA8QE6Dvze_QA&dbm_d=AKAmf-Ars881fPE4ypjlLdcJbI7dEv4Ucg8DVSmZkwR6_EEfS3QhBM7TFHOy486sgxmIxuEuobVr3-jH3k3iJDW7LAqnGAOFGUQxBsMBOpC4_mSjNojClM3ev2wl6snwpPURvmjDuZ6RJ6LRlHFWDdp6YoJ9F12PGEBRRnU8M9PD_cQNhIMLkxuIgn3PhvV2ek-qRsSVBp1vstKN_C-4iCPmXI7cDBeDQxWmarWS5EhB3d4BzNxmAyAIXyFcXJl6VDbJL_sZZKCcTCA3iNMcuJnxkNI8rwCafGtS3v5BgOBi9io5f1-q5NhkyyUDhVJEvrGwj1GjuiezNN0ezLsrhMzviXsQ_Z7kLde1qEOY-6GRVOt6_tCR2HO9Hr0teRMr_h0X-PzcA7ZUKo-LutdJF2lSdprLBUknFrYEIWwl-_IXGE4VrOD7bSHQb6GMJ4Jq-FGZfeigak8hnzz8kNIvNZooKIG-GsoTfywovIOEIQw7XIAPJnZHQk_lSvyxoObP5iHbRGMMEXPoRdGYvJub4NIyMz4fSMP2G7JVWAEJOnK8y4Matl5I0kHq4cY9dN0F1cMCkUuuOERi9-vV_S7fAZkpLyLklQNAjqjE8QRlHpvajBIRwj93kwj3HUJqBYeQWbKL7cqULTSdLEB17yg5ur4PnWRn98kK5alCVCHFcsP88H6dEiDMfBELevinIjKM7GJWmTzGXdC5jzHKuuI5D2SHOb72V6xdp3MN_gQgL0wjO0Zia4V8L_XvkrhUHF1ov6BVhe4gbXqyis1zd0pKyB9oU1kqEDyA207Nz4lwcMqno5kRWEP0LWr1WlaQBpTu9qTceHBJoZR1GIO2vb7BR68-lFJI8Rpou_WmAyOYRqFz5lFKPeCJ7M_mwccoaBsufbBogEbo0xfv7apPtWdBUqsngCkJccBxmgEd3XsihksvT7ZHXH1iQhd-SU5urO-wBVWaHf3vx2CFyII5M-Wd6trIRgfD0TOXZxtagCd6_6qcCsXTArzV71lWynr3rKecoVpqdUQDg1Kko4mck1znmGrrjXBX9PCvLjO_5lT8uV-rj7pfOrIurho1Abe3_8-oxzn2Wps5M7a7VgFgMyGr8715uJY_rlZPYOQo3YND2BfOqMBPwk9CZvZTWl_vswsn2w22baypizifRQ0SYAqudoSuIckv3SqnakSq02g67p8A8d21jisK0PyYkP9mkLn6KoGEsllwwAKiP4g8P0vr66YOpKNk6aGif1va8wAx4kJj0FWtnk334ztB84ublKR8-vGLp3t3NeCVw04PzFlgpwVCDD5f_WMveaUeE18XHDXA_tdfKxEbL8ENZGzPYrCJqDC4tMTP2S6C8vMrSXyFAiDRqxD2hre9ystb_-njuCDOaqQncg87Aiv1DokV310RNW_j44YeDsxopHcVdS9I6ttVWkCltid5uiMOxPZd_oFeBsPlcdqCEr_qNsvXeDHeOHpvFCWJ3D7GtZgw_pTFJlpaUaIT2ISssQIP10x3gpYZP-qigxhwdQ46BuI_YkTAZK-mVwkKZAnbD3mOju3PNpCOyKnkByh2Lr3wg9i2jrp6gDFiLLuUZXvAvFfVShFl4_y5Myfio_39PJG2wfJHdOVpLj3ndvu_B9IW6DlUUtOf0sE9oTcgpL9c5HedsRlZohP-Nbb1agYElq8tkGufTkcCq_Q4xyV8cCGKYo2wVCFw-SBJivIWUMjCGMDZdNjC3BWc8ExWp9YNJWQ5JdDgi5IuAkBt_Z4iijNUHdsdOy4aprX1jenELuzDnN_SiKa6Ct46AAtzztVZJofxs_FdFwlSizGZQ2iTF1sDT79ZF_hDshrIeil5gfMtCnu6CNihQgbgExxLyH1nD9M-YKO_F0frJVWHqNniyyNVA7jZcA_s5IMSk8N9tZAYMA1LSjuUmFlD6Vs_eARd7UWVdNQUkQxPDCTse3NBB_BpJ1S14bK3x6nMpXCEbu8khp-2-p3V44afAqzbr3AHOBuW4C35QL3DEO1vpJRH-dmIBY-1Jy2meRPFGt0eP3GSC0ttnu2pZpnc_2W7TOieZ-DjGz5H-q3tJUMtYrK6KfKEXr5rw0kbvaui7Lmu2bH_pL9R1qNpMuldzoXZFekfgx36LL5FTcfe0lVEpLzKfGmaNOX5m6rQIt_0ybwWfoqHjxPKMr5t95-mTm098AinAIh7a_wwyryV8WpqsEqBeK1G4exrJ7aPaS9_JcSJMCkomrhEbgFYOh3VfIN_-oKPwzkVarpSGYO3fMq_rTZtVi4q8f3DmU1lJNspFsC6inxr1DTxyI5jLOkch0GLwwklv8djNQaCaqIoKvtvu5JxAEEy6JEoEPg99ixDWfymK6hF9iWAYPIc8BiAh7QzXPR2L96x1ueL4M6_5Mlskg_JWeyu_LhKvN9XqJJgen7-xu9yTfcryqgOjqXtcznpSc2x365Mc6GDfSxwfXNEQOvA3TX53mRUuXGynjlvscVxRna_fFAKx4109T7uSVgGhwJieMd_6p4Xqe43-f0W2a8cr-rtn3XP8qFnUAGvGhfQFBUOvemtJyQY-zudvmGrCJnANqkw-zGJyfen5SBlxJ_AIMJ3jwNwncHL5CyG9XbUiTKW9K5AdR8bPzfJEFlWKa5-rT4dPVOXrTFfn-a3sTR81yfbWlgCe1Cvr3y8GnE903jszj2eNL2ATwziGaLyidioa72g33zAORbuPM-mQ7mvWXERMcZVXt47aNP0m-_mmeyHSYMvaaMorF6wkeaLeo9X8RA88DtP63faGhQiNAsASByWXQKsyAySGUa0KauIm1sxSu4c9XpxA9WZmcO7-XZ3Dl_NJSA4kIJuWrbbeKu-FaD23W84T4FUJ46iPoNpKmIPKmXYE-UHoaScI2Byp3vclhMIWyUCABEuRDmJc_KEQ6fd6xQxd81rjD_ni9rySq9ke0ckNugy-khQFPebGFc1n0M2tw1Nn_V8cFr6073xA05Hz6tIRxUEsW9zyQEIsIs6g6Lpm7Dw9op5m72scyZc7II8x_2G6FP1oxybX1OJZ1Mpcy0uCrh4YB3gqT6rTYH_w2jHbNEIlCyxG-6CysQNFYpYM1KqUiHb5Vv_Mwr3r8yoOnhxH9cIKUGPx-hRu68NQETs-j5nKC1pVMcdAhDH0A07n1Q5uVz_ZIZRbUhEjhypwp-1r8nDeMufyBvhvzeU3NN8nNMTHQfu60Z0Ilrn7YbzRg3ewfs25srvQH880j4PlyzqtyIxmodVeB2RknxvJBx4gXp50WrcqQWwIIOdKZZHDjzPHLjAHz8d4awjKJBYSI5oUhp-8ioCMzwyvqGt1l7fh3jOL1sgPgG-2OlHjJ9YJQRkrCD4ijEYL_KIln22sT_f5v5ucdjPklPbasUByr2OMEO8Bp29LTE91Q_6n7TfWIiMjKwd8YQRiTsHrHW9NIF9BAPhf_6gsqqYL-lmmjCQcDT_5o5l9_ElnBOQUE5hlapaOtCOA7uVgRYao3IJMY7g3vHy1QzZ90r4aQZ_wzMNt9Zi4pnfyCOg3Bb4iZlTnQ_TBNT6_bir1UpDiQ7qMMz3KDLuFzKT7-hQDvFf-9xJ_pYYTpKV9fU_UlvR4AlWYI1-yykqrf2syua8_5kNgdN0F0vwImYr4aN0w4sE9nu_RkaRvYwVf3aycqUPSdiiO9sUpxEf57_hDDJ21fgNi76FGD-liwOoboYLXhvBsA6FFlJvhY_4saZ7xUNtvR_YtohU7TiID9JRv63zmKA86jJtcxt-GoBSVVwNjmaUdplsBqgSOwL7GfKpAjL8&cid=CAASEuRoOruKHowLfVEZPKj8Fzautw&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:43 GMT content-encoding gzip x-content-type-options nosniff age 340 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:14:43 GMT
GET H3-29	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/ Frame CD14	22 KB 8 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPvm_hYu1WnixNU3VGYmCitJtBKdJHIFieS9r9mGG5_YDfPHfxOjkCGQdXnVH0bE6_qCjtEz_TqWB8yeSCp-m5nvfrXJrmi8HZncjwoLeKvwSKxVuAPXLkxqwkX5xgHtrKknPRUKcU6t9oRGA8QE6Dvze_QA&dbm_d=AKAmf-Ars881fPE4ypjlLdcJbI7dEv4Ucg8DVSmZkwR6_EEfS3QhBM7TFHOy486sgxmIxuEuobVr3-jH3k3iJDW7LAqnGAOFGUQxBsMBOpC4_mSjNojClM3ev2wl6snwpPURvmjDuZ6RJ6LRlHFWDdp6YoJ9F12PGEBRRnU8M9PD_cQNhIMLkxuIgn3PhvV2ek-qRsSVBp1vstKN_C-4iCPmXI7cDBeDQxWmarWS5EhB3d4BzNxmAyAIXyFcXJl6VDbJL_sZZKCcTCA3iNMcuJnxkNI8rwCafGtS3v5BgOBi9io5f1-q5NhkyyUDhVJEvrGwj1GjuiezNN0ezLsrhMzviXsQ_Z7kLde1qEOY-6GRVOt6_tCR2HO9Hr0teRMr_h0X-PzcA7ZUKo-LutdJF2lSdprLBUknFrYEIWwl-_IXGE4VrOD7bSHQb6GMJ4Jq-FGZfeigak8hnzz8kNIvNZooKIG-GsoTfywovIOEIQw7XIAPJnZHQk_lSvyxoObP5iHbRGMMEXPoRdGYvJub4NIyMz4fSMP2G7JVWAEJOnK8y4Matl5I0kHq4cY9dN0F1cMCkUuuOERi9-vV_S7fAZkpLyLklQNAjqjE8QRlHpvajBIRwj93kwj3HUJqBYeQWbKL7cqULTSdLEB17yg5ur4PnWRn98kK5alCVCHFcsP88H6dEiDMfBELevinIjKM7GJWmTzGXdC5jzHKuuI5D2SHOb72V6xdp3MN_gQgL0wjO0Zia4V8L_XvkrhUHF1ov6BVhe4gbXqyis1zd0pKyB9oU1kqEDyA207Nz4lwcMqno5kRWEP0LWr1WlaQBpTu9qTceHBJoZR1GIO2vb7BR68-lFJI8Rpou_WmAyOYRqFz5lFKPeCJ7M_mwccoaBsufbBogEbo0xfv7apPtWdBUqsngCkJccBxmgEd3XsihksvT7ZHXH1iQhd-SU5urO-wBVWaHf3vx2CFyII5M-Wd6trIRgfD0TOXZxtagCd6_6qcCsXTArzV71lWynr3rKecoVpqdUQDg1Kko4mck1znmGrrjXBX9PCvLjO_5lT8uV-rj7pfOrIurho1Abe3_8-oxzn2Wps5M7a7VgFgMyGr8715uJY_rlZPYOQo3YND2BfOqMBPwk9CZvZTWl_vswsn2w22baypizifRQ0SYAqudoSuIckv3SqnakSq02g67p8A8d21jisK0PyYkP9mkLn6KoGEsllwwAKiP4g8P0vr66YOpKNk6aGif1va8wAx4kJj0FWtnk334ztB84ublKR8-vGLp3t3NeCVw04PzFlgpwVCDD5f_WMveaUeE18XHDXA_tdfKxEbL8ENZGzPYrCJqDC4tMTP2S6C8vMrSXyFAiDRqxD2hre9ystb_-njuCDOaqQncg87Aiv1DokV310RNW_j44YeDsxopHcVdS9I6ttVWkCltid5uiMOxPZd_oFeBsPlcdqCEr_qNsvXeDHeOHpvFCWJ3D7GtZgw_pTFJlpaUaIT2ISssQIP10x3gpYZP-qigxhwdQ46BuI_YkTAZK-mVwkKZAnbD3mOju3PNpCOyKnkByh2Lr3wg9i2jrp6gDFiLLuUZXvAvFfVShFl4_y5Myfio_39PJG2wfJHdOVpLj3ndvu_B9IW6DlUUtOf0sE9oTcgpL9c5HedsRlZohP-Nbb1agYElq8tkGufTkcCq_Q4xyV8cCGKYo2wVCFw-SBJivIWUMjCGMDZdNjC3BWc8ExWp9YNJWQ5JdDgi5IuAkBt_Z4iijNUHdsdOy4aprX1jenELuzDnN_SiKa6Ct46AAtzztVZJofxs_FdFwlSizGZQ2iTF1sDT79ZF_hDshrIeil5gfMtCnu6CNihQgbgExxLyH1nD9M-YKO_F0frJVWHqNniyyNVA7jZcA_s5IMSk8N9tZAYMA1LSjuUmFlD6Vs_eARd7UWVdNQUkQxPDCTse3NBB_BpJ1S14bK3x6nMpXCEbu8khp-2-p3V44afAqzbr3AHOBuW4C35QL3DEO1vpJRH-dmIBY-1Jy2meRPFGt0eP3GSC0ttnu2pZpnc_2W7TOieZ-DjGz5H-q3tJUMtYrK6KfKEXr5rw0kbvaui7Lmu2bH_pL9R1qNpMuldzoXZFekfgx36LL5FTcfe0lVEpLzKfGmaNOX5m6rQIt_0ybwWfoqHjxPKMr5t95-mTm098AinAIh7a_wwyryV8WpqsEqBeK1G4exrJ7aPaS9_JcSJMCkomrhEbgFYOh3VfIN_-oKPwzkVarpSGYO3fMq_rTZtVi4q8f3DmU1lJNspFsC6inxr1DTxyI5jLOkch0GLwwklv8djNQaCaqIoKvtvu5JxAEEy6JEoEPg99ixDWfymK6hF9iWAYPIc8BiAh7QzXPR2L96x1ueL4M6_5Mlskg_JWeyu_LhKvN9XqJJgen7-xu9yTfcryqgOjqXtcznpSc2x365Mc6GDfSxwfXNEQOvA3TX53mRUuXGynjlvscVxRna_fFAKx4109T7uSVgGhwJieMd_6p4Xqe43-f0W2a8cr-rtn3XP8qFnUAGvGhfQFBUOvemtJyQY-zudvmGrCJnANqkw-zGJyfen5SBlxJ_AIMJ3jwNwncHL5CyG9XbUiTKW9K5AdR8bPzfJEFlWKa5-rT4dPVOXrTFfn-a3sTR81yfbWlgCe1Cvr3y8GnE903jszj2eNL2ATwziGaLyidioa72g33zAORbuPM-mQ7mvWXERMcZVXt47aNP0m-_mmeyHSYMvaaMorF6wkeaLeo9X8RA88DtP63faGhQiNAsASByWXQKsyAySGUa0KauIm1sxSu4c9XpxA9WZmcO7-XZ3Dl_NJSA4kIJuWrbbeKu-FaD23W84T4FUJ46iPoNpKmIPKmXYE-UHoaScI2Byp3vclhMIWyUCABEuRDmJc_KEQ6fd6xQxd81rjD_ni9rySq9ke0ckNugy-khQFPebGFc1n0M2tw1Nn_V8cFr6073xA05Hz6tIRxUEsW9zyQEIsIs6g6Lpm7Dw9op5m72scyZc7II8x_2G6FP1oxybX1OJZ1Mpcy0uCrh4YB3gqT6rTYH_w2jHbNEIlCyxG-6CysQNFYpYM1KqUiHb5Vv_Mwr3r8yoOnhxH9cIKUGPx-hRu68NQETs-j5nKC1pVMcdAhDH0A07n1Q5uVz_ZIZRbUhEjhypwp-1r8nDeMufyBvhvzeU3NN8nNMTHQfu60Z0Ilrn7YbzRg3ewfs25srvQH880j4PlyzqtyIxmodVeB2RknxvJBx4gXp50WrcqQWwIIOdKZZHDjzPHLjAHz8d4awjKJBYSI5oUhp-8ioCMzwyvqGt1l7fh3jOL1sgPgG-2OlHjJ9YJQRkrCD4ijEYL_KIln22sT_f5v5ucdjPklPbasUByr2OMEO8Bp29LTE91Q_6n7TfWIiMjKwd8YQRiTsHrHW9NIF9BAPhf_6gsqqYL-lmmjCQcDT_5o5l9_ElnBOQUE5hlapaOtCOA7uVgRYao3IJMY7g3vHy1QzZ90r4aQZ_wzMNt9Zi4pnfyCOg3Bb4iZlTnQ_TBNT6_bir1UpDiQ7qMMz3KDLuFzKT7-hQDvFf-9xJ_pYYTpKV9fU_UlvR4AlWYI1-yykqrf2syua8_5kNgdN0F0vwImYr4aN0w4sE9nu_RkaRvYwVf3aycqUPSdiiO9sUpxEf57_hDDJ21fgNi76FGD-liwOoboYLXhvBsA6FFlJvhY_4saZ7xUNtvR_YtohU7TiID9JRv63zmKA86jJtcxt-GoBSVVwNjmaUdplsBqgSOwL7GfKpAjL8&cid=CAASEuRoOruKHowLfVEZPKj8Fzautw&rfl=3%2Chttps%253A%252F%252Fwww.gool-sport.com%242%2C%2Chttps%253A%252F%252Fwww.gool-sport.com%252F%240 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 64fce9d17c5101524a6ee73191a1c97a2e47ddc83aed06b5bd22d5c898efd52b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:16:51 GMT content-encoding gzip x-content-type-options nosniff age 212 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8594 x-xss-protection 0 server cafe etag 7958287194716579593 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:16:51 GMT
POST H2	200	node.php Show response node.setupad.com/node/ Frame 1A60	0 208 B	79ms 78ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:23 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 1A60	11 KB 8 KB	41ms 40ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash acb4af4ee21883a5d916057a776c784ac0a3630a5cf9f0ea5db8600768cc3d57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:23 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8199 x-xss-protection 0
GET BLOB	200 OK	27d9217c-3a65-44b5-8d08-55c167336f5e https://s0.2mdn.net/ Frame 7041	6 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/27d9217c-3a65-44b5-8d08-55c167336f5e Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 87c161b2701b2efa2b6651fc7c5f2d159b8038b9f67b7a5ecaf5df441b751ddd Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 6572 Content-Type image/jpeg
GET H2	200	dt dt.adsafeprotected.com/ Frame F343	43 B 215 B	121ms 121ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=e39bf9d7-563b-6e16-7914-ad60be97eb74&tv=%7Bc:eBb4yW,pingTime:-10,time:1595,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622830822494%7C%7Cd4337beb289b1b0dc91fd2feb54504f9%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cf9901be23595895c50e013082399e9f6%7C%7C38fa8aabec0e85a8a11a227ffff11899%7C%7C5d71a8679de3c3493637cab3205314ae%7C%7Cac6d865a9c82bded53aa0ca5254529e8%7C%7Cdf30617f6092bae8df552ec833a6fd91%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:1cc2cf6f-eb09-1612-e6ec-46fc734f08f0%7D%7D Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT x-server-name dt36.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame C99C	43 B 215 B	121ms 115ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=10a19026-9b45-a9a8-7b76-f92d5f6c1f4a&tv=%7Bc:eBb4z1,pingTime:-2,time:1061,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1379,beZ:1380,mfA:2158,cmA:2158,inA:2158,inZ:2160,prA:2160,prZ:2184,si:2188,poA:2189,poZ:2193,cmZ:2193,mfZ:2193,loA:2323,loZ:2325,ltA:2440,ltZ:2440,idA:2194,idZ:2256%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:728,h:90,t:808%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:1061,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:808,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B282~1%5D,as:%5B282~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:szokJZv+1111%7C1112%7C1113%7C1114%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C153%7C154%7C16%7C1711%7C17121%7C1713%7C1811%7C18121%7C18122%7C181231%7C1813%7C1814%7C1911%7C19121%7C1913%7C1a11%7C1a12.925113%7C1a121%7C1a122%7C1a1231%7C1a124%7C1a13%7C1a141%7C1a15%7C1b11%7C1b12.925113%7C1b121%7C1b122%7C1b123%7C1b124%7C1b13%7C1b141%7C1b15%7C1c%7C1d%7C1e11%7C1e12.925113%7C1e121%7C1e122%7C1e123%7C1e124%7C1e13%7C1e141%7C1e15%7C1f%7C1g11%7C1g12.925113%7C1g121%7C1g122%7C1g123%7C1g124%7C1g13%7C1h11%7C1h12*.925113%7C1h121%7C1h122%7C1h123%7C1h13%7C1i%7C1j%7C1k1%7C1k21%7C1k3%7C1k4%7C1k5,idMap:1h12*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:250,readyFired:true%7D&br=u Requested by Host: 6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com URL: https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT x-server-name dt42.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	dt dt.adsafeprotected.com/ Frame DE48	43 B 215 B	119ms 117ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=f6d54b1a-4e0d-3725-abd7-66cf37221397&tv=%7Bc:eBb4zh,pingTime:-10,time:1406,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622830822494%7C%7Cd4337beb289b1b0dc91fd2feb54504f9%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cf9901be23595895c50e013082399e9f6%7C%7C38fa8aabec0e85a8a11a227ffff11899%7C%7C5d71a8679de3c3493637cab3205314ae%7C%7Cac6d865a9c82bded53aa0ca5254529e8%7C%7Cdf30617f6092bae8df552ec833a6fd91%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:1cc2cf6f-eb09-1612-e6ec-46fc734f08f0%7D%7D Requested by Host: ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com URL: https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT x-server-name dt43.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame EBFC	14 KB 6 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34741 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	728x90_G_WD_Corona.jpg Show response s0.2mdn.net/creatives/assets/2373736/ Frame 686F	6 KB 6 KB	26ms 6ms	XHR image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2373736/728x90_G_WD_Corona.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87c161b2701b2efa2b6651fc7c5f2d159b8038b9f67b7a5ecaf5df441b751ddd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:11:18 GMT x-content-type-options nosniff last-modified Tue, 26 Jan 2021 10:25:48 GMT server sffe age 545 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6572 x-xss-protection 0 expires Fri, 04 Jun 2021 18:26:18 GMT
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/ Frame 6F8C	1 KB 613 B	28ms 28ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5122c11c712dd865696a259facba17e7d6d1b90fc386f5f26126bd56de867bca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 585 date Fri, 04 Jun 2021 18:20:23 GMT expires Sat, 05 Jun 2021 18:20:23 GMT cache-control public, max-age=86400 last-modified Mon, 09 Mar 2020 15:51:41 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 8BBD	0 24 B	101ms 101ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhiRpBHZP6p-Xi0AWmrpe0yZdM7i-fwWA_uAJct8cwAbwYJ4fOtBoyPEoWSs_iNxnNdw52hNE0lLQklS3gE_sHMwLYUZ62-dixwuXvrYzjQtqf583lH8w8DYaoUfWRo_7LSKLo63xpqWLdROxUc5QACZAZ9extShymnH4U83crO5T-ByJCl0XScLeMyD_Sep0ikeYEsvh-x3mPgquIq_NQlZx2WWR2MtwEq12kx0qZkXcDjQBA5Cwvh83rUN6hmkup0lTx-R-QsjHh8YPWv-VEiW6oR3Dna7XEe8ZB7aYpN2fxntuj9RPeV2ZMYvAx-NJtETbmPnLIRmq04JA4DWDjPzfyf3mb-V2ZzdFadHiOKWQ2TZtKXrfD0FCMuhXOviD1_M6tSgNoJ05UhMCiP73vL6JdZHSbQ-JyVWzz-T04aEPC1X9g2HoKEw9cAend54pvrZgTY8fTreJNXSLbuhzocu1onRkrDTw7OSRuEAokGAJPnH9y5w0RcBV3Vtpt0VYhHB-95bibJk-9q6lkP9iYREstwk8BBCUhDP192vrUMqFHJohg0LDEFQFaBBHwwX4sQhALYOzCfbantsD3vkcgLagCTzKdFsNX9cfYeaPz0RLFexWPaPGIiFcaW9_RqwKdzMW05U6MDMu9lhErq8Umt9zqOD4QMWgOC3QhlALocSw1hUzuF1NYn9yrQgKyHr2eo179a4iGVeNteQ7am46PvpXJu6ScrDHEpu6YfRXCoKoggOgIWrcrLdYX_sRfhJRA8RGheIjgMbTRbfhWB2WfwnGovyb8ZB-yKafdkxilJD_WmpBvrgEiaSOto1DTsncLD9p5VVd6442ZkESjENYYHsr36Zgp41SddqtZ6fG4LDy7gMsGTOFjGgzJKYYuxRKcSp2WkC7keQV6oYSyjbZG00CPRUQ0YqKdMqbdIv_0Di-5FPKl1pOniqTrfalyuGdZpUC2XCFJm-ORJVourSwS5arTuJEfcOIQg-kikri3Xrww4cZ6HtTT8IQHaVKnBcQgwzRel1-FiPDxQjJGc1srDBNuhZOR57RIk20Jp0ZuNWd0M6WL9ES6XmGSLZaBgzK6ngnTgmwhuH1o3I0e5kVOygY3fQMB1eynRuVxz_JslcEW9Fqovhgt2sSc6Tgw_-9gM8yzLknFUaRO2PtGao7GSgFGnghp-rjebYBsYAK971MMzWgh4QD9RI3Jfd08oIJFBAdKX7I1mhikAsG22vAsSwEG8gR9v9hK15t15YO96J_W-jYauflF1lkovm0MpFxkiRBfehE&sai=AMfl-YS6FYun10Aaidqy5W7LfTqAzy-48IEIXCqHepUS0yXU9hKm2iHYUK5gNgeiuxxuL32iBBNyaQ7zK4FeJ7QcN4K_DjeZV2pFgPj1edyB_4SjYc5_LyLchHuKBKzhvzRbO8PMv_uYHQi0FP84xhEb5ha3fRO5MA&sig=Cg0ArKJSzP9m9FALkVHpEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=490&cbvp=1&cstd=486&cisv=r20210601.74443&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 04 Jun 2021 18:20:23 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame 8BBD	43 B 947 B	189ms 65ms	Image image/gif	213.202.235.8 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extLi=25042747&extCr=130146484&extPm=292521141&gdpr_consent=CPHSFTpPHSFTpAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1 Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" Connection close X-ET-Monitoring 1 Content-Length 43 Pragma no-cache X-ET-Code 0 Last-Modified Fr, 04 Jun 2021 06:20:23 GMT Server Microsoft-IIS/8.5 Date Fri, 04 Jun 2021 18:20:23 GMT Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1711 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0042	170 B 188 B	70ms 67ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjD8-CZATAB&v=APEucNU5u2WeeHonWd_YjWszz1eeLYg32_jnQZkdMeeUJnQLcizasOZ56m_iYUw_Gfq9-DAy8_l2521mU8CWdQoXQgXdYkpo62KdWa6-T3QfloRQ0iO7821K47sKo5OXy18iVq4l-UdLb8AfkwAgBt4yjkyXemGIoboqMv-xU4A2E3kIAIBfSQZMgqb9bjH3Il7hDHNrwRZ5FmZu9uT8voNGy5AA9jKtHm6BlKp1qBRv_6ZyA5Qyq3jpO8WqDLpLm7Tv7-XxLIm2EqsLUpBuH7h1OuxQW3ZKYu5ASeIqVCA76jPwuHECqHmYa-uqbU0n0TPpLxlXZTH9esoRLp6UtQBIYhMHKxBuOO4M2YnqX_X_ZjnVEHvT1PDgkq2HCEgOhS6qMRitHNlTDEzz-VFEikqsF4VQUxackLMS_0cLTjzM1hxQUAaylOyGUy5VN2LK-_Kelklom10B9ZyqmQh6RxuHoU18k5ah8Bz6uFt1ecN7dHcI_VDfulkx5YLOSsfx9ZJhMuoCNwdqBzkwDKjSBA_yI7GCLV92CrJ-b-zXZtN4VUHk4PkYNsGuWrOloZeBHYnSAJ9eRsTMfmWijunOCKAu4rxK-msLgGo9vYeY_y8doWyazLVMeUc Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0042 Redirect Chain https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBA... https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgE... https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2M0ODFkODgtYjI0NS0yNzcxLWQ2YmUtZTJjOWE5M2I1ZTQz&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-...	170 B 188 B	67ms 67ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2M0ODFkODgtYjI0NS0yNzcxLWQ2YmUtZTJjOWE5M2I1ZTQz&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjD8-CZATAB&v=APEucNU5u2WeeHonWd_YjWszz1eeLYg32_jnQZkdMeeUJnQLcizasOZ56m_iYUw_Gfq9-DAy8_l2521mU8CWdQoXQgXdYkpo62KdWa6-T3QfloRQ0iO7821K47sKo5OXy18iVq4l-UdLb8AfkwAgBt4yjkyXemGIoboqMv-xU4A2E3kIAIBfSQZMgqb9bjH3Il7hDHNrwRZ5FmZu9uT8voNGy5AA9jKtHm6BlKp1qBRv_6ZyA5Qyq3jpO8WqDLpLm7Tv7-XxLIm2EqsLUpBuH7h1OuxQW3ZKYu5ASeIqVCA76jPwuHECqHmYa-uqbU0n0TPpLxlXZTH9esoRLp6UtQBIYhMHKxBuOO4M2YnqX_X_ZjnVEHvT1PDgkq2HCEgOhS6qMRitHNlTDEzz-VFEikqsF4VQUxackLMS_0cLTjzM1hxQUAaylOyGUy5VN2LK-_Kelklom10B9ZyqmQh6RxuHoU18k5ah8Bz6uFt1ecN7dHcI_VDfulkx5YLOSsfx9ZJhMuoCNwdqBzkwDKjSBA_yI7GCLV92CrJ-b-zXZtN4VUHk4PkYNsGuWrOloZeBHYnSAJ9eRsTMfmWijunOCKAu4rxK-msLgGo9vYeY_y8doWyazLVMeUc Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 04 Jun 2021 18:20:23 GMT content-encoding gzip server OXGW/16.208.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Y2M0ODFkODgtYjI0NS0yNzcxLWQ2YmUtZTJjOWE5M2I1ZTQz&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA content-type image/gif alt-svc clear content-length 0 via 1.1 google
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0042	170 B 188 B	69ms 68ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjD8-CZATAB&v=APEucNU5u2WeeHonWd_YjWszz1eeLYg32_jnQZkdMeeUJnQLcizasOZ56m_iYUw_Gfq9-DAy8_l2521mU8CWdQoXQgXdYkpo62KdWa6-T3QfloRQ0iO7821K47sKo5OXy18iVq4l-UdLb8AfkwAgBt4yjkyXemGIoboqMv-xU4A2E3kIAIBfSQZMgqb9bjH3Il7hDHNrwRZ5FmZu9uT8voNGy5AA9jKtHm6BlKp1qBRv_6ZyA5Qyq3jpO8WqDLpLm7Tv7-XxLIm2EqsLUpBuH7h1OuxQW3ZKYu5ASeIqVCA76jPwuHECqHmYa-uqbU0n0TPpLxlXZTH9esoRLp6UtQBIYhMHKxBuOO4M2YnqX_X_ZjnVEHvT1PDgkq2HCEgOhS6qMRitHNlTDEzz-VFEikqsF4VQUxackLMS_0cLTjzM1hxQUAaylOyGUy5VN2LK-_Kelklom10B9ZyqmQh6RxuHoU18k5ah8Bz6uFt1ecN7dHcI_VDfulkx5YLOSsfx9ZJhMuoCNwdqBzkwDKjSBA_yI7GCLV92CrJ-b-zXZtN4VUHk4PkYNsGuWrOloZeBHYnSAJ9eRsTMfmWijunOCKAu4rxK-msLgGo9vYeY_y8doWyazLVMeUc Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0042 Redirect Chain https://sync.teads.tv/um?eid=3&uid=&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmZlNTdlYmMtYzBiMC00Njg2LWFiYzYtZTZkMGMzZWRjNzIz&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f...	170 B 188 B	101ms 66ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmZlNTdlYmMtYzBiMC00Njg2LWFiYzYtZTZkMGMzZWRjNzIz&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjD8-CZATAB&v=APEucNU5u2WeeHonWd_YjWszz1eeLYg32_jnQZkdMeeUJnQLcizasOZ56m_iYUw_Gfq9-DAy8_l2521mU8CWdQoXQgXdYkpo62KdWa6-T3QfloRQ0iO7821K47sKo5OXy18iVq4l-UdLb8AfkwAgBt4yjkyXemGIoboqMv-xU4A2E3kIAIBfSQZMgqb9bjH3Il7hDHNrwRZ5FmZu9uT8voNGy5AA9jKtHm6BlKp1qBRv_6ZyA5Qyq3jpO8WqDLpLm7Tv7-XxLIm2EqsLUpBuH7h1OuxQW3ZKYu5ASeIqVCA76jPwuHECqHmYa-uqbU0n0TPpLxlXZTH9esoRLp6UtQBIYhMHKxBuOO4M2YnqX_X_ZjnVEHvT1PDgkq2HCEgOhS6qMRitHNlTDEzz-VFEikqsF4VQUxackLMS_0cLTjzM1hxQUAaylOyGUy5VN2LK-_Kelklom10B9ZyqmQh6RxuHoU18k5ah8Bz6uFt1ecN7dHcI_VDfulkx5YLOSsfx9ZJhMuoCNwdqBzkwDKjSBA_yI7GCLV92CrJ-b-zXZtN4VUHk4PkYNsGuWrOloZeBHYnSAJ9eRsTMfmWijunOCKAu4rxK-msLgGo9vYeY_y8doWyazLVMeUc Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server akka-http/10.2.3 content-type text/html; charset=UTF-8 location https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YmZlNTdlYmMtYzBiMC00Njg2LWFiYzYtZTZkMGMzZWRjNzIz&gdpr=1&gdpr_consent=CPHSFTtPHSFTtAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA cache-control max-age=0, no-cache, no-store content-length 535 expires Fri, 04 Jun 2021 18:20:23 GMT
GET H3-29	200	da_DK_imageanimation_G_WD_Corona_728x90.js Show response s0.2mdn.net/creatives/assets/2990350/ Frame BE7A	39 KB 22 KB	7ms 7ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2990350/da_DK_imageanimation_G_WD_Corona_728x90.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27402eab1e42fcdc690b6b41d981d474c0d4f909b955822d8965e941d68fe93f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:08:55 GMT content-encoding gzip x-content-type-options nosniff age 688 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21985 x-xss-protection 0 last-modified Mon, 22 Mar 2021 17:13:31 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:23:55 GMT
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 1A60	17 KB 6 KB	29ms 29ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:23 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:23 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame C99C	0 23 B	95ms 95ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3pUzqP4l9l2f30HfUViH3YbWPpiVVRH2u5cXAtr5mPoxD6fUfpHXbw7go2q3Yryls6O9_rdJTGpYp8hzfS8gaBmWuWzDvlXEiO7JeG1Y7E9YIikRqqMhakPLFvLNtI3JcaRe6FKeRKbPE_01-okwI6AwSBygb_XPDCbHd0paA5WiKODp1F_AVTX_UhPbBWsZrsWRRIXD1q5AkT_nESzzdUUe7eDAF-5CgMyoV5-D_L0jyZq8EuqsvlzCWmAwan8WG4-g_rvDAHgC9O8Hxx0JfT8max-lP6jPdH2s-zy5GlPNuu8mTX0adEYGjGbucUyMy7M_bV0ml1RMfnT7gpWcnzSxpd7PYhzfD224nkgqJDCiGgEXopLSoYVc3W7kAyl4ErGjRExn3lRzw9IhPVDhQRpqDPa11G-h9LteH0IkT-K1iwPAZ_xc9wy8ALZG-7S5iz7Twkvlx9fRRhsJrEfKcWoaDuyFlO3sj1D8jxS0vH6Ge1pQOLw38uJJni4QQy2ru_9pAPNIlZcE7ht2puvX68RPH9SXqZB1oGRsckDvFOvl2ZhhO9InxBeiTik5sP8TkPy2UNHubpwB4CFVxM7R2IvsPaYnNRjS1lVCtaNxnKQvmR-PKCZ1OKjvuuqVr-UVwJjsmPEN7u9yw9zBW0ob8k6HIpsS-KsJhLDHdPYhYS_8GtcLZwf3hxgSvBVz5FpMwhCIpg2wuufLZbUQVh4k1hOV9T0v0GG07KCLGuYPTa_d7ERqR4wne7w8BPyIERQ_NMoY2b8FyILiZMOUNlO17A4PYZRB8vK8JL8X2TKm27fl9jXvUc7FHdMGSc3GciCHvrJW7CvCgGEaxac9Bi3bX7nM1d_Y_ADLjHOmiB9KBX_Ri387Z2SD_T5GVTRW4hZPpw0wn3Wb7Jy3Ic1QXENDTCUdkT53I8SwXbppKzh-quCHL7o7PAeG9jN7ms58SjQCII1R6YbIHOBZXNIQqeQkLJBbIyKctYHVe7yZC_0gLuf2s7v8332yq_2_DMKrGrXWL1rt6yA055Vp6fRVTR6B2r2HPH8PW3A_x3ckrNix9jGfoGNxOrNbPw-Uy5c7gN9CABoycRg9H7Wi-ORccPeJ8crvEeC5BzWrJmFVOQfnapubbvCVilXJCfcIXhPhZDYUXDx7ACE70mLvM0NMemmZ9MRTq2aNkrlCVQTbLOnpkdU219ak-KnyGU10-VQiKxxdjQJS73eJxxdjy4bdwJSnfNFKyY5B-yULV3qDtInmNjg2tM-NxX4peRhR_D1IeHIDANC8bi8KiUwG5gw&sai=AMfl-YSb9MLJhFmI3UZfRs1D8wWolWwjrTc9T7GzX98xYyLmM4UAbe2FFa_5GZQkDapYHNGpxGsHDLvCJarDHjC30U1LSl89Qek6lAbD4_aVbVMWXrHwWb6gUmUQ78SfhFUVJ4VUF_DJQwRuzlOq_FU4HP5G09A4GA&sig=Cg0ArKJSzPuUKnuSpUREEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1798&vt=11&dtpt=1367&dett=3&cstd=426&cisv=r20210601.46455&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:23 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame E0AC	170 B 188 B	78ms 78ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=1&gdpr_consent=CPHSFTuPHSFTuAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsY47LEmgEwAQ&v=APEucNXCy8KZr0fOZlEh9jEPYmDbKIFF7Uj4EGg_iyfgZfgyMIIcHZOh1t-GQ_InzJf3qYK9eP0i05XUiLOPpLfu47fHfbUszEJDnlqAjeJT__178vUX-ap33GtmyUGrVU4NmpKqJTCMRoL3RHLxj_qb5uc9V958uGvUXWGcl_36HfhnodS9z4oIRBrfoM62KCh2BR2kSVYa2WDZM3jpbxtavJE_eeewpib94ikwtvu9CID-Z-WMvNsvyMTwWuBtk3-OknRY5t2JwQlkl_qztPy4viD-M8DiCxwdmVuwandh6TpumgrDpP1wQsCYUP3D_s3T30duL8x9faZH7POOw7aPiF3RkPwzkNYX1wz-LCd08CdVrCvHGyS03oTDcTVB1uHHsVP8W7kN-m_f6Gcg2aqsvGRdDhSCNJlz2AZQ3kVHKdx-cFwTw09mejILUoz83td32uysJYis5kwCn2YjHoXyQVfnb6WfA0_ejCGapZj980xbkxrMycukCAIWZw_KeZxix1v0kXMMUQ-rtwuG1tBov6k9wxmO-K6kHSHP0YpuLzZVBFJsb2XDs6OsKbBHcuPWDBGRZEiW22KQFDw207VCuA2VdkMZM8de_kW4msKq8PkR1uZKLes Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame E0AC Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=1&gdpr_consent=CPHSFTuPHSFTuAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFi... https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODViYjEyODUtYzU2MS0xMWViLWIzMjgtMTQ2ODRhM2EwNTA2	170 B 188 B	64ms 63ms	Image image/png	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODViYjEyODUtYzU2MS0xMWViLWIzMjgtMTQ2ODRhM2EwNTA2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsY47LEmgEwAQ&v=APEucNXCy8KZr0fOZlEh9jEPYmDbKIFF7Uj4EGg_iyfgZfgyMIIcHZOh1t-GQ_InzJf3qYK9eP0i05XUiLOPpLfu47fHfbUszEJDnlqAjeJT__178vUX-ap33GtmyUGrVU4NmpKqJTCMRoL3RHLxj_qb5uc9V958uGvUXWGcl_36HfhnodS9z4oIRBrfoM62KCh2BR2kSVYa2WDZM3jpbxtavJE_eeewpib94ikwtvu9CID-Z-WMvNsvyMTwWuBtk3-OknRY5t2JwQlkl_qztPy4viD-M8DiCxwdmVuwandh6TpumgrDpP1wQsCYUP3D_s3T30duL8x9faZH7POOw7aPiF3RkPwzkNYX1wz-LCd08CdVrCvHGyS03oTDcTVB1uHHsVP8W7kN-m_f6Gcg2aqsvGRdDhSCNJlz2AZQ3kVHKdx-cFwTw09mejILUoz83td32uysJYis5kwCn2YjHoXyQVfnb6WfA0_ejCGapZj980xbkxrMycukCAIWZw_KeZxix1v0kXMMUQ-rtwuG1tBov6k9wxmO-K6kHSHP0YpuLzZVBFJsb2XDs6OsKbBHcuPWDBGRZEiW22KQFDw207VCuA2VdkMZM8de_kW4msKq8PkR1uZKLes Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 04 Jun 2021 18:20:23 GMT Server nginx Location https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODViYjEyODUtYzU2MS0xMWViLWIzMjgtMTQ2ODRhM2EwNTA2 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 125 Connection keep-alive Content-Length 0
GET H2	204	v1 ads.yahoo.com/cms/ Frame E0AC	0 290 B	7ms 7ms	Image text/plain	2a00:1288:80:800::7001 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1&gdpr=1&gdpr_consent=CPHSFTuPHSFTuAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&addtl_consent= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCQWhCPwFsY47LEmgEwAQ&v=APEucNXCy8KZr0fOZlEh9jEPYmDbKIFF7Uj4EGg_iyfgZfgyMIIcHZOh1t-GQ_InzJf3qYK9eP0i05XUiLOPpLfu47fHfbUszEJDnlqAjeJT__178vUX-ap33GtmyUGrVU4NmpKqJTCMRoL3RHLxj_qb5uc9V958uGvUXWGcl_36HfhnodS9z4oIRBrfoM62KCh2BR2kSVYa2WDZM3jpbxtavJE_eeewpib94ikwtvu9CID-Z-WMvNsvyMTwWuBtk3-OknRY5t2JwQlkl_qztPy4viD-M8DiCxwdmVuwandh6TpumgrDpP1wQsCYUP3D_s3T30duL8x9faZH7POOw7aPiF3RkPwzkNYX1wz-LCd08CdVrCvHGyS03oTDcTVB1uHHsVP8W7kN-m_f6Gcg2aqsvGRdDhSCNJlz2AZQ3kVHKdx-cFwTw09mejILUoz83td32uysJYis5kwCn2YjHoXyQVfnb6WfA0_ejCGapZj980xbkxrMycukCAIWZw_KeZxix1v0kXMMUQ-rtwuG1tBov6k9wxmO-K6kHSHP0YpuLzZVBFJsb2XDs6OsKbBHcuPWDBGRZEiW22KQFDw207VCuA2VdkMZM8de_kW4msKq8PkR1uZKLes Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:23 GMT cache-control no-store x-content-type-options nosniff server ATS strict-transport-security max-age=15552000 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-xss-protection 1; mode=block
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 8BBD	41 KB 15 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41206 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET H2	200	main.gr.19.8.206.js Show response static.adsafeprotected.com/ Frame 8BBD	183 KB 58 KB	62ms 62ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.206.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197042&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:23 GMT content-encoding gzip last-modified Tue, 01 Jun 2021 22:03:45 GMT server nginx/1.16.1 etag W/"f4d80fb2c423b91d55077116728f6247" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET DATA	200 OK	truncated / Frame 8BBD	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0acba567d33368e3dd7f3939b22dd5bc74b4cef7ed999eb255b965b294ab7bff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 5B7A	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34741 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	da_DK_imageanimation_G_WD_Corona_728x90.js Show response s0.2mdn.net/creatives/assets/2990350/ Frame 7041	39 KB 22 KB	6ms 6ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2990350/da_DK_imageanimation_G_WD_Corona_728x90.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27402eab1e42fcdc690b6b41d981d474c0d4f909b955822d8965e941d68fe93f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:08:55 GMT content-encoding gzip x-content-type-options nosniff age 688 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21985 x-xss-protection 0 last-modified Mon, 22 Mar 2021 17:13:31 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:23:55 GMT
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 02F2	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41204 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	js-animation_da_DK_imageanimation.js Show response s0.2mdn.net/creatives/assets/3389262/ Frame BE7A	65 KB 17 KB	7ms 7ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3389262/js-animation_da_DK_imageanimation.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 752238d3f9a98de5bcbffb363e97d13b8814f6c6b899c441bebec14e3189493c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=hya3lCtqlq&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:14:26 GMT content-encoding gzip x-content-type-options nosniff age 357 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17622 x-xss-protection 0 last-modified Sun, 14 Mar 2021 21:58:53 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:26 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 63AE	0 20 B	42ms 40ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqXlR4266YJujI5OKjuwP7oOB0AIAAAAAOAHgBAI&bg=!1tWl1ZHNAAY6sG-_OrA7ACkAdvg8WjqtueRXWUtytPK-_LAMxJm89MgzzxGszKlO2o13g6n2iel1XQIAAAZYUgAAATpoAQcKAKx5CROc4i6NzT50i6xGAdvz05rWTXCAjifHUWPhhGDZ5LyYagReyd0-vDP107kZJb2u_vdv7C3D6eD31sxQroiVH6hqrg61pro-eHD8bIbzyCBy3BgI8IerHJ-mMJ4lx00sQJFLSIoAMAKRwAxnBYs1lHUZuji5TBLbKyvEZ-cToB8yucKSPn2w30AGwHzulV6ryUayk3TZkxzBV5G67CtkyBT6uVO3RzUFsHBRmQLNipWqo_ymdVXCg_bCEpPIjDpWAbQEFzX97x6wWETCkFq-P_y4i3JXj-oM8Xf9OokPXSDz7cySpMyxu4B1NsjLWm-TpFolnVPnLJjxJUg38a2sT-FNS3YOmZ-5iS_Q_syeDO9DHMgFukVKRr2QieF3xDqhhgxKBDVAfna8nVPzRoZIqZU0IbfgFIIznG0AD1rYsLI2G7UOd8l_DQORSCBXefC-j6MwLbp0i6jVK-Q1sCuohioe5k60s1qNTSosv0aQaZGZBYNtXnflkVmJEYVmSN48ilxx9w3PGNZ9fGPi8t27yv4iuTcms_EQtonSdH_c7lU4K9ZTiCIOR2f2rDpG2N4ygihAvfn2xp0aimSkkuH2AXwRzJahDY6rCbq7MnTR-k77TnQx1wIPUYCU_zpnGfePYM4ekcjlYUOHA3aNPK2rAyiBoCsBE0oGUlWotso2VNKjndSIJb1oeh77-GdpWAzKbjpzenKuYJGPuAwp6C3dx1WVfDb_18p13FHXnVsNT-8q0ryQrtWYC-zkVwBe5bjKGa18-GOChy-4BuzPpDtlB4oJgHzb2L-fRDjluNs0HKUSz--e0Wt7c2vEwuiGSafFfi3eXUh6q9XuMtgpFHAezIzn4h5KeRuy-tb6myuBhXxWaEhFBGIUSTX62tZm1MaqfNd9ca2ZlvVgNsxZhtG0WiUdcBJgykv84vC9WbCb2QNsutLawbZS7RZYFhS2WDN_U3l4paFPEyL1DLL4K-xCUCAPs5ydVk3Ythk9m03UbCG-Lx3oPsFHjEGMtUCSBBcWCv8mYeXGW5vQB27qCHA-U-IuzEtoTsZ_rLxQbv3xUytD_y-YX0VUiiyvdtg9sh2WMjymEWZMuR_zrrrbpXpN7MUwFi1hbNDr9jA1-u7SHwnm8cHSITggvQiTSMTQjOeC6npkkkauzgRJRyK-0cETciCMDrauzczZWoqQ Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:23 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame BE7A	14 KB 14 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 19ff70e284646d02fc1e21d6fc9f1bb2586cf2153807480af67b46b389c76ed6 Request headers Origin https://s0.2mdn.net Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H3-29	200	index.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/ Frame F441	1 KB 617 B	27ms 27ms	Document text/html	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 321c52c1c848e602b8d8ab7d32d079b8a98d145dd9659e6400edf55b903d4f25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin timing-allow-origin * content-length 585 date Fri, 04 Jun 2021 18:20:23 GMT expires Sat, 05 Jun 2021 18:20:23 GMT cache-control public, max-age=86400 last-modified Mon, 09 Mar 2020 15:51:40 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame CD14	0 24 B	94ms 94ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvseQjSW_HZoq0olFexBUFoArvTfNXW_3hdNrAhFalzaNqug3g_be9FQrsG9BXFZQbwWacsa4jSXK9VFX9q-ybMpsrNS4mNu-XhNLkUxH6i5aMtPrgwEw1dtLI_c0H_PJfcxAc4rBK-ZxAVkliEsJIfNHgylkOkJ3s8LMyuYTKNPiE58sAg3Wv-X6o8nDNLVXuWZErsEOFWgi9swTPwoExNhKd9AIuzNXtD2eshz9FBqMip9Fdki57i1x24sSha-sjYAazJOqiCsGgfqASWEP6yJ1TU1Zcu5a3v9Wp5OWUHZbQnFNwMPBSeYR17CSQYf3WpT2fmiQ4OUf9mS5PFOZgyfhjgidRUnpGhqB1XpdR852m1-92nKwGVq8NcREarloURq6uTGy4qHfAIlqXe9MsU7ZHyxJ_KSSkl39epRnwSg6Z3s1_aloSTmZ6XicYzTrcQVWhx167V2OaaROVBGSRWxhewrYRtQSgS1vQ5Otwd32zZhPfGQMb8E_0RDy7AJZmyzXrmH92Fy-Jn78lDl-QHKTt98I1-YAyK22TbVznsmortmr8mF6514lMJLQLp9QanznZsz4O669hodKse-CW7XgR6lDhnw8uMHtyDMW5WkgLNhB7qX2_9mdEqMFnjvbapwGMcaX72Qm1LGsPqyt16LGrkDWIuAhBSLWUhpfxV6QCg0AvrT3YTE-AsRnDt9f_G5QgWwbfTtVrp5a5nFW7toJLxap8x6-UAKlN8_8osd_trlYj6KELYwrZrVc8ZWPGA4Qo08Q09QhSA-AfjQJP6Rgi7L6bCQ3QnOrHEDjV-W6BmfxDcAHiZvg_Q_a0aD4tn_PL307jLEL9hdCI4GC3wxYa1NZ9R9azKfUpTPZGAyorZIiYJW-DkWtFfmErKPxJxVYvMsDH2Za_-reMPRzdF6OusNaMy_rHXW-T_ele38kRRyX9KOeKErT9L69kAoKE5YCtBuEwVyxP2-cbt4SfrxxzFcgnJ0ZZtphJOHoxMMpfc4_yaOfHQwWeCR1X8CozbvkGOirz6yxcuuWsW4fls3VZSAB-liAeuli9j10mJJXw2jddOBB7mx6glu9446v2ZbJzGqDipo5uTNQevp4Os41nOKF9qLY7xCaY27R7oT27QvbBgclIfKEnAU256FtIKktXSctf4bHyzk72I95R8ClltFQjJFXkdiw_qy2X4f-AgKZ-p29vvHdWLutN7NjdLzmZO6HYqfcNhnrjaLiTDJravf1wbFPGd6t3cvvuxEKOM3nHFAsRftGh1hFhYwoyhTbGGkKDVmTIT2cMlK-NW6zxz8AF8jbsmhQ&sai=AMfl-YREsNglhf72WkeOeyPPIeNlOPrAjjH5IdXkwTCy-0aSJmPVbnlnPLTjBVn689c6s-ywp4aXabmmFCmzyEOYz-82mN2G_6sBygebzQBirFyZggS2H-3zf8EFkT0QZ0jV94QETtm0gy97CuKtPF53zqU6iJW4NQ&sig=Cg0ArKJSzJSvP4IAHeMPEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=725&cbvp=1&cstd=720&cisv=r20210601.88524&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Fri, 04 Jun 2021 18:20:23 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	ai.aspx m.exactag.com/ Frame CD14	43 B 947 B	140ms 44ms	Image image/gif	213.202.235.8 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extLi=25042747&extCr=130146487&extPm=292521147&gdpr_consent=CPHSFTuPHSFTuAKABBENAxCsAP_AAH_AAAAAGPtV_T9fb2vj-_Z999tkeY1f97y3t-wjhgeMs-8NyZeX_B4Wr2MyvBX4JiQKGRgEunLBAQdlHGFcTQgAwIkFiTLMYk2MizNKJrJEilMbM2dYGG1Pn8XTuZCY70-tP__zv3-f-334GPEEmCpfAQJCWMBJNmlEKYEIVxAVIOASghGEg0sNCRQU7A4CPUACABAYAAQIAQAgohJBAAIAAElEQAgAwIBUARAIAAQAjQEIACJAEFgBIGAQACoGhYARRBKBIQYHBUcogQFSLRQQAAAA.YAAAAAAAAAAA&gdpr=1 Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET P3P policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" Connection close X-ET-Monitoring 1 Content-Length 43 Pragma no-cache X-ET-Code 0 Last-Modified Fr, 04 Jun 2021 06:20:23 GMT Server Microsoft-IIS/8.5 Date Fri, 04 Jun 2021 18:20:23 GMT Access-Control-Max-Age 1000 Access-Control-Allow-Methods POST, GET, OPTIONS Content-Type image/gif Access-Control-Allow-Origin https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com Cache-Control private Access-Control-Allow-Credentials true X-ET-Camp 1711 Access-Control-Allow-Headers * Expires Mon, 26 Jul 1997 05:00:00 GMT
POST H2	200	node.php Show response node.setupad.com/node/ Frame F82E	0 208 B	41ms 41ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:23 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H/1.1	200 OK	dvbs_src_internal92.js Show response cdn.doubleverify.com/ Frame DE7F	60 KB 19 KB	9ms 9ms	Script application/javascript	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvbs_src_internal92.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4230020&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0g6Su8w3u5UCarJRZNGJ4ht&DVP_DBM_1=3060631&DVP_DBM_2=11817067&DVP_DBM_3=32228463&DVP_DBM_4=322451907&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1143429364715&turl=https://www.gool-sport.com/p/redirect.html&DVP_PP_BUNDLE_ID= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash e58c7574cfd80a0be2e2368f3313ab30ac688f14d078a367ed45ffc03b51bf71 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:23 GMT Content-Encoding gzip Last-Modified Mon, 31 May 2021 11:07:30 GMT Server Microsoft-IIS/10.0 ETag "05d525d56d71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080000 Connection keep-alive Accept-Ranges bytes Content-Length 19061
GET BLOB	200 OK	6c4a0d17-0723-43e8-a234-5257cf71182e https://s0.2mdn.net/ Frame 686F	6 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/6c4a0d17-0723-43e8-a234-5257cf71182e Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 87c161b2701b2efa2b6651fc7c5f2d159b8038b9f67b7a5ecaf5df441b751ddd Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 6572 Content-Type image/jpeg
GET H3-29	200	js-animation_da_DK_imageanimation.js Show response s0.2mdn.net/creatives/assets/3389262/ Frame 7041	65 KB 17 KB	7ms 7ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3389262/js-animation_da_DK_imageanimation.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 752238d3f9a98de5bcbffb363e97d13b8814f6c6b899c441bebec14e3189493c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=3nGPDramI2&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:14:26 GMT content-encoding gzip x-content-type-options nosniff age 357 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17622 x-xss-protection 0 last-modified Sun, 14 Mar 2021 21:58:53 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:26 GMT
GET DATA	200 OK	truncated / Frame 7041	14 KB 14 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 19ff70e284646d02fc1e21d6fc9f1bb2586cf2153807480af67b46b389c76ed6 Request headers Origin https://s0.2mdn.net Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
POST H2	200	node.php Show response node.setupad.com/node/ Frame F02E	0 208 B	42ms 42ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:23 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame F02E	11 KB 8 KB	34ms 34ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9627fa7b630d5491b310a0d98c0e6334f17bef42ddb941e26d77c4ed418c79f0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:23 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8190 x-xss-protection 0
GET H3-29	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame CD14	41 KB 15 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41207 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET H2	200	main.gr.19.8.206.js Show response static.adsafeprotected.com/ Frame CD14	183 KB 58 KB	51ms 51ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.206.js Requested by Host: pixel.adsafeprotected.com URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324082019&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:24 GMT content-encoding gzip last-modified Tue, 01 Jun 2021 22:03:45 GMT server nginx/1.16.1 etag W/"f4d80fb2c423b91d55077116728f6247" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET DATA	200 OK	truncated / Frame CD14	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b46a2f5cbbc95c7bf7b3de2ccc9396129c6e607c6ce79c9186fc89ffdf938698 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	200	160x600_G_WD_Corona.jpg Show response s0.2mdn.net/creatives/assets/2373736/ Frame A7D5	12 KB 12 KB	7ms 6ms	XHR image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2373736/160x600_G_WD_Corona.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eaa142614436b0ffd1f4e3ae186ff8e0bb691765c48e2e260c5278adddf5f301 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:08:01 GMT x-content-type-options nosniff last-modified Mon, 25 Jan 2021 16:42:10 GMT server sffe age 743 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11907 x-xss-protection 0 expires Fri, 04 Jun 2021 18:23:01 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 325E	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34742 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 4F57	14 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34742 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	728x90_G_WD_Corona.jpg Show response s0.2mdn.net/creatives/assets/2373736/ Frame A080	6 KB 6 KB	6ms 6ms	XHR image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2373736/728x90_G_WD_Corona.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87c161b2701b2efa2b6651fc7c5f2d159b8038b9f67b7a5ecaf5df441b751ddd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:11:18 GMT x-content-type-options nosniff last-modified Tue, 26 Jan 2021 10:25:48 GMT server sffe age 546 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6572 x-xss-protection 0 expires Fri, 04 Jun 2021 18:26:18 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 89FD	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4639 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame 3180	783 B 531 B	27ms 27ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash cf2675555c6d8e00fcafc5fb5aae2dfdb40c05f2f9bca901b61413d6bcf083d2 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-3ILrMILkz1SawDOoDJ2Lww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:24 GMT date Fri, 04 Jun 2021 18:20:24 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-3ILrMILkz1SawDOoDJ2Lww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 732E	22 KB 8 KB	6ms 5ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41205 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame F02E	17 KB 6 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:24 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:24 GMT
GET H3-29	200	Enabler_01_241.js Show response s0.2mdn.net/879366/ Frame 6F8C	107 KB 37 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_241.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7cdfd59d0748ea8674458b0c70ac670b5f5f973ddb26b37b2f99b64ddb7a2a06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 19:07:23 GMT content-encoding gzip x-content-type-options nosniff age 83581 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37392 x-xss-protection 0 last-modified Tue, 14 Jan 2020 17:33:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 19:07:23 GMT
GET H3-29	200	preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 6F8C	64 KB 16 KB	31ms 30ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:24 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16579 x-xss-protection 0 last-modified Mon, 12 Feb 2018 18:09:40 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:24 GMT
GET H3-29	200	tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 6F8C	112 KB 38 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:24 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38407 x-xss-protection 0 last-modified Wed, 04 Oct 2017 18:33:56 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:24 GMT
GET H3-29	200	da_DK_polite.js Show response s0.2mdn.net/creatives/assets/2377528/ Frame 6F8C	86 KB 27 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f4adbb04efcb4683d989d1bdf5ceb15ee481b444f2f1eadc19fb9fa4e5f339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:25 GMT content-encoding gzip x-content-type-options nosniff age 359 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27158 x-xss-protection 0 last-modified Sun, 14 Mar 2021 22:07:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:25 GMT
GET H2	200	sca.17.5.5.js Show response static.adsafeprotected.com/ Frame 117D	82 KB 21 KB	51ms 51ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.5.js Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:24 GMT content-encoding gzip last-modified Thu, 29 Apr 2021 15:29:23 GMT server nginx/1.16.1 age 2846553 etag W/"5356fa8b6073c3eb408487be61ef7d77" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	mon pixel.adsafeprotected.com/ Frame 8BBD	43 B 216 B	54ms 53ms	Image image/gif	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=925113&advId=1499151&campId=40197042&pubId=1&placementId=324081221&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/blog-page_6.html&adsafe_url=https%3A%2F%2Fwww.gool-sport.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.gool-sport.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:8e84a8f1-aab1-e175-3b2b-e7cf1310b949,c:eBb4OF,sl:na,em:true,fr:false,mn:app27ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:szokKEJ+1111%7C1112%7C1113%7C1114%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C153%7C154%7C16%7C1711%7C17121%7C17122%7C1713%7C1811%7C18121%7C18122%7C18123%7C1813%7C1814%7C1911%7C19121%7C19122%7C1913%7C1a11%7C1a121%7C1a122%7C1a1231%7C1a124%7C1a13%7C1a14%7C1a15%7C1b11%7C1b121%7C1b122%7C1b1231%7C1b124%7C1b13%7C1b14%7C1b15%7C1c%7C1d%7C1e11%7C1e121%7C1e122%7C1e123%7C1e124%7C1e13%7C1e141%7C1e15%7C1f%7C1g11%7C1g121%7C1g122%7C1g1231%7C1g124%7C1g13%7C1g14%7C1g15%7C1h11%7C1h121%7C1h122%7C1h123%7C1h124%7C1h13%7C1i%7C1j%7C1k1%7C1k2*.925113%7C1k21%7C1k22%7C1k23%7C1k3%7C1k4%7C1k5,idMap:1k2*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:761,oid:86697620-c561-11eb-8d84-02617d9e854e,v:19.8.206,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:24 GMT x-server-name app16.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	da_DK_imageanimation_G_WD_Corona_728x90.js Show response s0.2mdn.net/creatives/assets/2990350/ Frame 686F	39 KB 22 KB	11ms 6ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2990350/da_DK_imageanimation_G_WD_Corona_728x90.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27402eab1e42fcdc690b6b41d981d474c0d4f909b955822d8965e941d68fe93f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:08:55 GMT content-encoding gzip x-content-type-options nosniff age 689 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21985 x-xss-protection 0 last-modified Mon, 22 Mar 2021 17:13:31 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:23:55 GMT
GET H/1.1	200 OK	bst2tv3.html Show response cdn3.doubleverify.com/ Frame 0E32	1 KB 1 KB	22ms 6ms	Document text/html	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn3.doubleverify.com/bst2tv3.html Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal92.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558 Request headers Host cdn3.doubleverify.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ Response headers Content-Type text/html Content-Encoding gzip Last-Modified Tue, 02 Sep 2014 17:01:36 GMT Accept-Ranges bytes ETag "01818ecfc6cf1:0" Vary Accept-Encoding Server Microsoft-IIS/10.0 Content-Length 806 Cache-Control max-age=75612 Date Fri, 04 Jun 2021 18:20:24 GMT Connection keep-alive
GET H/1.1	200 OK	verify.js Show response rtb0.doubleverify.com/ Frame DE7F	2 KB 1 KB	117ms 43ms	Script text/javascript	213.254.244.26 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_460270123714&jsTagObjCallback=__tagObject_callback_460270123714&num=6&ctx=1828362&cmp=115845&plc=4230020&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=460270123714&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.60&dvpx_strhd=0.60&brid=0&brver=&bridua=3&dup=null&turl=https://www.gool-sport.com/p/redirect.html&srcurlD=2&ssl=1&refD=3&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0g6Su8w3u5UCarJRZNGJ4ht&DVP_DBM_1=3060631&DVP_DBM_2=11817067&DVP_DBM_3=32228463&DVP_DBM_4=322451907&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1143429364715&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=20&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=140&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETar9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETar9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETar9EEADTbpTauTau3%60_2b_ba2%60h3754f4g_72hcc%602f%60fa_%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETauATauC65%3AC64E%5D9E%3E%3D&dvp_exetime=14.20 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal92.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 0cffe2a61797e2aba8ce361b74a6e29534ea3c71c5c6c30301e309cf61117386 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache X-DV-Response 1 Content-Encoding gzip Server Microsoft-IIS/10.0 Date Fri, 04 Jun 2021 18:20:23 GMT Vary Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control max-age=0 Transfer-Encoding chunked Expires 6/3/2021 6:20:24 PM
GET H/1.1	200 OK	dv-match6.js Show response cdn.doubleverify.com/ Frame D74B	4 KB 2 KB	6ms 6ms	Script application/javascript	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dv-match6.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:24 GMT Content-Encoding gzip Last-Modified Sun, 11 Mar 2018 04:45:12 GMT Server Microsoft-IIS/10.0 X-Powered-By ASP.NET ETag "03c84bdf3b8d31:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=74761 Connection keep-alive Accept-Ranges bytes Content-Length 1935
GET H2	200	G_WD_Corona;strtype=2 ad.doubleclick.net/activity;src=6479513;pid=292521141;aid=485619494;ko=0;cid=130146484;rid=130127351;rv=3;stragg=1;&timestamp=1622830824297;str=LH/NULL/-1/NoOffer/ Frame AE04	42 B 537 B	188ms 82ms	Image image/gif	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;src=6479513;pid=292521141;aid=485619494;ko=0;cid=130146484;rid=130127351;rv=3;stragg=1;&timestamp=1622830824297;str=LH/NULL/-1/NoOffer/G_WD_Corona;strtype=2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame C99C	43 B 215 B	111ms 110ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=10a19026-9b45-a9a8-7b76-f92d5f6c1f4a&tv=%7Bc:eBb4Qq,pingTime:-10,time:2140,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622830824312%7C%7C9fc9063efdb2b15bb45cdb2c4d688907%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C866e5d44c14f2f7fd60f41f7558525f5%7C%7C4916bf19c1cb73a720e41deff5afdacc%7C%7C1e6216d0b330e127844767cc245ff1b5%7C%7C80f202259ac1e56bd5e3f319bed00a72%7C%7C3b8469fb102affd1a7f6e14bccb8fad1%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:24 GMT x-server-name dt66.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET BLOB	200 OK	31b06361-daec-408e-a1e1-c6e95891a390 https://s0.2mdn.net/ Frame A7D5	12 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/31b06361-daec-408e-a1e1-c6e95891a390 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash eaa142614436b0ffd1f4e3ae186ff8e0bb691765c48e2e260c5278adddf5f301 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 11907 Content-Type image/jpeg
GET H3-29	200	js-animation_da_DK_imageanimation.js Show response s0.2mdn.net/creatives/assets/3389262/ Frame 686F	65 KB 17 KB	6ms 6ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3389262/js-animation_da_DK_imageanimation.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 752238d3f9a98de5bcbffb363e97d13b8814f6c6b899c441bebec14e3189493c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=TdBGNWW3iG&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:14:26 GMT content-encoding gzip x-content-type-options nosniff age 358 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17622 x-xss-protection 0 last-modified Sun, 14 Mar 2021 21:58:53 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:26 GMT
GET H2	200	G_WD_Corona;strtype=2 ad.doubleclick.net/activity;src=6479513;pid=292521141;aid=485619494;ko=0;cid=130146484;rid=130127351;rv=3;stragg=1;&timestamp=1622830824467;str=LH/NULL/-1/NoOffer/ Frame BE94	42 B 107 B	61ms 60ms	Image image/gif	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;src=6479513;pid=292521141;aid=485619494;ko=0;cid=130146484;rid=130127351;rv=3;stragg=1;&timestamp=1622830824467;str=LH/NULL/-1/NoOffer/G_WD_Corona;strtype=2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 686F	14 KB 0		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Origin https://s0.2mdn.net Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 4621	22 KB 8 KB	8ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41205 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1767	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=3765649659820795&bg=!ZGelZyPNAAY6sG-_OrA7ACkAdvg8WiAwtSkyYlZOqweFyOzlVwY5mnin54IK98jEWBOmG_Jfg3_wGQIAAAcOUgAAARNoAQeZAop6CJcQmPxNIjodufSeLZDYG9VPeh6eZ0mAduVJxX02hOmYo_Oy2xwZddPqSLpCSJ6luYeTdwYtGM9Jsd2D41_dHs4qPEDqz2Hrb2ZTbwK1Za6DbEFr3qpF4O_0ZHuqXd6vhQsbuZOy4yXHKAhKE71udP7krXcS2gPsx1jLlwZheI5E5OkozPxE6CIulQ63iDtKdsMwIxgzdwY9s1jBDePC9_iQLpB-Km3wacjLoW3Z0bO2ErqPHv1mRbVfGDf1Pz9v1JfUOzUpy5kTwuhXhty9fFX1a0QXoH3Tzrvw2OgFRp17F2h5FpsP0upKdyzCEADKJH9ucl1Uva0EbFijyRtHyDiYOjXbH763uW7WHMvH6yXuoGdE09FWaCgKjWceAYnt3XIXJtWXA0EXgAE-KgZYFwEjSQcF13UWYlt6SeqcQhJmRCrQTEx-WNtUW2ObfqKAt8SsC0myG6vrPJuIS5oOIRvirjH2RimmVAxP9tbNyoWhDnRYxf9MGXJALutkpZhE1aZgF_z-uQikroxULSLpQKFHVN1a8CYaAh696evW23QqBYT0EgT-uD-3_xEKfmTxvaeDeZ6x8uOC3yfkz46zQRJaL8G_1hnaWtahjn0_jm9J3uumr7gZA5L7suYkD8zbQt7hPaLYrICWXEs4yX8V4SeMUZi6A5hwP9MAyKPP7QGiZlFptA1KUYw9YQ_F1I6KlPvN3qOczcKpVE0HLL5t36y9ko8G4hiNkGUz-kwNWxDkFF2oIdbFeq4_FewMw-bte1cFojHByQJUiHJRWrfHHg555-UI7NDZAjqayjf3RJpoJDsEaENKbCYlSitX9r1HDDUORa5x69nlLnYllv-QCzOGuZlaftBPhw Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 8BBD	43 B 215 B	113ms 112ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=8e84a8f1-aab1-e175-3b2b-e7cf1310b949&tv=%7Bc:eBb4UV,pingTime:-2,time:1148,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1764,beZ:1765,mfA:2474,cmA:2475,inA:2475,inZ:2477,prA:2477,prZ:2519,si:2525,poA:2525,poZ:2532,cmZ:2532,mfZ:2532,loA:2726,loZ:2728,ltA:2911,ltZ:2911,idA:2532,idZ:2586%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:728,h:90,t:760%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:1148,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:760,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B436~1%5D,as:%5B436~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:szokJZv+1111%7C1112%7C1113%7C1114%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C153%7C154%7C16%7C1711%7C17121%7C17122%7C1713%7C1811%7C18121%7C18122%7C18123%7C1813%7C1814%7C1911%7C19121%7C19122%7C1913%7C1a11%7C1a12.925113%7C1a121%7C1a122%7C1a1231%7C1a124%7C1a13%7C1a14%7C1a15%7C1b11%7C1b12.925113%7C1b121%7C1b122%7C1b1231%7C1b124%7C1b13%7C1b14%7C1b15%7C1c%7C1d%7C1e11%7C1e12.925113%7C1e121%7C1e122%7C1e123%7C1e124%7C1e13%7C1e141%7C1e15%7C1f%7C1g11%7C1g12.925113%7C1g121%7C1g122%7C1g1231%7C1g124%7C1g13%7C1g14%7C1g15%7C1h11%7C1h12.925113%7C1h121%7C1h122%7C1h123%7C1h124%7C1h13%7C1i%7C1j%7C1k1%7C1k2*.925113%7C1k21%7C1k22%7C1k23%7C1k3%7C1k4%7C1k5,idMap:1k2*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:385,readyFired:true%7D&br=u Requested by Host: a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com URL: https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:24 GMT x-server-name dt07.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	activeview pagead2.googlesyndication.com/pcs/ Frame 36CC	42 B 64 B	43ms 42ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhRxGrlRmXbjDv7GQjGeASJZktfbfGROuBnyP1_DendroSPzT9KBwRqAr7PRtssd2myB2NMjagBkg5qB6y_r7kitWoG5IirmPjKZMl9ijBSyJoTAINCjO0QVAL_wxzq5pXZ0gh4onSPcCz7DiK_kWc&sai=AMfl-YTDI1-IHkcrwVNf74kwWzHDcpfeyUq1dqUqnPlVNUd8azhv4LmT9FsudCqmi_VgH4N1Y2i_jrBPvYMnqvQmY4qOrePNoUTiXTVdkEcxnLp-pzl39xo4KzyApo06&sig=Cg0ArKJSzFcB_afCgXjQEAE&cid=CAASF-RocIYQBWLIiGdHvJZfdQfbbCe3VoTf&id=ampim&o=1016,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1174&mtos=0,0,1174,1174,1174&tos=0,0,1174,0,0&tfs=728&tls=1902&g=100&h=100&tt=1902&r=v&avms=ampa&adk=1942579207 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	Enabler_01_241.js Show response s0.2mdn.net/879366/ Frame F441	107 KB 37 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_241.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7cdfd59d0748ea8674458b0c70ac670b5f5f973ddb26b37b2f99b64ddb7a2a06 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 19:07:23 GMT content-encoding gzip x-content-type-options nosniff age 83581 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37392 x-xss-protection 0 last-modified Tue, 14 Jan 2020 17:33:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 19:07:23 GMT
GET H3-29	200	preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame F441	64 KB 16 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:24 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16579 x-xss-protection 0 last-modified Mon, 12 Feb 2018 18:09:40 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:24 GMT
GET H3-29	200	tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame F441	112 KB 38 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:24 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38407 x-xss-protection 0 last-modified Wed, 04 Oct 2017 18:33:56 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:20:24 GMT
GET H3-29	200	da_DK_polite.js Show response s0.2mdn.net/creatives/assets/2377528/ Frame F441	86 KB 27 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f4adbb04efcb4683d989d1bdf5ceb15ee481b444f2f1eadc19fb9fa4e5f339 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:25 GMT content-encoding gzip x-content-type-options nosniff age 359 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27158 x-xss-protection 0 last-modified Sun, 14 Mar 2021 22:07:32 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:25 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 8C61	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34742 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET BLOB	200 OK	855807fc-182a-49ed-9cb0-f5876caa2493 https://s0.2mdn.net/ Frame A080	6 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/855807fc-182a-49ed-9cb0-f5876caa2493 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 87c161b2701b2efa2b6651fc7c5f2d159b8038b9f67b7a5ecaf5df441b751ddd Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 6572 Content-Type image/jpeg
GET H2	200	sca.17.5.5.js Show response static.adsafeprotected.com/ Frame 0402	82 KB 21 KB	49ms 49ms	Script application/javascript	108.128.95.108 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.5.5.js Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.95.108 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.16.1 / Resource Hash 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:24 GMT content-encoding gzip last-modified Thu, 29 Apr 2021 15:29:23 GMT server nginx/1.16.1 age 2847926 etag W/"5356fa8b6073c3eb408487be61ef7d77" x-cache-status HIT vary Accept-Encoding content-type application/javascript cache-control max-age=315360000
GET H2	200	mon pixel.adsafeprotected.com/ Frame CD14	43 B 215 B	56ms 56ms	Image image/gif	52.18.175.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.adsafeprotected.com/mon?anId=925113&advId=1499151&campId=40197044&pubId=1&placementId=324082019&adsafe_par&bundleId=&dealId=&bidurl=https://www.gool-sport.com/p/redirect.html&adsafe_url=https%3A%2F%2Fwww.gool-sport.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.gool-sport.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&adsafe_type=d&adsafe_jsinfo=,id:466271dd-712a-4e92-0658-803301785a6e,c:eBb4WC,sl:na,em:true,fr:false,mn:app33ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:szokKO1+1111%7C1112%7C1113%7C1114%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C153%7C154%7C16%7C1711%7C17121%7C17122%7C17123%7C17124%7C1713%7C1811%7C18121%7C18122%7C18123%7C1813%7C1814%7C1911%7C1912*.925113%7C19121%7C19122%7C19123%7C1913%7C1a11%7C1a121%7C1a122%7C1a1231%7C1a124%7C1a13%7C1a14%7C1b11%7C1b121%7C1b122%7C1b1231%7C1b124%7C1b13%7C1b14%7C1b15%7C1c%7C1d%7C1e11%7C1e121%7C1e122%7C1e1231%7C1e124%7C1e13%7C1e141%7C1e15%7C1f%7C1g11%7C1g121%7C1g122%7C1g1231%7C1g124%7C1g13%7C1g14%7C1g15%7C1h11%7C1h121%7C1h122%7C1h123%7C1h124%7C1h13%7C1i%7C1j%7C1k1%7C1k21%7C1k22%7C1k23%7C1k24%7C1k3%7C1k41%7C1k5,idMap:1912*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:678,oid:86bc77f7-c561-11eb-bf84-06a409929697,v:19.8.206,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.18.175.198 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:24 GMT x-server-name app10.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame ABE2	12 KB 5 KB	7ms 7ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4639 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame A39F	783 B 534 B	30ms 30ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7dd929fe708c671d26028085502bce416aed77f268ed3903f6b49ffb0bc27626 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-FbKWz87HTZJNQ0AiOJMqyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:24 GMT date Fri, 04 Jun 2021 18:20:24 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-FbKWz87HTZJNQ0AiOJMqyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 515 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	dcmads.js Show response www.googletagservices.com/dcm/ Frame DE7F	8 KB 4 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/dcmads.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvbs_src_internal92.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85493520277050a4c5893aa7e2b289c1e0b14dcca894665ce2d9e741a258fb83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 17:21:59 GMT content-encoding gzip x-content-type-options nosniff age 3505 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3796 x-xss-protection 0 last-modified Fri, 04 Jun 2021 14:14:04 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Fri, 04 Jun 2021 18:21:59 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame 8BBD	0 23 B	89ms 89ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhiRpBHZP6p-Xi0AWmrpe0yZdM7i-fwWA_uAJct8cwAbwYJ4fOtBoyPEoWSs_iNxnNdw52hNE0lLQklS3gE_sHMwLYUZ62-dixwuXvrYzjQtqf583lH8w8DYaoUfWRo_7LSKLo63xpqWLdROxUc5QACZAZ9extShymnH4U83crO5T-ByJCl0XScLeMyD_Sep0ikeYEsvh-x3mPgquIq_NQlZx2WWR2MtwEq12kx0qZkXcDjQBA5Cwvh83rUN6hmkup0lTx-R-QsjHh8YPWv-VEiW6oR3Dna7XEe8ZB7aYpN2fxntuj9RPeV2ZMYvAx-NJtETbmPnLIRmq04JA4DWDjPzfyf3mb-V2ZzdFadHiOKWQ2TZtKXrfD0FCMuhXOviD1_M6tSgNoJ05UhMCiP73vL6JdZHSbQ-JyVWzz-T04aEPC1X9g2HoKEw9cAend54pvrZgTY8fTreJNXSLbuhzocu1onRkrDTw7OSRuEAokGAJPnH9y5w0RcBV3Vtpt0VYhHB-95bibJk-9q6lkP9iYREstwk8BBCUhDP192vrUMqFHJohg0LDEFQFaBBHwwX4sQhALYOzCfbantsD3vkcgLagCTzKdFsNX9cfYeaPz0RLFexWPaPGIiFcaW9_RqwKdzMW05U6MDMu9lhErq8Umt9zqOD4QMWgOC3QhlALocSw1hUzuF1NYn9yrQgKyHr2eo179a4iGVeNteQ7am46PvpXJu6ScrDHEpu6YfRXCoKoggOgIWrcrLdYX_sRfhJRA8RGheIjgMbTRbfhWB2WfwnGovyb8ZB-yKafdkxilJD_WmpBvrgEiaSOto1DTsncLD9p5VVd6442ZkESjENYYHsr36Zgp41SddqtZ6fG4LDy7gMsGTOFjGgzJKYYuxRKcSp2WkC7keQV6oYSyjbZG00CPRUQ0YqKdMqbdIv_0Di-5FPKl1pOniqTrfalyuGdZpUC2XCFJm-ORJVourSwS5arTuJEfcOIQg-kikri3Xrww4cZ6HtTT8IQHaVKnBcQgwzRel1-FiPDxQjJGc1srDBNuhZOR57RIk20Jp0ZuNWd0M6WL9ES6XmGSLZaBgzK6ngnTgmwhuH1o3I0e5kVOygY3fQMB1eynRuVxz_JslcEW9Fqovhgt2sSc6Tgw_-9gM8yzLknFUaRO2PtGao7GSgFGnghp-rjebYBsYAK971MMzWgh4QD9RI3Jfd08oIJFBAdKX7I1mhikAsG22vAsSwEG8gR9v9hK15t15YO96J_W-jYauflF1lkovm0MpFxkiRBfehE&sai=AMfl-YS6FYun10Aaidqy5W7LfTqAzy-48IEIXCqHepUS0yXU9hKm2iHYUK5gNgeiuxxuL32iBBNyaQ7zK4FeJ7QcN4K_DjeZV2pFgPj1edyB_4SjYc5_LyLchHuKBKzhvzRbO8PMv_uYHQi0FP84xhEb5ha3fRO5MA&sig=Cg0ArKJSzP9m9FALkVHpEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1939&vt=11&dtpt=1449&dett=3&cstd=486&cisv=r20210601.74443&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:24 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	da_DK_imageanimation_G_WD_Corona_160x600.js Show response s0.2mdn.net/creatives/assets/2990350/ Frame A7D5	38 KB 21 KB	7ms 7ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2990350/da_DK_imageanimation_G_WD_Corona_160x600.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash da9e3985f339d3c41d7707891e268072ad250afd749331b95dd3530fb9ce90ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:08:17 GMT content-encoding gzip x-content-type-options nosniff age 727 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21709 x-xss-protection 0 last-modified Mon, 22 Mar 2021 17:13:17 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:23:17 GMT
GET H/1.1	200 OK	bsevent.gif tps20518.doubleverify.com/ Frame DE7F	807 B 1 KB	114ms 35ms	Image image/gif	213.254.244.19 DOUBLE-VERIFY
General Check archive.org Show headers Download Go to Show image Full URL https://tps20518.doubleverify.com/bsevent.gif?impid=3227d6695d654c29871ecfa72019dafe&pltfrm=Linux%20x86_64&dvp_or1=1&cbust=1622830824801494 Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:24 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=0 Content-Length 860 Expires 6/3/2021 6:20:24 PM
GET H/1.1	200 OK	bsevent.gif tps20518.doubleverify.com/ Frame DE7F	807 B 1 KB	122ms 43ms	Image image/gif	213.254.244.19 DOUBLE-VERIFY
General Check archive.org Show headers Download Go to Show image Full URL https://tps20518.doubleverify.com/bsevent.gif?impid=3227d6695d654c29871ecfa72019dafe&dvp_or2=1&cbust=1622830824801946 Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:24 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=0 Content-Length 860 Expires 6/3/2021 6:20:24 PM
GET H3-29	200	da_DK_imageanimation_G_WD_Corona_728x90.js Show response s0.2mdn.net/creatives/assets/2990350/ Frame A080	39 KB 22 KB	6ms 6ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2990350/da_DK_imageanimation_G_WD_Corona_728x90.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27402eab1e42fcdc690b6b41d981d474c0d4f909b955822d8965e941d68fe93f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:08:55 GMT content-encoding gzip x-content-type-options nosniff age 689 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21985 x-xss-protection 0 last-modified Mon, 22 Mar 2021 17:13:31 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:23:55 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 02F2	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34742 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	G_WD_Corona;strtype=2 ad.doubleclick.net/activity;src=6479513;pid=292521141;aid=485619494;ko=0;cid=130146484;rid=130127351;rv=3;stragg=1;&timestamp=1622830824932;str=LH/NULL/-1/NoOffer/ Frame F343	42 B 63 B	308ms 240ms	Image image/gif	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;src=6479513;pid=292521141;aid=485619494;ko=0;cid=130146484;rid=130127351;rv=3;stragg=1;&timestamp=1622830824932;str=LH/NULL/-1/NoOffer/G_WD_Corona;strtype=2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	js-animation_da_DK_imageanimation.js Show response s0.2mdn.net/creatives/assets/3389262/ Frame A7D5	65 KB 17 KB	7ms 6ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3389262/js-animation_da_DK_imageanimation.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 752238d3f9a98de5bcbffb363e97d13b8814f6c6b899c441bebec14e3189493c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417278/20200309085139483/index.html?e=69&leftOffset=0&topOffset=0&c=OEVDZ35tjL&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:14:26 GMT content-encoding gzip x-content-type-options nosniff age 358 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17622 x-xss-protection 0 last-modified Sun, 14 Mar 2021 21:58:53 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:26 GMT
GET DATA	200 OK	truncated / Frame A7D5	14 KB 0		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Origin https://s0.2mdn.net Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	dt dt.adsafeprotected.com/ Frame CD14	43 B 215 B	110ms 109ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=466271dd-712a-4e92-0658-803301785a6e&tv=%7Bc:eBb528,pingTime:-2,time:1019,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2053,beZ:2054,mfA:2691,cmA:2691,inA:2691,inZ:2693,prA:2693,prZ:2726,si:2732,poA:2732,poZ:2737,cmZ:2737,mfZ:2737,loA:2875,loZ:2876,ltA:3072,ltZ:3072,idA:2738,idZ:2795%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:677%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:1019,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:677,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B381~1%5D,as:%5B381~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:szokJZv+1111%7C1112%7C1113%7C1114%7C12%7C13%7C14%7C151%7C1521%7C1522%7C1523%7C153%7C154%7C16%7C1711%7C17121%7C17122%7C17123%7C17124%7C1713%7C1811%7C18121%7C18122%7C18123%7C1813%7C1814%7C1911%7C1912*.925113%7C19121%7C19122%7C19123%7C1913%7C1a11%7C1a12.925113%7C1a121%7C1a122%7C1a1231%7C1a124%7C1a13%7C1a14%7C1b11%7C1b12.925113%7C1b121%7C1b122%7C1b1231%7C1b124%7C1b13%7C1b14%7C1b15%7C1c%7C1d%7C1e11%7C1e12.925113%7C1e121%7C1e122%7C1e1231%7C1e124%7C1e13%7C1e141%7C1e15%7C1f%7C1g11%7C1g12.925113%7C1g121%7C1g122%7C1g1231%7C1g124%7C1g13%7C1g14%7C1g15%7C1h11%7C1h12.925113%7C1h121%7C1h122%7C1h123%7C1h124%7C1h13%7C1i%7C1j%7C1k1%7C1k2.925113%7C1k21%7C1k22%7C1k23%7C1k24%7C1k3%7C1k41%7C1k5,idMap:1912*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:340,readyFired:true%7D&br=u Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:25 GMT x-server-name dt38.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7B91	0 58 B	76ms 76ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=2803438852225211&bg=!pKelp-PNAAY6sG-_OrA7ACkAdvg8WodsihOb3AOoe-ft6oB7Kjkkh6vGvE5ICj26Zipl-i1iL10DsAIAAAfMUgAAAYRoAQcKAMOYx-MELP0q6qghtpp1LO3j4QHtFhedeXfwPNTyd_INXQEX-BncjI82BysWnnlJDBkGFyG-7KTMRbO6bdrrbU6Xt26AkfTrYbzFbKfPLA7iR23KbbFll05sXqlRSWzP-TsoRzge_BJWVi9QDc5uSUFynPrc_tJ2-3LQysOu2yJhBcTsbltKs08gei01ktN0Re1aJpowLM3Lpa3MQ3gM5rENex6rQ9sZTIN0moekgQvIVmNvrETteC40xHUgAvIwV9Jw-j2ZAoVCuOoe_cta6pf9magTbjZOfNcE-Jrv933yJbPcqgE4j2aoe9Cwpn-xA4CKnlceSDszteUmIqDT4Tni8ZiAKtOaOftTNC-BdYNZKx9LsZtoTpZVngO7evfaJbk4PZKFuVeBqJQNbHPfRQ0uH6_12Qyv379L5qYuGTA7av_-TNUgYCDCA7AK6uc-QvCyAyLxg_cYafYnEuQKsXRR7PIsGrL0Sp_099k7ErrZ7NEUmemQKkEzhYDwWrlTE0UVZfiKHq6gssWjbm7kQyKwhxlsUx3UxCi_pWx5sc8vjUnx_FsJNzcvz4XunB0yAIXknXmBQJ1bp4x3dz_btCPpOW-AHr1HUXZAOesX5Ya3WhX-KVG1UeB6VtF_0EYziwSHFEdtRuUxS0EuwTJOoncUKCL2E2VtCIjxhmdAbTizZS2dW4bYz4b8BoHZkeJiW-iTJRARHt17Wi61Tx3Jm1EO_2AoFB2gFAIM3bssaw-YgEnaZWcorS89M6bqDpv5i3wK8Xjg_VC_SMvhV6z-ei1RaNrZg0y1_H977lwJw0UijRKq8h88kp4Vtnfa_Fd-y08XuvaLtSTpiI0twmWqhWcGD_mvypihF9cL2OfaeJZ1uEC4rOxI64HGtoWfi8sYLafV5_DvwHYtlP9NePwZTAFx4U5yNr1a88GkfT7xfm73PWqMC0KUMmMGbUD2H41ZF0LLZZMAqdAK7GbeDPBVWIgtzcnJBh3CDKo6Qe2aQOASs7KNm7ZlEQFPsxP67RNviJ9tsiN2bSImlc6kLd_VZDvB8BTjF0Er7QZvlKiNlw0BMekUEl_MpVENU1TiKzDXqhjoHZIsFhYmWVr0zT0HOTFHZ3hxYJGljr_cBOM Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js-animation_da_DK_imageanimation.js Show response s0.2mdn.net/creatives/assets/3389262/ Frame A080	65 KB 18 KB	43ms 6ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3389262/js-animation_da_DK_imageanimation.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 752238d3f9a98de5bcbffb363e97d13b8814f6c6b899c441bebec14e3189493c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=w3K8WOvlFS&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:14:26 GMT content-encoding gzip x-content-type-options nosniff age 359 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17622 x-xss-protection 0 last-modified Sun, 14 Mar 2021 21:58:53 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:26 GMT
GET DATA	200 OK	truncated / Frame A080	14 KB 0		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Origin https://s0.2mdn.net Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
POST H2	200	node.php Show response node.setupad.com/node/ Frame 6577	0 208 B	43ms 43ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:25 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H2	200	dt dt.adsafeprotected.com/ Frame 8BBD	43 B 215 B	112ms 111ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=8e84a8f1-aab1-e175-3b2b-e7cf1310b949&tv=%7Bc:eBb58r,pingTime:-10,time:1986,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622830825429%7C%7Cbfd8a1ad9361e9952671e489ef87712b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cbda5311175173fcfbd54c9bc6e41f2ac%7C%7Ccbe7d4c17eb0c48ad4593b5f84a75a2e%7C%7Cf54ae41ccda89ac8dbe66fa405d03143%7C%7Cad6f843abbc71ef8ea56c2a7b15ec9af%7C%7Cc81d6bd7bb2eb55f10809c2c9e0e37b3%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:25 GMT x-server-name dt10.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H2	200	impl_v73.js Show response www.googletagservices.com/dcm/ Frame DE7F	36 KB 15 KB	9ms 9ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/dcm/impl_v73.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/dcmads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5b3e2cf988f8740842a124c2812f5b9dd9d1c6aa7b2aaeb4247ce73e313a22d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 02 Jun 2021 18:05:54 GMT content-encoding gzip x-content-type-options nosniff age 173671 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15487 x-xss-protection 0 last-modified Wed, 02 Jun 2021 17:36:38 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 02 Jun 2022 18:05:54 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 732E	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34743 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	728x90_G_WD_Corona.jpg Show response s0.2mdn.net/creatives/assets/2373736/ Frame 6F8C	6 KB 6 KB	6ms 6ms	XHR image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2373736/728x90_G_WD_Corona.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87c161b2701b2efa2b6651fc7c5f2d159b8038b9f67b7a5ecaf5df441b751ddd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:11:18 GMT x-content-type-options nosniff last-modified Tue, 26 Jan 2021 10:25:48 GMT server sffe age 547 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6572 x-xss-protection 0 expires Fri, 04 Jun 2021 18:26:18 GMT
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame CD14	0 60 B	77ms 77ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvseQjSW_HZoq0olFexBUFoArvTfNXW_3hdNrAhFalzaNqug3g_be9FQrsG9BXFZQbwWacsa4jSXK9VFX9q-ybMpsrNS4mNu-XhNLkUxH6i5aMtPrgwEw1dtLI_c0H_PJfcxAc4rBK-ZxAVkliEsJIfNHgylkOkJ3s8LMyuYTKNPiE58sAg3Wv-X6o8nDNLVXuWZErsEOFWgi9swTPwoExNhKd9AIuzNXtD2eshz9FBqMip9Fdki57i1x24sSha-sjYAazJOqiCsGgfqASWEP6yJ1TU1Zcu5a3v9Wp5OWUHZbQnFNwMPBSeYR17CSQYf3WpT2fmiQ4OUf9mS5PFOZgyfhjgidRUnpGhqB1XpdR852m1-92nKwGVq8NcREarloURq6uTGy4qHfAIlqXe9MsU7ZHyxJ_KSSkl39epRnwSg6Z3s1_aloSTmZ6XicYzTrcQVWhx167V2OaaROVBGSRWxhewrYRtQSgS1vQ5Otwd32zZhPfGQMb8E_0RDy7AJZmyzXrmH92Fy-Jn78lDl-QHKTt98I1-YAyK22TbVznsmortmr8mF6514lMJLQLp9QanznZsz4O669hodKse-CW7XgR6lDhnw8uMHtyDMW5WkgLNhB7qX2_9mdEqMFnjvbapwGMcaX72Qm1LGsPqyt16LGrkDWIuAhBSLWUhpfxV6QCg0AvrT3YTE-AsRnDt9f_G5QgWwbfTtVrp5a5nFW7toJLxap8x6-UAKlN8_8osd_trlYj6KELYwrZrVc8ZWPGA4Qo08Q09QhSA-AfjQJP6Rgi7L6bCQ3QnOrHEDjV-W6BmfxDcAHiZvg_Q_a0aD4tn_PL307jLEL9hdCI4GC3wxYa1NZ9R9azKfUpTPZGAyorZIiYJW-DkWtFfmErKPxJxVYvMsDH2Za_-reMPRzdF6OusNaMy_rHXW-T_ele38kRRyX9KOeKErT9L69kAoKE5YCtBuEwVyxP2-cbt4SfrxxzFcgnJ0ZZtphJOHoxMMpfc4_yaOfHQwWeCR1X8CozbvkGOirz6yxcuuWsW4fls3VZSAB-liAeuli9j10mJJXw2jddOBB7mx6glu9446v2ZbJzGqDipo5uTNQevp4Os41nOKF9qLY7xCaY27R7oT27QvbBgclIfKEnAU256FtIKktXSctf4bHyzk72I95R8ClltFQjJFXkdiw_qy2X4f-AgKZ-p29vvHdWLutN7NjdLzmZO6HYqfcNhnrjaLiTDJravf1wbFPGd6t3cvvuxEKOM3nHFAsRftGh1hFhYwoyhTbGGkKDVmTIT2cMlK-NW6zxz8AF8jbsmhQ&sai=AMfl-YREsNglhf72WkeOeyPPIeNlOPrAjjH5IdXkwTCy-0aSJmPVbnlnPLTjBVn689c6s-ywp4aXabmmFCmzyEOYz-82mN2G_6sBygebzQBirFyZggS2H-3zf8EFkT0QZ0jV94QETtm0gy97CuKtPF53zqU6iJW4NQ&sig=Cg0ArKJSzJSvP4IAHeMPEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2446&vt=11&dtpt=1721&dett=3&cstd=720&cisv=r20210601.88524&adurl= Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:25 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	G_WD_Corona;strtype=2 ad.doubleclick.net/activity;src=6479513;pid=292521135;aid=485922135;ko=0;cid=130146205;rid=130127972;rv=3;stragg=1;&timestamp=1622830825634;str=LH/NULL/-1/NoOffer/ Frame DE48	42 B 63 B	77ms 75ms	Image image/gif	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;src=6479513;pid=292521135;aid=485922135;ko=0;cid=130146205;rid=130127972;rv=3;stragg=1;&timestamp=1622830825634;str=LH/NULL/-1/NoOffer/G_WD_Corona;strtype=2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame CD14	43 B 215 B	112ms 111ms	Image image/gif	3.215.227.57 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=925113&asId=466271dd-712a-4e92-0658-803301785a6e&tv=%7Bc:eBb5ci,pingTime:-10,time:1649,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1622830822494%7C%7Cd4337beb289b1b0dc91fd2feb54504f9%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cf9901be23595895c50e013082399e9f6%7C%7C38fa8aabec0e85a8a11a227ffff11899%7C%7C5d71a8679de3c3493637cab3205314ae%7C%7Cac6d865a9c82bded53aa0ca5254529e8%7C%7Cdf30617f6092bae8df552ec833a6fd91%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,sca:%7Bspg:e39bf9d7-563b-6e16-7914-ad60be97eb74%7D%7D Requested by Host: 4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com URL: https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.215.227.57 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:25 GMT x-server-name dt35.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" cache-control no-cache content-type image/gif content-length 43 server nginx
GET H3-29	200	B10224936.280232945;dc_ver=73.213;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3529464941;ord=gqlt4i;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fwww.gool-sport... Show response ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame DE7F	34 KB 17 KB	91ms 90ms	Script text/javascript	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=73.213;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3529464941;ord=gqlt4i;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fwww.gool-sport.com$2,,https%3A%2F%2Fwww.gool-sport.com%2F$0;xdt=1;crlt=dy-Xe0DKYU;osda=2;sttr=275;prcl=s Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/dcm/impl_v73.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash d2e110fe4dd0cba3a690b1c983dc88a053a6d7eda114380b073ee4d78b08955d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:25 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17264 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	G_WD_Corona;strtype=2 ad.doubleclick.net/activity;src=6479513;pid=292521141;aid=485619494;ko=0;cid=130146484;rid=130127351;rv=3;stragg=1;&timestamp=1622830825766;str=LH/NULL/-1/NoOffer/ Frame C99C	42 B 63 B	77ms 77ms	Image image/gif	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;src=6479513;pid=292521141;aid=485619494;ko=0;cid=130146484;rid=130127351;rv=3;stragg=1;&timestamp=1622830825766;str=LH/NULL/-1/NoOffer/G_WD_Corona;strtype=2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 89FD	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34743 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1DAF	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgguX5G66YIycCImM7_UPpPiD0A0AAAAAOAHgBAI&bg=!9vWl9bHNAAY6sG-_OrA7ACkAdvg8WjNjZDhHV2Qt05WkcHQ9buYWDm_KqGRuO528PYKEZxPIVrX9eAIAAAleUgAAAP5oAQeZAs6gUtVn9qWJ2HX8KxFjADNSBBdLui9y2f8vgdAU_0ucGxndLzvpfKGjjcNBXH5L8afZUULotijysD404RZhjp6uS_vqkx4NYaHAxQuaQDDIMbYxBCx2LwGmNPsKDDj1BwET3q-oUbm_H12hMsN3igf9bW-rJkW7PvI_3oZbQXl1UoOaZQ1MYB5412GqgUWlHeo-Umk86X05WZS6nm9pUuGtRQTQZJwmUaub0OSOaJA9g-1KoZPf91zhew3efraHyA90_LjbNmQLUQry8fUPhtqke8BfVNu5gK5c-x5UgJfilv7whPHjnHYA9fBtPe1VAr0uqQtXe_p4gDFIgcASekfTQBoTBO9YgIJ4ppbX85_CL_gkBgsgV_T5L1kFcLqMXXpIlyJy47CnezN7PW2qSf6oHyjvTZfzP5VXt6Ty9yqV48wFBxIaR2rjqN2HmGOMUqwI1Jtu4_1cE_dY6KyXK9wCIv6_i6va8SGBoiCzDkbE_CCUlT_K5SYZMDbr2AT7VT7tEeW8uJrlWd8NW5gBYTtu_ebp3TcD62JnIzqHZhKX82ee-1D-17rEyVc-MR3ne9jf5MyhFZ9gRtE1LB74tKJL9xur7P9R0EZ8YiNeM6o8rlSTGSOI-ToUbnNhctzPkbVEWkkCI8pC6AY11SSELTkT2vFMdKHvt9iZvGPM3y8UiYNc49QVqta-hr1EO3EoQo31Ilg816OTXcqOirFJz-5wDABd7ncaHGwLV1FWK1QdEDq1RTwfI8U9gdvfHtYajerJCeeNjC-ggm8H0Mwaz643SKImojKPonBlobbfE2Ndiwn3MWYcwHyM8p18r01SF49yiNxE96B3POl8DD98IZwm-CQyHhjDP9ydMy8e8WoAfTI80ibo-0P1jkWsZax2IQdauo_eZrhKJYZs5uQ40LAu4MnISjrRDkANltxfQ40KK_mAeaB_yW0R37nNzk2p Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 4621	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34743 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F82E	0 20 B	40ms 40ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=525773756496275&bg=!_v2l_bnNAAY6sG-_OrA7ACkAdvg8Wms2KdUILSKLV-9Ry21J3svsNrgw3YO34x998aGJlLZBgXHSogIAAAhNUgAAAWFoAQcKABBeg6arQ0isk7e4YTEr3Mm5mQJ32LXsz8TzE9Fe65f5S4v6yyTTrWCtGzahB05ZtUXbRzYVs--Cf7BcqwMqJuUST5vp-mcs7GzniA5RJniqIvfUZSNhiW_iFrZ8pP4uHThso2hWNz4Kv2TJry5wjA3pMrfN9YBqxDAQm9COlwLqxunp4-iaQLwzvIvvMJB9cbG47X1-xBxc3P4BtIEz7D2SG5HjFBEeyM9M9KY7msufzz8_Jk9m8yNcPh3Js89yC-03tHBVD2SJPRV-YeR9AhxpxCQ0S8BY3phlvSpmseSbtHIMPVpghMhLYFfx8zUdq6JEnP7fcUXbDVzrUll06y4ozDjxqNASYIlMnN8QSpedcsgQedlvIs4cnhvAAGPz7h2BIL9SwiTFp8-dvbmw9QC9dNi-2Ln00YU_lvZOMCqymiQHWPdkxylDgfEHR2pDaO4JDyOXcOCe1S_F8cG-zH_FTkKySrPgrcq6herAamKAs28zoPl1OoqvMNdwjpNTlSCcGZmikS_au3Txj5tQtkJnINMBLIOud266W9QJHRlTdSoc_BKeHLcQHBf7Btbjzw19g9HTwQy9KM0dvJn5CzzaQy1Kv1-U3cVS71nxgo1KOt79EuniwqNcTwfsCurfa6SZK9uXaQdB_e1qvp6h2An9-hk6P9uJrHaKhHi-zmX1soLn6MF83pANAp-87rL5mIvW-9LdwhiI6owuVMQgW10uedGE6wBvprKGJ8wV7JHeCvW9Gj2BewCv7j3wocegymQ5Ie7IDqGMIP6Y5Vy6_mnEK3GOgCb3STgyixoUciHzlkV9iayXsiwdP4WHrldAlYEq3LKWqiJn4rvVpE44Xz0SrVRmJbD4LONkDA Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:25 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	7b1a18df-85eb-43a3-854c-05a789576d82 https://s0.2mdn.net/ Frame 6F8C	6 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/7b1a18df-85eb-43a3-854c-05a789576d82 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 87c161b2701b2efa2b6651fc7c5f2d159b8038b9f67b7a5ecaf5df441b751ddd Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 6572 Content-Type image/jpeg
POST H2	200	node.php Show response node.setupad.com/node/ Frame 893F	0 208 B	45ms 45ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:25 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 893F	10 KB 8 KB	34ms 33ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6a8a66c08a3dd56085ebddb8ff6fa4426ba924c23e446b881e53d8d3ed973cb3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7761 x-xss-protection 0
GET H3-29	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/ Frame DE7F	8 KB 3 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210601/r20110914/elements/html/omrhp.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=73.213;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3529464941;ord=gqlt4i;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fwww.gool-sport.com$2,,https%3A%2F%2Fwww.gool-sport.com%2F$0;xdt=1;crlt=dy-Xe0DKYU;osda=2;sttr=275;prcl=s Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:14:43 GMT content-encoding gzip x-content-type-options nosniff age 343 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3124 x-xss-protection 0 server cafe etag 4537136162986801320 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 18 Jun 2021 18:14:43 GMT
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame DE7F	0 23 B	90ms 90ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUw_GVZgXC92o_HV2sA6f3nW8MCfFfiKrPeVml83RJeIHgsFh99vNYfBsw6TUUFvYdRQLiA_7e0G5tW73YS_DW73wqsZPhPp0FUaULRlO4hoKYS6curPjpSC14UlcoJw&sig=Cg0ArKJSzJ2xDCAU2xY7EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210601.33629&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=73.213;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3529464941;ord=gqlt4i;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fwww.gool-sport.com$2,,https%3A%2F%2Fwww.gool-sport.com%2F$0;xdt=1;crlt=dy-Xe0DKYU;osda=2;sttr=275;prcl=s Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	200 OK	dvtp_src.js Show response cdn.doubleverify.com/ Frame DE7F	7 KB 3 KB	7ms 7ms	Script application/javascript	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=10224936&sid=2641434&plc=280232945&num=&adid=&advid=2276943&adsrv=1&btreg=315303753&btadsrv=doubleclick&crt=117630481&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=73.213;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3529464941;ord=gqlt4i;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fwww.gool-sport.com$2,,https%3A%2F%2Fwww.gool-sport.com%2F$0;xdt=1;crlt=dy-Xe0DKYU;osda=2;sttr=275;prcl=s Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash b7f66a926061e968da66d7fb4d87e45c24dc934a20ff0abfa636a1b3ecd91cec Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:26 GMT Content-Encoding gzip Last-Modified Thu, 03 Jun 2021 13:21:45 GMT Server Microsoft-IIS/10.0 ETag "80ba39667b58d71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 3195
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame DE7F	41 KB 15 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=73.213;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3529464941;ord=gqlt4i;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fwww.gool-sport.com$2,,https%3A%2F%2Fwww.gool-sport.com%2F$0;xdt=1;crlt=dy-Xe0DKYU;osda=2;sttr=275;prcl=s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 06:53:37 GMT content-encoding gzip x-content-type-options nosniff age 41209 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 04 Jun 2022 06:53:37 GMT
GET H3-29	200	adc_HUN_EndHungerStory_300x250_static_Evergreen.jpg s0.2mdn.net/2276943/ Frame DE7F	60 KB 60 KB	8ms 8ms	Image image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/2276943/adc_HUN_EndHungerStory_300x250_static_Evergreen.jpg Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5277325d5b271b5c4e2386adf6a74b7a9671a58c6c271053247ba01579776cac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 23:55:05 GMT x-content-type-options nosniff last-modified Wed, 12 Jun 2019 18:22:57 GMT server sffe age 66321 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61905 x-xss-protection 0 expires Fri, 04 Jun 2021 23:55:05 GMT
GET H3-29	200	300x250_G_WD_Corona.jpg Show response s0.2mdn.net/creatives/assets/2373736/ Frame F441	11 KB 12 KB	7ms 6ms	XHR image/jpeg	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2373736/300x250_G_WD_Corona.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5703ccf7619fda8e00649dbc5a11d3903cde59962a53fa23957f188ee7459a9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:18:22 GMT x-content-type-options nosniff last-modified Mon, 25 Jan 2021 16:42:29 GMT server sffe age 124 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11771 x-xss-protection 0 expires Fri, 04 Jun 2021 18:33:22 GMT
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 893F	17 KB 6 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061368 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:26 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:26 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame ABE2	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34744 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
POST H2	204	collect www.google-analytics.com/g/	0 54 B	26ms 26ms	Ping text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-S2E9JBMKHP&gtm=2oe621&_p=1502127620&sr=1600x1200&ul=en-us&cid=1904851795.1622830818&_s=2&dl=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fredirect.html&dr=https%3A%2F%2Fwww.gool-sport.com%2Fp%2Fblog-page_6.html%3F%26url%3Dhttp%3A%2F%2Fkooza.club%2Fkp4cUWq&dt=%D8%A7%D9%84%D8%B1%D8%A7%D8%A8%D8%B7%20%D9%82%D9%8A%D8%AF%20%D8%A7%D9%84%D8%AA%D8%AC%D9%87%D9%8A%D8%B2&sid=1622830817&sct=1&seg=1&en=page_view&_et=3234 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-S2E9JBMKHP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:26 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.gool-sport.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame DE7F	121 KB 37 KB	28ms 28ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com URL: https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85e1be533dbdd83a22910cbee29a4d1f49d3e8d201f5f480517ecfd6bd282965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:26 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1622656031336809" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37735 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:26 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B5F4	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Byfn-5G66YNuUGfCN7_UPtPWHyA8AAAAAOAHgBAI&bg=!f3ylfDjNAAY6sG-_OrA7ACkAdvg8Wo4IsZzIwFVs_fnDWERVohDv-TaZwYQgvfc4VYpRMaUKa2pywgIAAAj6UgAAAShoAQeZAtn02DAM7y5MjV1SKTv-7iKCj4F0CVrrWAZgx8y9zCvlpJ8QbSB50jyPQzDvIwf-vnFoF43HYgfdcF3e6087jKlADiwcIi-ScXtibLdths77Zn8-xWxza-OtJsmWirJnPYOI8ZfdkQW0m4k6vkDhCH7Y7I6HG46BEuv4yr8qL-4tUOOZ56OUBfJAXylEtj4SxR0k_5BUYSsKY_YTHkee1oS5wCBgOyH0RZXi1dGKOY_X8cvAH7AOZyw8iRZq8x4b_GhmpBzaoD1SgK92WPkMP7GvE_2kNyI8iwvVjRwYObxSv8VKh_ZI7eLQMwaRoTsMNxM72-DZpXMULnAKdpcJJCEeDhMiiHPrUX-zhU7LvRTWN2iN9Uel_r2c9B59ixMn8jv33ZaU15AcWQT5ZCCLcOsCKlkBmxzrMzgZWLauiuutHkKJGFs3nhhd5IYAJ_1BQKV1--ybzaTeC-RwX-qxeCChwvU8Hzg0bXHPdbOsZ0AZfoRstFSZzxtLtNYZKjG0YEkzlx95ythkU7bAxLyWJQ1N1ePuNBCZIIfH7qZMUghfe6hUBw48a-bWx5rfnlcUhT-hW7mYZifFDwYYThj7Bu0UDSW6vRsozEg33wjDladcjaPLuDhd7MCD7aar7cAMztFp7VB9prWVVX87aQ3HUL6QG8igpuCjgorwfD3u9IuX41Zuvvu_WUo95mP6tHgzhkkl_GN9WNkcHARz78jFY2TTAo2P2pbyS2DUxVGclSIgWq-oBrh8cqnzcJsPV7Oc6y6crkE_YUtIQZbXi69V6MEsBrWaGaktScAsLJVZoJC3l2IxDYi4cAppySA0QACGAVDI9XVwWAphwDaNdf_jUH-pTivKbQUvQ5T4QHi867epYdsryTQiut0TaByMc079I-1jBAdltLJqhiYT4ukIBkm-MnnNxsumRI9gAwGXiCH3aLXk4JOThDXJYD6rViLdgaryF9o-WA7yeMk Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	da_DK_imageanimation_G_WD_Corona_728x90.js Show response s0.2mdn.net/creatives/assets/2990350/ Frame 6F8C	39 KB 22 KB	7ms 7ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2990350/da_DK_imageanimation_G_WD_Corona_728x90.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27402eab1e42fcdc690b6b41d981d474c0d4f909b955822d8965e941d68fe93f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:08:55 GMT content-encoding gzip x-content-type-options nosniff age 691 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21985 x-xss-protection 0 last-modified Mon, 22 Mar 2021 17:13:31 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:23:55 GMT
GET H/1.1	200 OK	dv-omid.js Show response cdn.doubleverify.com/ Frame DE7F	27 KB 6 KB	7ms 6ms	Script application/javascript	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dv-omid.js Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0g6Su8w3u5UCarJRZNGJ4ht&DVP_DBM_1=3060631&DVP_DBM_2=11817067&DVP_DBM_3=32228463&DVP_DBM_4=322451907&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1143429364715&turl=https://www.gool-sport.com/p/redirect.html&DVP_PP_BUNDLE_ID= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 2ccb0e5d42e6167ccc065c9ab67c61e72a34bba3df465c678ec8dbc5b957f241 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:26 GMT Content-Encoding gzip Last-Modified Mon, 26 Apr 2021 11:53:50 GMT Server Microsoft-IIS/10.0 ETag "01b62d2923ad71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=75074 Connection keep-alive Accept-Ranges bytes Content-Length 6284
GET H/1.1	200 OK	dv-measurements1421.js Show response cdn.doubleverify.com/ Frame 33C2	483 KB 87 KB	7ms 7ms	Script application/javascript	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dv-measurements1421.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash f8bd3352da23102cdf6b4f8793b24fa55f2eae7638caa7c3821437dfc4b9d8bb Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:26 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 09:53:31 GMT Server Microsoft-IIS/10.0 ETag "80dfce249557d71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080900 Connection keep-alive Accept-Ranges bytes Content-Length 88590
POST H3-29	200	view googleads4.g.doubleclick.net/pcs/ Frame DE7F	0 23 B	92ms 92ms	Ping image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvUw_GVZgXC92o_HV2sA6f3nW8MCfFfiKrPeVml83RJeIHgsFh99vNYfBsw6TUUFvYdRQLiA_7e0G5tW73YS_DW73wqsZPhPp0FUaULRlO4hoKYS6curPjpSC14UlcoJw&sig=Cg0ArKJSzJ2xDCAU2xY7EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=268&vt=11&dtpt=267&dett=2&cstd=0&cisv=r20210601.33629&adurl= Requested by Host: ad.doubleclick.net URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B10224936.280232945;dc_ver=73.213;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=3529464941;ord=gqlt4i;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=3,https%3A%2F%2Fwww.gool-sport.com$2,,https%3A%2F%2Fwww.gool-sport.com%2F$0;xdt=1;crlt=dy-Xe0DKYU;osda=2;sttr=275;prcl=s Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3-29	200	js-animation_da_DK_imageanimation.js Show response s0.2mdn.net/creatives/assets/3389262/ Frame 6F8C	65 KB 17 KB	11ms 9ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3389262/js-animation_da_DK_imageanimation.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 752238d3f9a98de5bcbffb363e97d13b8814f6c6b899c441bebec14e3189493c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61417287/20200309085141839/index.html?e=69&leftOffset=0&topOffset=0&c=Z1DXimCjuP&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:14:26 GMT content-encoding gzip x-content-type-options nosniff age 360 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17622 x-xss-protection 0 last-modified Sun, 14 Mar 2021 21:58:53 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:26 GMT
GET BLOB	200 OK	f2054160-9f60-4a8a-bf19-88924770166a https://s0.2mdn.net/ Frame F441	11 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL blob:https://s0.2mdn.net/f2054160-9f60-4a8a-bf19-88924770166a Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 5703ccf7619fda8e00649dbc5a11d3903cde59962a53fa23957f188ee7459a9d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 11771 Content-Type image/jpeg
GET H/1.1	200 OK	dv-measurements1421.js Show response cdn.doubleverify.com/ Frame C5A4	483 KB 87 KB	7ms 7ms	Script application/javascript	2a02:26f0:6c00:286::4469 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.doubleverify.com/dv-measurements1421.js Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/blog-page_6.html?&url=http://kooza.club/kp4cUWq Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash f8bd3352da23102cdf6b4f8793b24fa55f2eae7638caa7c3821437dfc4b9d8bb Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 04 Jun 2021 18:20:26 GMT Content-Encoding gzip Last-Modified Wed, 02 Jun 2021 09:53:31 GMT Server Microsoft-IIS/10.0 ETag "80dfce249557d71:0" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=946080900 Connection keep-alive Accept-Ranges bytes Content-Length 88590
GET H3-29	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame BDFD	22 KB 8 KB	7ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin timing-allow-origin * content-length 8395 date Fri, 04 Jun 2021 06:53:39 GMT expires Sat, 04 Jun 2022 06:53:39 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 41207 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated / Frame 6F8C	14 KB 0		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Origin https://s0.2mdn.net Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 8BBD	42 B 64 B	30ms 29ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlrgSaubyTa8-8xt1ixXLahfbT8IUi8QWoUwIe7shCkn9mstPNqtNi_jPsyJJNVCDHklvxKhXV4ReqOetbdfGtmBXt4VWTLs8b4RTXU2EHxbATSlhr1HKz6cEFeg&sai=AMfl-YQvqMr96Gcwo8Bbw9TbsndfI68o39lFY09Q1AMg3hkqiDHfEYQ99I97V1nTzaE8G2GyRHE5vpFkQ56AQdnZnjN49wS3aSv1SBaT9EZ1k2_mEpFGO5NxHpRHGzs&sig=Cg0ArKJSzMywqhOj43p1EAE&cid=CAASEuRoLv-BQgwyfZjn6J-yxQ9dSA&id=lidar2&mcvt=1087&p=36,436,126,1164&mtos=1087,1087,1087,1087,1087&tos=1087,0,0,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2121488992&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622830821684&dlt=150&rpt=1995&isd=0&msd=0&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame DE7F	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 60f86b74964e21d5f2e46775b13a61dae814a30b601fc54e271085835e72a0d3 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame EBFC	0 20 B	41ms 40ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0DDL5G66YKOVNMqArATVtp34CAAAAAA4AeAEAg&bg=!BwSlBEDNAAY6sG-_OrA7ACkAdvg8WiHOM8QHh56qPDLKq0KEr39vUg_uwHwn7oy93j-wnPmqL7_QIQIAAAesUgAAAR1oAQcKAAQV-cijmQLNTt0MI4dbPdG9mCns7AVHAzhBlQuw6p_ciR_W_6BVRkKTY-8bf83dsC8Zr3J_lc4FrtpiwXYQ2v7apqWqKqWuchY2GrQLtGWPAdE607g7WhwVgMfytExkZPI209g8HWV4lkYGVu7h5AITANqPQb9_RpTvQOmctthcmTvjwaZqUomFrwE0QIO58qrJ9x4k7ltDVm2B4fwhqJe2Yyd5d-33XfRjf2dvfC4DM-jSyw1cSStydPrVvxvfuVBrnP1xHNDNhg2Vg8J3s9bXej2hEjFmwtrJ0pGASObJisHFC941ns3f0ZmgUPlC3cCLG4mbqujOorDBArqyra2cFDdc6txmIS3pC7HoZqQadzyo1PFX-stmGbJchS0bmqKGuZFcREEDrUWi3qhdl3TJGQHAsOx-HRKxuM3uTfvpjQCE1XIcoc_Sgl2cacYmohHycmVSFtAjgK_BXRmTc26LUgLBgYnKp0U9SPaNuXHwDnpQOA6v_4fLhqdC1klOzksXylAvUIKStuaVfGXbDWISz8REKCmkc74Kt5k6K6u72OWhqWevXQrG23W2MMl2c08h9CIL6CrosFuldyAhlSCDhzcTyQh5jceD8ku_npxilaJGPRCUum1kH-o5lPp5FWd3bUNb_B7VTJm2RbYCsNzOPzzviFxfAEy0qrgDRrGaFEipKgWL3QqXqVUpxqmMFsk9OPg5VYXSX1p3Z4-z_W4qziqK7_PO9raX6aRwurZmxnupfqsLZyXVS1joGAmSs2qto3Q8ClOSW7izWUvJvNiz0kYpwnTfQY_rueHixlB7SgCPuroaSDTylbBgn7qhINYwhHuOz8xrtC8_e3gWmt-ZnVx6-vUYuk_LHgfhhLUj5u0gjIuixFQoF1yzSmchgiiHCcKZgHaWJAleZ6HLBktbea7R-gIb6_Mpe8wfKl-gJw9DacLyZpDgccqPxL8fnqR3Z_ka Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame D703	12 KB 5 KB	7ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4641 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame A49C	783 B 759 B	30ms 29ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3bd8af61b86d505b650626e824209abeb4200f7943614c40af31daf099512f69 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-d9ii/1tiHBOzv56jNtbMow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:26 GMT date Fri, 04 Jun 2021 18:20:26 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-d9ii/1tiHBOzv56jNtbMow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	da_DK_imageanimation_G_WD_Corona_300x250.js Show response s0.2mdn.net/creatives/assets/2990350/ Frame F441	38 KB 21 KB	7ms 6ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2990350/da_DK_imageanimation_G_WD_Corona_300x250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3dbc298358f0ef6521154c96fbc32003179a12df91a104899446e64c069b1e9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:14:26 GMT content-encoding gzip x-content-type-options nosniff age 360 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 21764 x-xss-protection 0 last-modified Mon, 22 Mar 2021 17:13:22 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:26 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 5B7A	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJho75G66YL_0O-qNjuwPs5m66AUAAAAAOAHgBAI&bg=!cHOlczfNAAY6sG-_OrA7ACkAdvg8WuHkaJ7rNZeAQtnel7Nm_km2FjPvVSDgh9uVRARMDZZ0TWhoJAIAAAegUgAAAPNoAQcKAGqXkEZ3ttaZ1xDqYS-9hjfkLFbD_hG-2b-mvN0zqG8dLO1GZaxUlFa-Gw1HH7pO2mCcgRgAcT-X0SdHt5ztlOdTaWdChs6fXvlFMTiReg7RaruGHKOLvgCdKCEnmUNyQsTe2quldXw1HrJwmQLQblDZDiyrZPxDpDVZ7nHRQvVn1F03AnwA6AojJ4Rx0r9wl8XRjylChpGUxEFQJiHMEEZhVp34pBBHTPs-duV3lnzRa_YNLv7TZydHv1K_vdrnUW_Hvriv7GmP0wQjahaJQgiGG9vjkS-8Jdsh_8Qj1gAmhd8-xkyYq4UnchkXuM0ViGY5-AE9-HOtikxcCV_CnPT9uk5RwPl69h2AvsIb_xSYF-_HMUACOEPDS8th32kkiTFfRqEKnRJjbx-rOkat_E_fUesWpOsFeLd8p2X_xixrqOX_YKLUxS4W4JOdKUg86BZrz5CAfi4xgcNdJSdwG4WQ6HSxGaBAHngiiXuFO68YM522zLDMpyfxkZ9suurh101U4ftziHI8hmGVKSUrxVd7LpS67ipt9rH7vPqsxE35ULRUwmlZmHhgim4jI1luU25tSHxWNwZLoXhKU-ee1b58qL3bcr-tAVropImA8o3NYg7-PST6Nl-bComd9CJ-Pgja4ii0MBIWoLO1F7dIxXPbA8iCWWQkEfJimONubryHeVbE7dhHfpRM4J1Rk8Rapq_wYTq8o392oXI7t5IEuHDZfpEWRN_FaTuyINh6Y5HaNsreRQl-5A8WOv7z-VEDh_NXhKifcZYnIKV1y1FCHigVtqrtUFZ0onR5-sdRoq1hWzYUJ102AukrD2WnfTrC48evAC0BWDFMya2VY3n63XjytuiFMPG-D-nl16U3StOb65P3MybqBtY8vRK-IMBFFlD_SfngGmPtBUxG2rqcX55W_i2gmFNCeOEA0PylIxeE_Blxvr3jomHXfqK4054GEHhiCt1nQXTFivFbHKg2SSWxqeegqlAi3LUyisp8220YCI61LVNs9uP1MDlAUta8aT5C_Cb_6ZDvN4TCuhv4s2aEe10bDOvQpCrN5sRgq1tUiJcHrl7ywhsvYvCN2AZSr_RpE5rRaTDhVCTn7nlR Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	visit.js Show response tps.doubleverify.com/ Frame 33C2	1 KB 1 KB	111ms 39ms	Script text/javascript	213.254.244.19 DOUBLE-VERIFY
General Check archive.org Show headers Download Go to Full URL https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETar9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETar9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETar9EEADTbpTauTau3%60_2b_ba2%60h3754f4g_72hcc%602f%60fa_%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETauATauC65%3AC64E%5D9E%3E%3D&srcurlD=2&aUrlD=-1&ssl=https:&dfs=4186&ddur=9&uid=1622830826664160&jsCallback=dvCallback_1622830826664397&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1421&tgjsver=1421&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fb10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&fcifrms=20&brh=3&dvp_epl=441&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.gool-sport.com/p/redirect.html&errorURL=https://tps.doubleverify.com/visit.jpg&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0g6Su8w3u5UCarJRZNGJ4ht&DVP_DBM_1=3060631&DVP_DBM_2=11817067&DVP_DBM_3=32228463&DVP_DBM_4=322451907&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1143429364715&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=2135236176.8325593&dvp_tukv=9029634775.573278&dvp_uuid=295393702.47240984&dvp_strhd=0.40000152587890625&dvpx_strhd=0.40000152587890625&dvp_tuid=70582881872&dvp_vcms=29&dvp_slmsd=282&dvp_vcmsd=311 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1421.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 1e0654414953cafb39a6c60209d177680f5517c681460ceb4ad8888a08b22fcb Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:26 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control max-age=0 Transfer-Encoding chunked Expires 6/3/2021 6:20:26 PM
GET H3-29	200	G_WD_Corona;strtype=2 ad.doubleclick.net/activity;src=6479513;pid=292521141;aid=485619494;ko=0;cid=130146484;rid=130127351;rv=3;stragg=1;&timestamp=1622830826694;str=LH/NULL/-1/NoOffer/ Frame 8BBD	42 B 63 B	58ms 57ms	Image image/gif	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;src=6479513;pid=292521141;aid=485619494;ko=0;cid=130146484;rid=130127351;rv=3;stragg=1;&timestamp=1622830826694;str=LH/NULL/-1/NoOffer/G_WD_Corona;strtype=2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	js-animation_da_DK_imageanimation.js Show response s0.2mdn.net/creatives/assets/3389262/ Frame F441	65 KB 17 KB	6ms 6ms	XHR text/javascript	2a00:1450:4001:831::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3389262/js-animation_da_DK_imageanimation.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/2377528/da_DK_polite.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 752238d3f9a98de5bcbffb363e97d13b8814f6c6b899c441bebec14e3189493c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61409384/20200309085140340/index.html?e=69&leftOffset=0&topOffset=0&c=FHW1OtGjmW&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers date Fri, 04 Jun 2021 18:14:26 GMT content-encoding gzip x-content-type-options nosniff age 360 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17622 x-xss-protection 0 last-modified Sun, 14 Mar 2021 21:58:53 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * expires Fri, 04 Jun 2021 18:29:26 GMT
GET DATA	200 OK	truncated / Frame F441	14 KB 0		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Origin https://s0.2mdn.net Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H/1.1	200 OK	visit.js Show response tps.doubleverify.com/ Frame C5A4	1 KB 1 KB	46ms 46ms	Script text/javascript	213.254.244.19 DOUBLE-VERIFY
General Check archive.org Show headers Download Go to Full URL https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETar9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETar9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETar9EEADTbpTauTau3%60_2b_ba2%60h3754f4g_72hcc%602f%60fa_%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D8%40%40%3D%5CDA%40CE%5D4%40%3ETauATauC65%3AC64E%5D9E%3E%3D&srcurlD=2&aUrlD=-1&ssl=https:&dfs=4186&ddur=9&uid=1622830826791130&jsCallback=dvCallback_1622830826791188&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1421&tgjsver=1421&lvvn=28&m1=13&refD=3&referrer=https%3A%2F%2Fb10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&fcifrms=20&brh=3&dvp_epl=441&noc=16&ctx=13311291&cmp=10224936&sid=2641434&plc=280232945&crt=117630481&btreg=315303753&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=2135236176.8325593&dvp_tukv=936609875882.8157&dvp_uuid=362418827233.2724&dvp_strhd=0.20000076293945312&dvpx_strhd=0.20000076293945312&dvp_tuid=457574625167&dvp_vcms=9&dvp_slmsd=326&dvp_vcmsd=335 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1421.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash a45c739253e35124ad3cee9fa122dbaf46104e3c421f98d08250dfbb4e206ffe Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:26 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type text/javascript; charset=utf-8 Cache-Control max-age=0 Transfer-Encoding chunked Expires 6/3/2021 6:20:26 PM
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6577	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021060301&jk=2449990126455031&bg=!ICOlI2fNAAY6sG-_OrA7ACkAdvg8Wils1DT1L9L1FOji1DD7mpXetyN6MMFtTn0rhgQASJYN_WmdXAIAAAaTUgAAAMloAQcKAE2-xw4PJtulmWJ-U8ijaxA4nEvrlbawQE_7OIr3aDp-KXT9QvhAOoQA3m9fArT6TYcP-PeJs8JxDxizuJgPKc8IcG1H9U-7_cQixG3YppkCZss9rFO5WqtNd_AMqWO7OzbqrUnoltm6q8jkoNicg3NMzJMTd_oQH9iXWiNj8Kk2h-vjcWC4VgMK_PK5eOGpqWOEzRpA32yzxkvjtfiZ0qlwrpz2M9KZdmOLZgd-2zYeI0WqIrG6C3xnNcmdhtEnkUH2_j0oEpQj_UuyIAmVN7SxCX_d8bgtot6HxZmEv1fcvpAFmC-EyhHDZ023gU3lM_BXaQYB0SZ8wqpV29ZrymlvoEq-EnhWzVMcC1yeumdSdZ7KqKQjq_k-8EJyVh9eovX7QDH18Mh-2BhNFoZt40271LtMXnzsio4bal-H9vPLlXWESr3-XOVPXg-_s3LGZbdQi9-YY-Jf6lk_RvgXdCqNQyLLCT3caeKJPoes9k4kWCMgH0tzjrUvp33TwFAu5BSdXfxCnOiBs3Mjqq6BoCtDyoSwyXXwCh2Q6rigcDkKQLINqTgIXWuWQrDD7bU53-EYJDdlO0OI-4I0Rg-8glK-FaWhf8ReIBOTPtxThH8PlQjkQmgQ5auZhZXyp1WQ_Km71uytmrjKFBRQM7WzvHLUj_UozmjLIlIR32YdvjLljQPDgaeqmcpgAp1qyZy-QWxyWLxFJXzUfqAprpnJKZ00PaTixPCtlbRNvUgY2S8uDCBSZnBVQBU2bc5YZSepth09-U8t1KE4-5jd6g_SWP3yIpv6mznI45XTs6AVg-TDNtA4ePW2TSEbM8v8t9avthGtyDPWL_hBvkyVb7f_nk6MGsQNt8gHrbtfX8J9SOttdIOhmWIF8xLE-6gj2cUVx5QH2MM9GdTGGFDiyv_owk9er1ky4xG1 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4F57	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUAOC5W66YI2nEcGplQet2oPQDgAAAAA4AeAEAg&bg=!SUqlSg7NAAY6sG-_OrA7ACkAdvg8Wrrk6uWfqps9XYiPEynnwcY3vQKl0TmM67Sxun_YAIRePEz5lAIAAAbQUgAAANxoAQeZAtFA_Kf78Imd3ygotQjerTgEdB3e3Vy5OpYJE5I6sWCIWclZCSIJ-it2LLcMSqxn3RaDf6tjVu65zis40ZaAiwxCHMkUxgHKVFkr-tQnHn9hoi5cByQ496wTv-lATq4676s5QDVXDH0NQ4-HTUiws8uTl_gF060lzoHVp3ZUsLRvckHOtR81nE5nJhijrqNrnAkPQKxs7LgBDCJyeje4SKOb1pwqssp0jH87L-huHpAY9pKTQBKsJNGAnwsNkfySOBUiwc4zVIk2lurE4mQVkFiENIFQgdFYm5DxL0NrtWc4NFLGFHBkZ-mHW3YDwGkZ8oDnQQQOtFP1WW_E1xO-GDFC-iqRI-M9chCUk4Ipe36313y3w6X2vEG9meFwRKUCH5INezKet3jvtk1i4uyGCtfw7koFim_dPk7u9YvGRRrNRtjnUV9Ky7zX6nvZmqvvlLa0zx13-O65dZpgrdxn9glTMS4EwhO8LLDVprWHR9awO4s4qHXBFqtYYG0hQe6Uk5uBuQV0ecJ94m9WcJM5NesmZVTwPc4pE74IPgqfO0_P87LbmZL4LH0rWuXgLyLYarw910KtmZSyYP9t0d1lVhOkxfAHkQUQ3-D-PZjZtzl83VqG0gU4E0wcoDMYJ9hRWS99ek2twwSP4AcCtliDCpRFn_3HhEweFS58NukzX2vpwdwLjICzRbuFNScV6G2MGLcmfAHys7_h-i_Qfv0j-kzHhvcZtd8VkuJPrbjJ4edD0rCSkcr6MYZhhyDgBxcHxTdZpTXR1o_P6vilk8HE7XvCYlEJo-ZB6O8rRXWkWg9UEvyZSMGa2xt5-84Rvw8ei-SD_RsN14KfDE95_0BsvjcVoyHSaLJ_oNuKbHkm0uZ6LsG3CYYr1w_9O73646NhEzIkyatmlBv80Bji6QbLFn-4PjgFfEMRO9QQ84UMpK2H4k1nzAGXxGiBqCBlgJiDDnEL Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	G_WD_Corona;strtype=2 ad.doubleclick.net/activity;src=6479513;pid=292521147;aid=485730106;ko=0;cid=130146487;rid=130127354;rv=3;stragg=1;&timestamp=1622830827230;str=LH/NULL/-1/NoOffer/ Frame CD14	42 B 63 B	99ms 99ms	Image image/gif	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/activity;src=6479513;pid=292521147;aid=485730106;ko=0;cid=130146487;rid=130127354;rv=3;stragg=1;&timestamp=1622830827230;str=LH/NULL/-1/NoOffer/G_WD_Corona;strtype=2 Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame BDFD	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34745 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
POST H2	200	node.php Show response node.setupad.com/node/ Frame AAF0	0 208 B	63ms 63ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: www.gool-sport.com URL: https://www.gool-sport.com/p/redirect.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Fri, 04 Jun 2021 18:20:27 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame AAF0	10 KB 7 KB	35ms 35ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060201&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7633937bd490509c774f73808515b7bd5f87e9858a3bae6a53933f6abee1a859 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:27 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7649 x-xss-protection 0
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/	10 KB 8 KB	34ms 34ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210601&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9234038752480616&plah=www.gool-sport.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1efd618000a58b3c67d46313b6585f73f4279e89d28bda9f0af69a9c4904fb6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 04 Jun 2021 18:20:27 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7773 x-xss-protection 0
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame DE7F	42 B 64 B	27ms 26ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1gFXsO2rCcidr6r7xTrjwxx3N9a_y76vAQvFdpwzCmJwKJVEGU276OcQder17oMBQB_2rMvZtzKxCn4G5ORHEfwtXUKL2Cy0CSxrYKsJwlIXCjBDRZANDYoeETQ&sai=AMfl-YQQihu4YyQyfA-W_jRNTeYvRQLeGwRZC6Nl9ZNeq6DijFu7W_DMjBDmR6bNCIld55-XLhjJ4EgfKVmqIiKxe6N8oSyGGcqsebRCboB7eC9mwmhEmBIA0LL4lK9R&sig=Cg0ArKJSzKwg7onPhyCeEAE&cid=CAASEuRoBiQ5ngVsgsO_y1f8XYOqVw&id=lidar2&mcvt=1064&p=0,0,254,300&mtos=0,0,1064,1064,1064&tos=0,0,1064,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1942592566&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622830821913&dlt=151&rpt=4437&isd=0&msd=0&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame DE7F	42 B 64 B	21ms 20ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2jpVknuDJQ0ymouJq4ThwEXJ32z3tsJg18c5LWUjW8cYB-bDHhZU9fp3i6xEHD7r9qudyJ_cm6g&sig=Cg0ArKJSzCJjL4q_1xG8EAE&id=lidar2&mcvt=1064&p=0,0,250,300&mtos=0,0,1064,1064,1064&tos=0,0,1064,0,0&v=20210602&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3529464941&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&r=v Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210601/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9234038752480616&plah=www.gool-sport.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:27 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:27 GMT
GET H3-29	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame AAF0	17 KB 6 KB	26ms 26ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060201.js?31061369 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 18:20:27 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1616005470650935" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 04 Jun 2021 18:20:27 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 02F2	0 20 B	75ms 74ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7ysz5m66YNqRK9mHjuwPuueF8AMAAAAAOAHgBAI&bg=!AAOlA0fNAAY6sG-_OrA7ACkAdvg8Wh-9Ge5YTkh4GVu3DwBVwZd-OpaHgEgJmmO3ZQtYO76bBnAEIgIAAAXDUgAAAL1oAQcKAAMLMIGZAsk2nLCvn_PWjjGN24ecDMniiGdUXqmBvEptPkKLAtaATAQJKlMjMYoistaqvG0Ha3TNSEtg1FvVXdoJHbPVZanAQgOI_sODkCycfUdP2U5eyZPDUFO0NdlBKrMqoVU_PXkGGa4deuf0AsGix8_507cLu5sSoARs_jWIWmOz-j7Wv7r1s0WK7YkFCFt81O6W_2mhznqwSjqhR-B6zb6wn4Ax-6a7zV28mKE2mC8PexVzUWqUyxmz3PUMhNeje3RRnxqpGqFZ2CqB7in-ZkMFgOyvl9wb77W6GiGFWoxPDa58unHrRqtNdvrqcAujcqmLfPKkL21Z3rZ-59N8yZtIMceLIxO2xH0lab_TQBxj9SCpN1zcGxFprCtGolqEyQma9mb_lAzwMqEjOf3xftu-6bZJ3aaWy9mTGHe1fYVBVsHNsmziuaE9B32_wj2CH_p4AGqpmcbIvx0sfH14aUeWd_I43qBeZ3lBx-H6Wjl72ElscpDCotXTyUVxaWwlEywBGoziQCbiqW87aHHgZ8vhUa2o1DAuc-wkTbxpxalL_HFFQWDxRzvA5Omxva1yHsUGm-bJsGIeFuwTtmJ1yS6hsaEDwTYs37KVm3uYB1o-HfufAT75CoKhybQU0XzuLXLT8jrLtxSthOx_s5cNwBLMPpfxo2jk3th9F1xv3NsiV2R9a6MC27Vsv6SX-NuAY5sWiIUGfqZo8jz8wbc9zZ-70h1eBS47k1XW2G0IESO_qu6wPKns-8qo2o6p9GBcTVLRNb3RN1er3DtmAVja32jZMCacSlaJcteM9PlP6nJipP7us5ROKWP2OvRPvRukrRl3eaE65ofQBsdLP8P0wBaJAZm2refZbRYsfVsTXyQIEv123Mupw9WgQliEi9a3HvzWXFh7fW2qGrrdUZxG2psFMl9GdX8BCssZwZEVzcoLPveJwrcJxCwq-JJhaQ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame D703	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34745 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4A83	0 20 B	59ms 59ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=4480004174339888&bg=!ubqluv7NAAY6sG-_OrA7ACkAdvg8WjgUUMDsqHbwuf2X0bZRfneMJlc30O28xP7Pb43ix-zqTFr0YQIAAAXMUgAAALJoAQcKAI1Oh7vhy_6ADYqi3x8m7IxE57QBykX1jcoSTp9HHeQLRxSt2mjipAlKVnSD94wjDcwKl6S0den44T9IDlNQgTOllnqX6XcA3x4LpxvM6133vUqvSbaEpFZsiiJkH8t05-lzn8owmdkx5kWwgqZZF-ZjCLaWw0PeiZNZzWQa01DogS5MvIUtmwDPgcWKAreZAn4vyK0VJ78xUZyW02vJnbJ7Cwl2P9yxI7FOZ5phhcFayxBwVq5DHLwAMmKHehcQHPVyai7ftXb6XF1HHBaRFftZ-aUOpQdToIX_t4cvE-gil5ZpBvDLCWDlrugYCD7Dad60PM8MJpfPcGfZ17vbnnuLlvsc7Z-RGlKIKWMWqnVTAXvsYEQEBXRpw3c9ZwBty3k9rtvz3WyNSN455ztSTUniA16r-DNJ34YnK6x5Iy85Ltm1fHCFv_sWX8VAc82u98xy_MwMYEPH-YNJeIxr2QTazcrtQsod3HsaY6_34WYGjbu_6FQJ3ATfSARq5JYdaL7Zcu_KYP7VHs2HGgDLAMFST9TpEEIdmQyxQUxQD27PtYT98SDEzCa5tzMyCknYzWo8YQ4vxBYMIIknGyP2Iafhy0tnhhvPozt_yu5eWwDQ4ZEsYe0sY83IMKpRxFng5fomTP44-d9t3LNk39rV-djicaMlC0Pn-jGDCYZk4QE5_vxBtdQJsmEeoZu-G1PDM7oYoS-aAm3Mq0WozYr4UvGPsOTAIY0uK6Veq9Pi7FxrbjYLTkmKtEarIw6u4rHYCSYO2RLCgbfF8R8ItYN5IxcBd9Im0TpiPAlTIPYL1eR4l0rECQQQqV8Hg59ObLZnBQriYgNVqCez8RSJf0ZV-aHf2CyJIea9_E1zRvXAMz6T4Ub9KQSiCiscWTaCy1buB0Y1yrlmi2ySNQYP7uJxEL-w84r3QXcR2NjX_CPCgSnld6d3iw_mrp01XIIZCIbrZxpfGFTcGG7bNS2xPWI9SRg_x1CAXhURreA5i7yjt2YkR2mjY_mCealxOLZ3IiMoayCDQtafiKfSMJYjV8m3Ew Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7CD4	12 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4642 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame E133	783 B 531 B	29ms 28ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a30d3995b5a8335ee85847a142b6c0c7b50e68c165a5705779f0d9772c0e9d62 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-EcV+uZNwDSK4dqdnDrfjTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:27 GMT date Fri, 04 Jun 2021 18:20:27 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-EcV+uZNwDSK4dqdnDrfjTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 732E	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8lS65m66YL2HD8qArATVtp34CAAAAAA4AeAEAg&bg=!zc6lzorNAAY6sG-_OrA7ACkAdvg8Wj6H4427VVDNCn0wMAwotmSW8aMF-leT_1AbGncva248o5hbfAIAAAWrUgAAAGRoAQcKADgc8dHk33F3sPJQv_5lyRU5HvgCfo3XxVmaDLBWd7GKqwJxgdv-l_vrLJDHoUKL7hXBzeYJmoZfUZkCsXr2izgVL3LG6HGtLbg4NmypF-sYE6y0StxThTeomYygDvxyDXyh3QFCtDinMu83LSJ87bfTMsiCA6Tpbp41XFh-OpFxEhVGtnEM-XFLQ2Xeq6H1pnq3YEkl82QKhKf3MkaIl0TgeCUSTH36T2Lv2xiAz54TY_3jRvROD4PzWIDQt2Y_4nZsENs4rD0CTKGQTiqijLkzFNXxTKIIGEy768bowVJ8ooTRpvNl2SqInF1g5LnJF_reg2nH77GwFUSfpGalcnBO0E7wzh08g4WtULIMs2lioEoYPTC_yp8eiLBUQnmqyWd9qEla0rEgex2qlK1GEt7H9OAnHGwcRlwfi1Gr0nFQkFIlGBCzem2Q9YjWSI79gl1_qJ5o7lyXZbI0qezDr-s2RYrTEaeTXN7h8MHwgDruJvHiSEEilp_0LuFQyBvfWE4_asfQI-BtiHtsYrVrzrDopcOQU5ciX807yuoG32CzOd0u0lH4PwsDMBFfZabe-ytJWlTEF61wg1e3fzsAK_mUpooq7d8mqz06qkTXLCxzYVk8uviGuQKQTvjkGZkQGzo1zIuIb9c4GkDcTSkYWCTdLm46PElWKX0-5ib9K7MsUe3ORIlkiWhj2NOOdZeGkP6JsF3oJYVGv5oweRduzax1rArA_fCuBPOo-y88xFvw5UYzM-NjkT7NAvIugoSxha1zZ63DDpUkjeAx6hqPhW6rTut6dnnXxHaHg6mihU2poQYsp_LWRV9idvVYSPDid3jmp8jCTF6NFi_5LlE7J0sLjDEmlu1vcN-lbLdfT4FRb-FkuAZPbJO2ET7-z8CF2FL7l5P9sWEbRecfrLPeAJ0l4JaSeLFvcgybV4YkVvhUz6ga8UJI36xOa72SSwvwyh1h76zkPEcNjyD16kTPDjhG7LEDj1MAIzOLHyiU Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/222/ Frame FF3E	12 KB 5 KB	6ms 5ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/222/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 04 Jun 2021 17:03:05 GMT expires Sat, 04 Jun 2022 17:03:05 GMT last-modified Wed, 20 Jan 2021 19:23:06 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4642 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame A584	783 B 535 B	30ms 29ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9c40f9a9436849384c9cbc710cff6073d643d00ad4a988c6b449faf445252ccf Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-5wZfoARGlQLWD676V568jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gool-sport.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gool-sport.com/ Response headers expires Fri, 04 Jun 2021 18:20:27 GMT date Fri, 04 Jun 2021 18:20:27 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-5wZfoARGlQLWD676V568jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 516 server GSE alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1A60	0 20 B	60ms 60ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=3742080238195216&bg=!srGlsfXNAAY6sG-_OrA7ACkAdvg8WtJsHm1U96Bpr92VR_dJ4RLKTCvdZbPI1aqHLjAFxHjWxaJBxQIAAASHUgAAAH1oAQeZAo2Ia-D4B5MyN5F4kfB1nXUdDU-yoQ9f4VL6QgTtPy6fpmn0pMSOmnrPGT9yJTGpGQ_e89PPN6yAPRYOH0QMibxZkVq_zT-pKvk3BVAADXdM9mewhXh1M4mevYQ59ahLlERnXIC80mLprqBLK1ODVjDH2ck3OdateBEaMf4zQsoczI4mkXGBCg1EbRaPAjLeGgSUns_w0TM423qXhTUnhdoCLWDHhCORrmQ8bALDsZqxP2qwAHuITbNSOh66aATETgCriVjlW1Z22e1kTyFp7q0hWQvhTefnYCa1sFMtmkYuTUKyIdmURzpeHmFt7oTGU0NXwx0uJS35G-qrfPRTmAtbl0cJSvWymBUsOjdMmvZfXLvVR-7RTigL0xxF6RDLl-VX9HAXPPpC3pk56i6u5qaLNZz2LRHBfWFzqfIIuGsK4SOO9r3RLgjnOmriHdrTlS4Zcm-b3jM3baOpTnXPLn1s4YHaKZC4AQVzUWWF6s0e1tzl5iT2O8bgaeYuVV_Xj1PxbRCW9qkUe1U8U4_8fOL2YUw-Q4sby71Ns_8qFU-herlk-mduSo2JmR45wRPDoE9vT87AcflQ8b4M0KT630sRLmFhyfT6m8cVya8JK1Qmx7p5D5U7_FPncdb4CjpgnqiRFhaOzrUzr8mpgYNHRpvvZXXTv5jmiW1X3w0PWrffrEUA2WfbcAiAizdD0_A5C_vZdcsLxZSXuDWJFnops-CKd75bVZ8k1rJszfDWY-M46HpQXXUo-gljjJfLIOyLZ22jaYCC8PfZht6T6lN57bDsHS5_d4M5Cwus1PSfM0lK04sD6vNdme3I9vHpBk8AcvZOfm_UV6NdnPFoD7mnFmTps27qt9iAzyCgQ4k4FA Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4621	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGo5X5m66YKeaMISn3gO50KGoBQAAAAA4AeAEAg&bg=!VlWlVRHNAAY6sG-_OrA7ACkAdvg8WqfS7SBORwpPIMkxVGdyByAA7dvMCVhms1AvHbsvunkVSSkJ5AIAAASqUgAAAFZoAQeZAs78hlBbh3akoHzpy5DHMNOvMXWAva_NxXpIAjz2OSItaUlsT1UKjhNh_XPaCgCHSZIrMIKx71gbJMzQ9kOg7HVwxqzMshUaMLbFg3KuTGxRUqSGaV8-jd70Xh6tN-W8nD_veUMqJ1PD_ykqHcwLKeV5s19hR1Jt464NGIOvrJAstrHxqjJO-VQigEUzrO30GqmnysLOOOmFNFnIhAnAGUATDKzIuPLhUgpsWQg4tr_QsWQ_qF71URtd1sa9VIgYSsil5qEGa8MvkxbNNhe-GHUE9h4Ptbzla11NJPnv5_KNwmrC0_QRj7fC3Ih0L6Ckgp1SQ0AhBl81qXVljfS7md6ZGXFlKkbewEQ93yop7YIO1-9XBq4MT5eNAEazZlrCBGabxNMxSCFbU-Xm6B8l9VQLI_t7E-71IJFCTI1UJA93qGQi_gltG9WPvmIiOatFvKMtcRpAHznxQmusg_3FTOyrdlg_N1Hvco0aZzc2LIJ7WjZrh158pM-2Q2pxkiLyYYr4Vl1C_ZPZ_JPUqf7DIdSNSFEwivpznXn0PiOV2ggOs-c_azZcyXBDZjdYhZQsqui9G_1LW4184MxyIFh0Tx7_jqpJz97ZYUL931dJhxOsaynZWBEHONIsCxq8ApWtMdET1hLaV0opVpT-n6z2D85NPro4pn0cxe6oT4ekNqixAIVP-lVxqHwBnwJIvDZRscj1RLZwSYxQ99zZ4i_QyZkdLyr8oebuDpDdIvcQ8EjZeN4cQrzY9FqLawAz9bxlbXFBnj29-qPofEboSHWMlSobZtHnadpl0c0FDVLgpMMUdOJ-gJzhFETsgD31w-GL8EBzQlj-TJmJ1EZXVy9RtX317QzN4rgTE3aVXrfncGXSP1XsjhcC5TGnCqEtz5SkEPWt3aLXhWTtaoMYU1-_zjMCSvodH2UmnOe3nVC5RNhpIzXRLHKodNUmMTkRxaWl Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F02E	0 20 B	74ms 74ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=1219464265747833&bg=!3t2l3ZnNAAY6sG-_OrA7ACkAdvg8WleDV3dHwmhCf0mxtijWfBf4u5PYDa1lBX3YLWbCVDknOrBj0QIAAAPkUgAAAEhoAQcKAOUemOyJLpNa6d1kqcL87nO6fHF5QtgbFbgUkpkznIfVhjQo7fs51_jY-0CRob2Lyqm2M06HiQ7NHMJFEAf2J3KVa3IfyOv96bq7OQFzdYCfY6VonUjGHUzfipEyuhN_ozEgCh94VStppkBG0RnaXoDF6L4128BR0g9ggf0OL0sMFbmWhbMT-HewDDTAS4K_uXTLnCXOnZLoYHkZwtUMRM6JAHyu7HnqsnCQ9KuOTiwnFMsao4eKsiYqUGeaSE1ss9FOonpkKpjg1K91RMnkQFWNo_VG2YVRZo5lRPDKOIMW5GGhYlPFmQKSZmPQQK0BXy0C2EiK7shiwJVHViOMWlVJIC4DNySU0ZoYBtGbO3VmbpSrHIa7g8aPynBVy5J6-LcLWEWilwTkUYiw_FQDFxMBNgI-oZD2eH0_SZrmU4LoSmFCRrMxOKQaUa4iHOeFfaTPG33U5nO94GnJSaoctvSbBBKaOEUZ6qquBGK47xZPPGUJaKkTDPW8BJGmIUErOTh0HoGFdbrNg75JiupF5MUMsR6lnTYSBqz31ADDEGfM6ic7dn1yyoo4_meyvSl24LCvi7ZfB1YuxnbCVE39rSeG2km2jfopR4GlBVyx_ZkLO3CISmFM019MRKNolFemQE-YTpFfYGoLLWZvhTMs_qA3kkYTDTRfF4IZvAIGF63T8Bxr1Teap4vTP60ssgYOP3JnKqIoq2QV1IRqyglFOsQTInQLP76zMkFt1kXxllCzMJFJwRy0QphrwsrxRjtQM0dEoRsS8moMp5_ZLpd2NFTwL_Px0LUPIhd7px6cyiBV3S-neLgqEEpQI816VCMAJvjYXMsCfmETumCksU34e7SRFgsMmtMFswPGhsX0SQLdfALEx0OfpwGciBXKHxdCkPTbrRiq_4P-iQcV_7Y4VdoSdIgizIO4BpeSug5jTj-3_oHTXcLJDUpcq8nXwFSWJK7LDa4AFBl02nZWpOe6IqUkAz1xCkqmWgRK7fQ8pPUhyEKFCt24kqQYs9r2DfcGKWkUtm8xRWxmvS3nXuLCspkeGu2zML1VAc1j3pSacSlseazZbwb0W5Yxr-w39_1sl88YD-Beqs0Zbwwj2yohgrfH5daMe_GEuR1uRfTU0epr6NvGAgmFZ4VHjohgoKTGK9X-BrqmbyOPC2bEx9SnuxuhhED6gReN-SNRIQ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:27 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame 7CD4	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34745 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	200	wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response pagead2.googlesyndication.com/bg/ Frame FF3E	14 KB 6 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 04 Jun 2021 08:41:22 GMT content-encoding br x-content-type-options nosniff age 34745 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5768 x-xss-protection 0 last-modified Mon, 31 May 2021 08:58:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 04 Jun 2022 08:41:22 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame BDFD	0 22 B	42ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bv3Vj6W66YMPrLvah7_UPxO6H6A8AAAAAOAHgBAI&bg=!srGlsfXNAAY6sG-_OrA7ACkAdvg8WqHvPSroVBhoBkRb9ppXJwrKnwfUBfmbrShG56SjrMXsWHiX3wIAAAE0UgAAAEpoAQeZAsojugRR0bg5YtxnHEuXbZGKxSjyCClzhaZlFXlEgr5VDURxUvmnXD7SJ4i85aO08mXHg4-L6EYfv0Iv4gy2UOUEjO7Zct2KP2rD9tdWK6ZxxCzCnwEdycyMhxppC2VjKw0ZjW9FlT_cHQHIU-r4Ac4CbIgMPHTgF_DN3JD1i1kOJJ-qiTMrJOpqkkL_zpVvpCEskBn7pprSwSPLKFQoerJuiPDqgie7ynvDVq7f85AGVDlQagBsVRn0RHmH6zsGlsVQ52a-zCsL79xMz54eVJhQSc4GaSkyM-I_Kjhic49Bisg8Il12s0vwyBdWevtC9n6N4NHOlTX57rQM84MQehahImLmd70YHjhPzzkc8aaWgjCClG46TtB_DArkIEYu-JICT0t1BsiYKIZ8bIiQe1KH8dB_2__ZsUzrkTDmsqBnGhNdTC6YtiBzY3mbqonrJ9Acczl-DeBNqWRlXakd5HRZlW61lnZqTLdGFG0eTWyHaFB5kmrYihGV6AcuFh22Dmc7LqfWMwrQWh78KxQpPSjhlOVMCsW6NC4ESik7To-tw7LXnebF3PLN7kWBzyXwwJtFkyUX4v1HEKSgVf57sQvDAcGijT9FJXa-7OYXo7pQvj2M_5CI-4QrzkqSHggW8z1wojxWvuqC3yfpcFe2A1HUbdCU2gnx_3WJj_MkWQeagiIfe1i-D3DxagfjE5sWO4TF6WhMSta4Vx2FRRyi9Xd99LN_DHm0JLAN2JGaXdnzSvKfLThrA79tSoKbZ_cffuCexpifachJK4Euh9FS4j6Yc7Fwbt-0Km2PXJwL8zZWLzjYRlvCrjcUUxYzDLO4Q1QYv_Vy6MrdZaBo05tQZKtn1ZmjIcllNN4Ht4qP1EV1RK2rcH5lvIIWNS_Z3hA0ksioCdk8b8v2qJHJyWNT5mnqnj8r8ix1EgFzYIykIoo4zNVHomSk40mAwVo Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 893F	0 22 B	40ms 39ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=3620277852996231&bg=!s7ClsPTNAAY6sG-_OrA7ACkAdvg8WoxssohHgiiwyG2r1SWiRSKRKYHmAF_rMNx5HeuVMJ75VkeI9gIAAAFMUgAAADZoAQeZAn_Vh7bR3a6OWuKcKN3zrPLc3r8Y9rRpBSntzrXdfMzBPvboTUtqIv7g5vSjhrmpvXtjgnpRBakjAmgPqFw6yuN7ulRH_tSpNSUgMkfjMEIIlUqhtQeiCJutaOjOMByilgOQ5SVRiLfZuTsDIDdUMXkcg14M_5fmDkSyVf4STldDWeepzk8kAbRCZEH8efNdj87kS6fzW4R-kZqvLtmlThbFNW8OxDs9WQZ-CsjGVNyCYB_2aHvhRnTmT8xYTKukQjTv2-5nQKttEyjqyJo_g6cEQmI12X10NfABOdcsqecifMcoNtGEcjE-kQSM1aKY_GFfhIIshngU-PG1cUnBoBkWIp0NcUCnwJ5sBRmOk4x4zLH64xCNK_TvSOqKv90Mv_8de45Jn6nrL7HrwaATS6OT563FbL6SWR3wdSdAhaWt_QEvWsrpwPiQeFTRCZB6QMKntTWLtIMPyf1pRdYLw7iz1XPhU8iZsjNtcSn6INjHC4z0a6_52dt6dBtipseW1uSuVAfO0hk2dpcPe00gUlNCfzs4NHIVvZUpLxR8Eoz9QLp7a5OzFRFwRn6U8UdgEotCU-aR2rdO_5vQRETBIeqw2lXqTZLocupYXJSpUXdPfQfdpK8x1vZ18ADCVBvZVVuRzIZ6JjEd76yquoLqS8hFZ4W8FYGWlLUOAAIKIt2Vee693iuOIbje1syOeEKDe5S7FLUNjkqXzx8jpGPLb7ovUZJROpOc3atHnG-su3xqHtLy8BjZDuJmpiBwFtMxRk9MlsDFrPOA-RPFiAgicAJg4Y8uQ3zY5j-DnqhibGNCvyehy-RkxdigUnakc-Q1eByhkldnDwqvU_FY9xty2kQ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 22 B	41ms 41ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210601&jk=826664365822009&bg=!EBOlE1fNAAY6sG-_OrA7ACkAdvg8WuYpvITRAsi9wVv_uwJRQMMG1HF6em8sXaYQ2waUviyyalu_rQIAAAEJUgAAABRoAQcKAMbMbLFdMxAlukRRP05soYoYsa1SZbFLhXfp5eHZxw1p-oUJhMthZSFuGsxorPLkTpEoMTgYgjlfbrus-szOhbZn_QAk2xEfnB0p0H5LFMxOYmdETJGd8-2QBbRWzmH4D45pnBi0Hlq9Suw4NqDgcVV3qm5WXwj6PILPPwHc_BCeIdGOFFTCs3nAzBJDQq9uHmpbyP4-PIaQoKcLHMR_ZKbRcpiPSj-WWMJlwiaw0nnQkfjnqCjRMmPf-hWghYnrG5WuDq9BHOCZAkqrrnQwJWeqCMy-sNj_o13a7vV4WivPxRryn0WuAOGNnhsUMowMr7SWRj1bvOLcnWyFHhTVyj1GiAIFcV8_ubp0FLiuxS8ahKU_LxIxgiWX1pJZAFAV7Fjs1XhZDzjJY37RfuF47CbsaSFJTznfCiy8PMw0bbRfnt6fzOiptwFdqta75w4BMy_7di5-mTAHGHqi2yqCwfhKlxr9asNCnZs-E7bND0QAhfOIshki5MduaANUHTJwH9tzVzzcKZwsESUSR7yFMWDuVdrdpvu1qXkUtacR_o7r51Facxt6fHBboryX-z0Chn0KcdaYP8HSmMBZa8l7AR7r01OZJiLWhIvZAJxazpsdYgsTInK5JI6Mrvdy9euuhPV_g4o5TTbskjbGuk5qPqcKyO0acGtK7cFRlUqN55RbvPAnWeTkfReCmQ2zbPvg5UGGPtzfLrx-OOtC78prLyXgzSMm0Kw-xIhCDrTzEiaiK0dmmKrNGo6h5EabYADo53KUiWKEx-T01qPN4xlgmxA5hMDhxKZWI15BWKdbZoRmEQja9qiz9t6muIgawv-5q-vJDq9vQ86fdqDSjgvH94c1oQg8cG8R7ExJglD8gBzmguAD23-8rfV_cQUVWzAl7oclvfO8QAd3UD9dtBnQ9AEEd1-ry46u7ikPPL6h5EIyiELTdGy--6CAwTDtTw70Ia40_cSb5Vi04awGaE27BS-cpF02BWM4lIctSuxSVRc2MmkDAdagQ9GIxS3oeHljJvYyqNs1nB1sskgIpRoP44tbwTCK Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AAF0	0 22 B	56ms 56ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021060201&jk=3238563335466385&bg=!1tWl1ZHNAAY6sG-_OrA7ACkAdvg8WscALGHeaxIC1-k7__AsNm2qpThMeirDNjGcSRMPyhaczqgQugIAAAEZUgAAABBoAQeZAoTSn8mf7A7E5gadcFnVsLHGDz-mbgZ7YCujl_1IeeC6JIqlzujvRpqzj8OFtE2b1i0y1lWyaAB7aqW5RTCIeUHl8xDB_EYPuvIPrG8mjY074kV_U80OPFZzDcJnGP5mYQ1NMMLwMA6OqvHpYYI24funcvT7tRKc5EzsgnU4Yyaft_Pa2ZnmLLAMYps5RJoegfCgOEPLtG-M3_cxz2HPLT316FXPss-K1-N7sMbcuXj1Zs5QLYIWLfLUOwGMwjLUfmduludlBGnyJEq-Lr3YCVIyyAqS7jPHExcjvvHeXtegt0QiyScSd93BZ0qrkTr1dJfC2tIld-jbxxI38PZXx5UaMsrcrGw78KyZ-ZsiGtAo3ITKkZZEYJt4bR7KwPGsDURiJQAb3icJHVnwJaqoHXrq_vAf2WxQBPe15MXrSld7knQKf7U7lT_7_QM0F1rA0T26T18zNa4QooKxungR7k5DrznNPUNFdX4SbaXjPZmT0O2LpCeM8gXVdeS3JmZFSFaR3_-Fx_pQXoxuRP9r7SdJK-mfAcCx1GKLp-4h2wy-aNr3mQoJnfBT0G2grkavvbij8Fb-14WAkJ6ZL92j0j41vEkJmGPTLUr8MYqWJwztARIn9KRjkBp_TkbiGTCQ67BR8cNZVkTvQV6VWkLficmfqoelnlVwg2LaHjWVbfYNnmvxWYiBmBvE1ezsrjUXYBHWZZFxRV3pvIo6FDeLMloZ4WaXIU1p8h1KYgS148AN5sqF9D4zOqFVtu5VqJD7GFLLO95cirJ_bvGdd19_KOTq4skzC1_bTSPRdUQ0rGdVzjcVE2fpI54_LwKmeyFg4_9BOyi0NWx90GZaVB7XsbQ1vkVOIw Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gool-sport.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:28 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	event.png tps20236.doubleverify.com/ Frame 33C2	67 B 491 B	108ms 36ms	Ping image/png	213.254.244.26 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://tps20236.doubleverify.com/event.png?impid=52b7b24ae3054539bcf79a172d8cd5cc&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=265&vdur=111&eoid=5&msrjs=1421&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1622830829278539 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1421.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:29 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type image/png Access-Control-Allow-Origin https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 98 Expires 6/3/2021 6:20:29 PM
POST H/1.1	200 OK	event.png tps20227.doubleverify.com/ Frame C5A4	67 B 491 B	113ms 40ms	Ping image/png	213.254.244.26 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://tps20227.doubleverify.com/event.png?impid=ae90af8ba0b7432c8c27ade7c84fa46a&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=121&vdur=47&eoid=5&msrjs=1421&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&cbust=1622830829329591 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1421.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:28 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type image/png Access-Control-Allow-Origin https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 98 Expires 6/3/2021 6:20:29 PM
GET H/1.1	200 OK	bsevent.gif tps20518.doubleverify.com/ Frame DE7F	807 B 1 KB	49ms 49ms	Image image/gif	213.254.244.19 DOUBLE-VERIFY
General Check archive.org Show headers Download Go to Show image Full URL https://tps20518.doubleverify.com/bsevent.gif?impid=3227d6695d654c29871ecfa72019dafe&mascid=kpinkme9rnjfey8jjwv59i2wj23f531w&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=1962&cbust=1622830829802220 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.19 , United States, ASN36062 (DOUBLE-VERIFY, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416 Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:29 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=0 Content-Length 860 Expires 6/3/2021 6:20:29 PM
POST H/1.1	200 OK	event.png tps20236.doubleverify.com/ Frame 33C2	67 B 491 B	35ms 35ms	Ping image/png	213.254.244.26 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://tps20236.doubleverify.com/event.png?impid=52b7b24ae3054539bcf79a172d8cd5cc&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=7&ismms=39&isumms=38&isvelg=1&nvr=6&isgmmims=39&isgmv4mims=39&elmtp=6&isbxdms=2656&b0=100&b7=803&b11=1864&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2767&sftb=2767&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1052&isuiabvms=1052&isgmpims=963&isgmv4dpims=1839&ispmxpms=1839&engalms=37&engscrlms=291&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&cbust=1622830830265141 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1421.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:29 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type image/png Access-Control-Allow-Origin https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 98 Expires 6/3/2021 6:20:30 PM
GET H2	200	dc_oe=ChMI4LmQ9Mv-8AIVhJN3Ch05aAhVEAAYACCh47dEQhMIis3s88v-8AIVdFblCh389wyY;met=1;&timestamp=1622830830306;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame DD6B	42 B 498 B	184ms 78ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4LmQ9Mv-8AIVhJN3Ch05aAhVEAAYACCh47dEQhMIis3s88v-8AIVdFblCh389wyY;met=1;&timestamp=1622830830306;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://77332029d40b19173c60075a7282735d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:30 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	event.png tps20227.doubleverify.com/ Frame C5A4	67 B 491 B	37ms 37ms	Ping image/png	213.254.244.26 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://tps20227.doubleverify.com/event.png?impid=ae90af8ba0b7432c8c27ade7c84fa46a&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=7&ismms=17&isumms=16&isvelg=1&nvr=6&elmtp=3&isbxdms=2616&b0=100&b7=695&b11=2035&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2830&sftb=2830&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1038&isuiabvms=1038&ispmxpms=1617&engalms=16&engscrlms=310&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&cbust=1622830830327510 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1421.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:29 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type image/png Access-Control-Allow-Origin https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 98 Expires 6/3/2021 6:20:30 PM
GET H3-29	200	dc_oe=ChMI26Cg9Mv-8AIVE4WDBx3uQQAqEAAYACCh47dEQhMIg7b_88v-8AIVstC7CB2u9glr;met=1;&timestamp=1622830831011;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame CB5A	42 B 63 B	157ms 87ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI26Cg9Mv-8AIVE4WDBx3uQQAqEAAYACCh47dEQhMIg7b_88v-8AIVstC7CB2u9glr;met=1;&timestamp=1622830831011;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://20c472f625ff6e8964ff6c0ed5463ac6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:31 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	dc_oe=ChMIjJ7C9Mv-8AIVCca7CB0k_ADaEAAYACC0wYc-QhMI5pSP9Mv-8AIVzeK7CB0ksQSS;met=1;&timestamp=1622830832205;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame AE04	42 B 63 B	77ms 77ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjJ7C9Mv-8AIVCca7CB0k_ADaEAAYACC0wYc-QhMI5pSP9Mv-8AIVzeK7CB0ksQSS;met=1;&timestamp=1622830832205;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://7aae371941a1209e0280c27855099906.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:32 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	event.png tps20236.doubleverify.com/ Frame 33C2	67 B 491 B	35ms 34ms	Ping image/png	213.254.244.26 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://tps20236.doubleverify.com/event.png?impid=52b7b24ae3054539bcf79a172d8cd5cc&gdpr=&gdpr_consent=&mascid=kpinkme9rnjfey8jjwv59i2wj23f531w&dvp_masver=1421&eoid=8&cbust=1622830832368854 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1421.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:32 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type image/png Access-Control-Allow-Origin https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 98 Expires 6/3/2021 6:20:32 PM
POST H/1.1	200 OK	event.png tps20227.doubleverify.com/ Frame C5A4	67 B 491 B	40ms 39ms	Ping image/png	213.254.244.26 GTT-BACKBONE GTT
General Check archive.org Show headers Download Go to Full URL https://tps20227.doubleverify.com/event.png?impid=ae90af8ba0b7432c8c27ade7c84fa46a&gdpr=&gdpr_consent=&mascid=kpinknxgc8eogqwlgolhduohb07a6zj3&dvp_masver=1421&eoid=8&cbust=1622830832431441 Requested by Host: cdn.doubleverify.com URL: https://cdn.doubleverify.com/dv-measurements1421.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.254.244.26 , United States, ASN3257 (GTT-BACKBONE GTT, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a Request headers Referer https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 04 Jun 2021 18:20:31 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 Vary Accept-Encoding Content-Type image/png Access-Control-Allow-Origin https://b10a3032a19bfdc7c80fa9441a717201.safeframe.googlesyndication.com Cache-Control max-age=0 Access-Control-Allow-Credentials true Content-Length 98 Expires 6/3/2021 6:20:32 PM
GET H3-29	200	dc_oe=ChMI25bT9Mv-8AIV8Ma7CB20-gH5EAAYACC0wYc-QhMIouyR9Mv-8AIVyeG7CB3H3wJ4;met=1;&timestamp=1622830832946;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame BE94	42 B 63 B	76ms 75ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI25bT9Mv-8AIV8Ma7CB20-gH5EAAYACC0wYc-QhMIouyR9Mv-8AIVyeG7CB3H3wJ4;met=1;&timestamp=1622830832946;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://b60a2a404c5cd9eb3de7d1ecc8bc66cb.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:32 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	dc_oe=ChMIo5fu9Mv-8AIVSgCLCh1VWwePEAAYACC0wYc-QhMI8a679Mv-8AIVUcq7CB35gghk;met=1;&timestamp=1622830833372;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame F343	42 B 63 B	82ms 81ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo5fu9Mv-8AIVSgCLCh1VWwePEAAYACC0wYc-QhMI8a679Mv-8AIVUcq7CB35gghk;met=1;&timestamp=1622830833372;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c894b4ab3847cd49a8fae0b7bf4e61f3.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	dc_oe=ChMIv_b19Mv-8AIV6oaDBx2zjA5dEAAYACCdv4c-QhMImoC_9Mv-8AIV9tC7CB0Xkgel;met=1;&timestamp=1622830833672;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame DE48	42 B 63 B	75ms 75ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv_b19Mv-8AIV6oaDBx2zjA5dEAAYACCdv4c-QhMImoC_9Mv-8AIV9tC7CB0Xkgel;met=1;&timestamp=1622830833672;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ef7317d347d08e67490f0a2be62e4120.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	dc_oe=ChMIza2I9cv-8AIVwVTlCh0t7QDqEAAYACC0wYc-QhMIwZrV9Mv-8AIVAkrlCh1KIwXU;met=1;&timestamp=1622830834234;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame C99C	42 B 63 B	82ms 81ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIza2I9cv-8AIVwVTlCh0t7QDqEAAYACC0wYc-QhMIwZrV9Mv-8AIVAkrlCh1KIwXU;met=1;&timestamp=1622830834234;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6bb203646e7254e0ea0132eb6c889690.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:34 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dc_oe=ChMIvZLD9cv-8AIVSgCLCh1VWwePEAAYACC0wYc-QhMIp7j_9Mv-8AIVxA2LCh2EJASa;met=1;&timestamp=1622830835566;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame 8BBD	42 B 107 B	82ms 82ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIvZLD9cv-8AIVSgCLCh1VWwePEAAYACC0wYc-QhMIp7j_9Mv-8AIVxA2LCh2EJASa;met=1;&timestamp=1622830835566;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://a048a1f6f856a2d8df1659f3b49ff0e7.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	dc_oe=ChMIp6Xk9cv-8AIVhJN3Ch05aAhVEAAYACC3wYc-QhMI8sCV9cv-8AIVf4KDBx1TwwdL;met=1;&timestamp=1622830836087;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; ade.googlesyndication.com/ddm/activity/ Frame CD14	42 B 63 B	75ms 75ms	Image image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIp6Xk9cv-8AIVhJN3Ch05aAhVEAAYACC3wYc-QhMI8sCV9cv-8AIVf4KDBx1TwwdL;met=1;&timestamp=1622830836087;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://4bbe1d887b53a97f6a9d2db5185caa1e.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 04 Jun 2021 18:20:36 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT